DISUK launched iSecure smart card management for its Paranoia2 and SafeTape in-line encryption devices that keep vital backup data secure and compliant with standards such as the Payment Card Industry Data Security Standard (PCI DSS). Security managers can now remotely manage units at unmanned disaster recovery data centres and restore encryption keys for backup data without having to go to the site.
Operations staff may be given appropriate levels of access authority at each site in order to restore data quickly should a disaster happen.
Designed to fit the distinct roles of security and operations in the day-to-day management of encrypted backup data, iSecure offers key generation, management and entry; selection of encryption modes; selection of secure and non-secure modes; engineering functions and full audit logging and reporting.
DISUK’s in-line encryption uses a unique user encryption key and also a unique hardware encryption key on the processor, so that even if someone attempted to read a tape on another unit, it will be unreadable.
However, for disaster recovery scenarios, where another unit is kept at your DR supplier’s site or unmanned secondary data centre, a spare chip is provided and iSecure will allow managers to re-enter the keys over a secure link in order to read the data, negating the need to ship keys.
The iSecure product includes security management for creating, tailoring and deletion of smart cards and an operations management package for control and remote monitoring of DISUK’s Paranoia2 and SafeTape in-line encryption via the smart card system. Keys, encryption methodology and passwords generated by security department are loaded on to Paranoia2 or SafeTape unit via a set of smart card keys, at no time is the information visible to operations staff. Each user can only access functions according to their job role for example if they are an operator, the only information they may see