As organizations learn to store and mine into the vast repositories of data generated by them and exploit the potential of information therein, they also grapple with growing data storage needs and fears of data loss. It is therefore, no wonder that at the core of most data storage and security considerations is a need to identify storage and compression challenges and to address them effectively.
Stored Data Encryption Challenges
While there are several types of encryption methodologies to choose from, the type of encryption methodology that is best suited to the business will be determinant upon the type storage application in use and the needs of the business. All encryption methodologies that are used in conjunction with data storage applications are measured in two dimensions—strength and speed.
The strength of the encryption and decryption algorithm is often impacted by the raison de etre of stored information—random access. No algorithm that prevents or undermines random access will be acceptable. Therefore, encryption algorithms for storage must ensure that each block of information is decipherable as a stand alone entity. However, on the flip side of this requirement, is the fact that this, makes the algorithm extremely weak and vulnerable and deciphering a single block will enable unauthorized entities to decipher other blocks at will.
The speed of encryption and decryption is impacted by factors and variables of the cryptographic system. Different cipher modes; coordination and initialization vectors and salt values used to modify the encryption method have a bearing on the speed of the process. While stream cipher modes encode data one bit at a time, the block cipher mode encodes one block at a time and is much slower in execution than the former.
Storage overheads too, have a bearing on the amount of encryption and the type of encryption that can be applied to stored data. Most often data on a storage disk is packed to full capacity. Additional data storage pertaining to the algorithm may require offloading of data from the disk or copying the data to a larger capacity disk before encryption.
Stored Data Compression Challenges
Compression ratio, throughput, captive endpoints, standardized software/hardware compatibility and compression sans data loss are some of the major challenges that have to be taken up when an enterprise considers data compression for storage. In offline compression and data storage, software based data compression which consumes greater CPU power is not a major issue. A number of new challenges are thrown up when data compression needs to be applied to online storage. Software based compression cannot achieve the kind of latency that these applications require.
Moreover, data compression poses its own unique challenges:
- The compression ratio is unpredictable and sensitive to data pattern. The size of the compressed data can even grow, given highly-incompressible source data.
- There is a need to keep compression and encryption functions close together to avoid repeated performance-degrading system-bus crossings, but they have different placement needs.
- As encryption randomizes patterns, encrypted data cannot be compressed. Hence where both encryption and compression are required, compression must precede encryption.
- Data transformations due to encryption or compression (which change data size) creates a wrinkle in the architecture of the storage stack especially where data is stored in fixed physical block of specified size.
From the discussion above, it is clear that one of the greatest ironies of storage technology is the inverse relationship between efficiency and security. Adding performance, security and reducing storage requirements is a challenge. While compressing data is good economics, securing data is a sign of business intelligence. One cannot be sacrificed for the other in the long run. The good news is that the growing demand for encrypted/compressed storage has focused industry attention on urgently finding the solution to the paradox. Perhaps the gestation period will not be long.
SecurStore provides a bespoke offsite backup solutioncatered for customers who have both mission critical data and non-critical data, i.e., it provides customers with a secure & efficient backup and recovery solution which is sustainable over time. This coupled with agentless technology and advanced support for all environments and applications makes it suitable for any type of business, data centre provider or reseller.