Once upon a time I used to take tapes home, but it has been many years. The reasons not to do it are all as you say.
I now have two sites within walking distance where I store backup tapes. There are several buildings at the Gull Lake site of the Kellogg Biological Station, and some of them have equipment closets to which access is reasonably well controlled. I use two of those. Each has a lockable cabinet in which I store tapes. That plus a cabinet in the room where the backup system resides makes three locations. So January monthly backups go to one of them, February ones to a 2nd, March ones to a 3rd, April to the 1st, and so on to the end of the year.
I also designate one of these locations for the 1st weekly backup of a month, and another for the 2nd weekly backup of a month. But I'm less than faithful about getting those weekly full backup tapes to their designated locations. I don't bother taking daily incremental backups to other locations.
The key to making this work was having them within walking distance. I had been looking for such locations for a long time, but everything we came up with was too inconvenient. I knew that moving tapes to inconvenient locations just wouldn't happen. When we renovated two of our buildings, adding equipment closets and cabling them properly for ethernet, I finally had my locations.
Someone suggested that new buildings on the main campus have vaults for data. No matter how good an idea that may be, be prepared to have to work hard to get it. You have to fight architects (and their clients) every step of the way to get adequate equipment closets. Architects don't get their strokes by putting square footage for such mundane things into buildings. At least I haven't yet encountered any who sell themselves and their ideas on that basis. Our physical plant people tell me it's the same struggle in getting adequate space for their mechanical rooms. Somewhere along the way the plans for the building will grow bigger than the budget, and before it's put out for bids the architects and your bosses will be looking for things to trim. Guess who is going to be invited to the chopping block?
Someday I want to have backup systems in these other equipment closets so I can send copies of our backups there by fiber. Tape drives in those locations will still require frequent personal attention, of course.
John Gorentz
W.K. Kellogg Biological Station
---------- Original Message ----------------------------------
From: "Michael S. Surato" <[log in to unmask]>
Reply-To: "Michael S. Surato" <[log in to unmask]>
Date: Thu, 14 Dec 2006 16:09:56 -0500
>This is turning into a very fascinating conversation! If I could
>summarize what I have found so far there seem to be 3 possible locations
>for off site backups:
>1. Another unit on campus
>2. A service that stores tapes for money
>3. At home
>
>The argument against another unit on campus are that it is still on
>campus. So this would help if your building burns down, but not against
>campus-wide failures. The argument for another unit is that
>transportation of data is very secure (you carry it) and that it can be
>accessed by appropriate people on short notice. It is also very cheap.
>
>The argument that has been said against a service is that it costs
>money. What is not said is that you had your tape to a stranger. Yes you
>have paid the service money, and yes the service has signed the NDA.
>However, the disgruntled employee of that service has physical access to
>that tape for a week. If they were to restore the data to a machine and
>then hand you the tape when you come for it, you may not realize that
>the data was compromised. A rare chance for sure, but possible. The
>argument for the service is that you can blame someone else for security
>breaches related to tape storage (see
>http://money.cnn.com/2005/06/06/news/fortune500/security_citigroup/).
>
>Much more has been said regarding taking tapes home. However, the
>reasons against boil down to:
>1. It could be stolen from your home. This could result in many possible
>outcomes including you have to take full responsibility for the cost of
>the breach.
>
>2. Your home is not staffed by professionals. This means that people in
>your home may not realize what they are dealing with and may
>damage/lose/give away the tapes without meaning to do so.
>
>3. Loss of access by MSU. If the tape is not clearly linked to MSU your
>family may not voluntarily give the tape to MSU. This would cost
>time/money/possibly credibility.
>
>4. Blame/Credibility. There is no one to blame for problems except for
>the employee. This may cause MSU to lose credibility and
>trustworthiness.
>
>The advantage is that you know where the tape is and it is cheap.
>
>In all of the arguments there are champions for each argument. It often
>boils down to what is required. For example HIPPA is very particular
>about what is stored, where, and who has access. This would probably
>eliminate the "at home" option.
>
>In the far recesses of my memory I seem to recall a conversation similar
>to this several years ago. During that conversation another option was
>offered. That option would be to use an Extension office (specifically
>the Ingham county office in Mason) for a tape repository or a hot backup
>site for central services. Does anyone else remember this option, and if
>so, was there any result of these discussions?
>
>+-------------------------------------------+
>| Michael Surato |
>| College of Arts and Letters |
>| Michigan State University |
>| 320 Linton Hall |
>| East Lansing, MI 48824 |
>| Voice: (517) 353-0778 Fax: (517) 355-0159 |
>+-------------------------------------------+
>-----Original Message-----
>From: MSU Network Administrators Group [mailto:[log in to unmask]] On
>Behalf Of Thomas P. Carter
>Sent: Thursday, December 14, 2006 3:35 PM
>To: [log in to unmask]
>Subject: Re: [MSUNAG] off site backups
>
>To this I will also add that a determined cracker with access to
>encrypted stolen tapes could eventually be successful cracking the
>encryption.
>
>-----Original Message-----
>From: MSU Network Administrators Group [mailto:[log in to unmask]] On
>Behalf Of Jeff Domeyer
>Sent: Thursday, December 14, 2006 2:55 PM
>To: [log in to unmask]
>Subject: Re: [MSUNAG] off site backups
>
>This is a means to shift responsibility from you to the service provider
>whose responsibility it is to protect the data.
>
>Other implications are the bad publicity that MSU would receive if they
>had to inform individuals that an employee stored their information at
>the employee's house, and it was compromised. If that situation arose
>with relation to a Bank, there would probably be heads rolling.
>
>As an exaggeration; if the data is public, or not sensitive in nature,
>then there probably wouldn't be a need for encrypting it. If you can
>store it in that fashion on a table on Grand River without supervision,
>then you might have an argument for taking it home.
>
>The thing to remember is that you have to transport that data to and
>from work, which isn't as secure as you might think your home is, but I
>might just be paranoid.
>
>It's all just about liability.
>
>-Jeff
>
>
>-----Original Message-----
>From: MSU Network Administrators Group [mailto:[log in to unmask]] On
>Behalf Of Michael S. Surato
>Sent: Thursday, December 14, 2006 1:06 PM
>To: [log in to unmask]
>Subject: Re: [MSUNAG] off site backups
>
>Just to play devil's advocate. What would be the problem of taking the
>backup tape home if the data was encrypted. While this adds the
>complexity of storing an offsite copy of the decryption key, it also
>solves the issue of stolen tapes/computers with sensitive data.
>
>+-------------------------------------------+
>| Michael Surato |
>| College of Arts and Letters |
>| Michigan State University |
>| 320 Linton Hall |
>| East Lansing, MI 48824 |
>| Voice: (517) 353-0778 Fax: (517) 355-0159 |
>+-------------------------------------------+
>-----Original Message-----
>From: MSU Network Administrators Group [mailto:[log in to unmask]] On
>Behalf Of Richard Wiggins
>Sent: Thursday, December 14, 2006 12:09 PM
>To: [log in to unmask]
>Subject: Re: [MSUNAG] off site backups
>
>I agree with Chris. Yesterday UCLA reported a break-in that exposed
>SSNs and other personal information for 800,000 people (which must
>included fac/staff/students/applicants for decades). That was a
>tightly-guarded server locked in a machine room on campus. And Boeing
>revealed that for the third time this year (!!!) a laptop with SSNs and
>other personal info was stolen, affecting 322,000 people. This was a
>direct violation of company policy.
>
>So I think a better statement would be that you shouldn't use home
>backup for systems that house confidential or sensitive information.
>And you should not carry around large datasets with personal information
>on laptops, thumb drives, or other portable devices.
>
>It might help if people thought of sensitive data as radioactive. You
>wouldn't carry radioactive materials in your car or to your house.
>
>/rich
>
>On 12/14/06, Chris Wolf <[log in to unmask]> wrote:
>> I'm not sure I see the problem with taking backups home for off-site
>> storage in some situations. It's not perfect, but it adds an enormous
>
>> amount of additional safety in a very cheap and convenient way. I have
>
>> even recommended that faculty keep one copy of their backup of their
>> office desktop computer at home. Regarding possible theft, faculty all
>
>> over campus take their university-owned portable computers containing
>> university data home (not to mention all over the world), and I would
>> say that a computer is much more likely to be stolen during a home
>> burglary (or from a traveler in an airport) than some tapes are.
>>
>> I agree that for AIS servers and other machines that have large
>> amounts of sensitive data, it's worthwhile to have a more secure
>> arrangement, but for many other situations in academic departments a
>> home is not a bad off-site location.
>>
>> > -----Original Message-----
>> > From: MSU Network Administrators Group [mailto:[log in to unmask]]
>> > On Behalf Of Peter J Murray
>> > Sent: Wednesday, December 13, 2006 4:24 PM
>> > To: [log in to unmask]
>> > Subject: [MSUNAG] off site backups
>> >
>> > What solutions are different units on campus using for 'off site'
>> > backup, or at least, backups in another building. Is there a
>> > service that ACNS or AIS provides for those of us who want to keep a
>
>> > redundant data source outside our building? Are system
>> > administrators taking home tapes with them for off site storage (and
>
>> > is that even allowed)? Does MSU have an agreement or preferred
>> > vendor for off site backup?
>> >
>>
>
________________________________________________________________
Sent via the WebMail system at mail.kbs.msu.edu
|