HP this week is unveiling add-ons for its storage products that enable automated encryption of data stored on tape drives and virtual tape libraries.
The company is adding encryption support for its MDS 9000 family with what it calls the HP C-Series MDS Storage Media Encryption (SME) fabric switch.
"This is symmetric-key encryption," says Gary Lefkowitz, director of the HP Secure Advantage division. "You can create a key per tape, while inserting controls as a way to protect resources."
Beyond HP, other makers of tape libraries (such as IBM and Spectra Logic) are adding encryption to their products, says Deni Connor, analyst at Austin, Texas-based Storage Strategies Now. "Regulations are calling for it, and managers should consider it essential," she says.
The MDS 9222i switch with SME is available now, priced at US$83,500.
In addition, HP has developed an encryption add-on kit that lets small-to-midsize businesses protect data stored by the HP 1/8 G2 Tape Autoloader and MSL Tape Libraries with LTO-4 tape technology. The HP StorageWorks 1/8 G2 & MSL LTO-4 Encryption Kit generates and retains encryption keys; it is expected to be available in June, priced at US$2,500.
HP also has added an appliance that stores records about encryption-key use to its HP Compliance Log Warehouse (CLW) for LTO-4 enterprise tape libraries. The CLW, which generates reports for audit-trail purposes through a central log collection and retention method, now stores information about encryption-key use through a dedicated key-management appliance called HP StorageWorks Secure Key Manager.
The Secure Key Manager costs US$100,000; the CLW starts at less than US$125,000. Both are available.
HP also is making available an online tool called Storage Security Assessment, which lets customers gauge storage and security needs through a question-and-answer evaluation. HP's Consulting & Integration Security and Risk Management Practice developed the tool.
In other security news from HP, the company says its HP-UX 11i operating system has received the Common Criteria certification for the EAL4 assurance level, related to the controlled-access and role-based access-control protection profiles.
Common Criteria is an international product-evaluation and certification program supported by about two dozen countries and under which products are tested in certified laboratories to determine whether they meet a range of predefined security criteria and perform as anticipated.