Brian Westerman wrote: >….The advent of VTS systems made all of those problems ( which are >real and happen all the time), dissolve, and you would be creating >them all over again.
Radoslaw Skorupka wrote: >Now the advantage, which can be considered HUGE: tapes can be moved. >Easily moved. Single case may contain ~500TB of uncompressed data, >~1.5PB compressed (before encryption). Regular passenger car can move >multiple petabytes of data, secured with encryption. It is low profile, >it can be hidden, moved to a vault, the place can be changed anytime, no >infrastructure is needed, just closed room, etc. >Maybe it sounds ridiculous, but it is not, when a war is just abroad. >And yes, we have no war in Poland, but many organisations implemented >such tape vault. Where? Usually the address is known for very few >employees. However I'm pretty sure it is on the West, many times abroad. >An address or addresses. FWIW I’m sympathetic to both sets of arguments. Fortunately there are lots of storage options — including “small” physical tape options (Feature Code 5995!) — to address a wide range of concerns. “One size does not fit all.” Not long ago I worked with a customer in a developing country that incorporated physical tape in their storage architecture because it makes sense for them. I informally dubbed their data backup/vaulting process "ScooterNet." Because that’s what they do, or are supposed to do anyway: backup their data at least once per day to encrypted tape (2 copies/2 sets of cartridges), load each tape set in the backpack of a scooter driver (with staggered appointments), and then one scooter driver rides to their alternate data center and the other rides to a data-only vault at a third site. With periodic checks to make sure the tapes are received, logged, and readable. Loop, repeat. It’s the most effective and discrete way to move lots of data in their operating environment. I’ve also worked with another customer in a developed country that currently doesn’t use any physical tape, but they have a third “data only” site with periodic IBM SafeGuarded Copies taken there. In the unlikely event they lose both their “full” data centers they’ll be offline for a while, but at least they’ll have a backup. In their environment and for their customers it all makes perfect sense because they have relatively small amounts of “lively” data that must be extremely well protected. Ongoing data access is reasonably important, but data integrity and preservation are much more important for them. So a “2-and-a-half site” approach is a good fit. And I can think of a third customer that couldn’t afford really anything except a remote physical tape library with WORM tape. If (when?) they lose their primary data center they’d be in a world of hurt. But at least they’d have a backup, and several days later (after scrambling to find an emergency server, etc.) they’d start to come back online. That might be called a “1-and-a-half site” approach. Not great, but at least it’s better than 1. In all these cases data immutability is important. That is, they don’t want any malware or other rogue act to destroy or tamper with their backup data. There are several options to render data immutable (albeit still destructible if you’re nefarious and get access to the physical storage media): 1. Writing to a tape cartridge, then physically disconnecting that tape cartridge (ejecting it) and storing it somewhere safe. 2. Writing to a WORM tape cartridge, optionally ejected. 3. Writing to Logical WORM virtual tape storage, a feature provided with the IBM TS7700 virtual tape libraries. 4. Writing to IBM DS8000 enterprise storage, then taking an IBM SafeGuarded Copy of those volumes. 5. Writing to cloud object storage that is technically rendered immutable in some reasonable way(s). IBM Z, IBM DS8000, and IBM TS7700 all support cloud object storage “backends” when suitably configured. Note that “cloud” can mean private cloud (on-premises), public commercial cloud, or some combination. In all these cases you’d presumably maintain at least 2 copies in 2 physically separate locations to mitigate the risk of single site destruction. See the “2 scooter method” above as one example. Storage devices may or may not be physically located near the servers they serve. In all these cases — especially (but not only) the physical tape cartridge cases since tape cartridges are expressly designed to walk — strong encryption on the storage media is important. And that means protecting private encryption keys, of course. ————— Timothy Sipples Senior Architect Digital Assets, Industry Solutions, and Cybersecurity IBM Z/LinuxONE, Asia-Pacific sipp...@sg.ibm.com ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
