Around the Storage Block
Showing results for 
Search instead for 
Did you mean: 

Do you have the right keys to data security?


Mark.jpgBy Mark Fleischhauer, HP StoreEver Tape Storage Solutions Engineering Manager


Securing your data with open standards—and where tape belongs in the mix


Coming in first is a great feeling. I’m sure each of us can remember a time when we came in first and what itTrophy.jpeg felt like, whether it was for winning the championship baseball game, winning a race, or being the last one standing in the school spelling bee. Recently, the HP StoreEver MSL6480 Tape Library became the first tape library to achieve the Storage Networking Industry Association (SNIA) verification of conformance to the KMIP standard (v1.0, 1.1 and 1.2). This means that if you’re an MSL6480 customer, you can implement encryption in the MSL6480 knowing that you have the flexibility to work with a wide variety of KMIP-verified key management solutions. Let’s take a closer look at KMIP and encryption—and what this means to you and your data.


Secure data and key management

DataKeys.jpegMany industries are required to encrypt their data for regulatory requirements like financial institutions; however, you may choose to do so for your own purposes. For example, data or content may be the product you sell like the recipe to a new cutting-edge pharmaceutical drug or even an epic adventure film. In each case, encrypting the data is only the first step in protecting data from being accessed from unauthorized users. You need to manage all the keys that get created during the encryption process and you need a solution that can manage lots of them for a long period of time. Just think if each day you drove a different car to work but you had to first find the right set of keys. I have problems finding the keys to one car let alone millions of cars.To solve this problem, key management solutions were introduced to help manage all the keys that were needed, such as the ESKM 4.0 KMIP Key Server from HP. Like the ESKM, these solutions not only manage the car keys but can also manage house keys, gate keys and any other key that you need. The house and the car come from two different vendors, so how do we ensure that we can exchange keys in a standard method? Keep reading.


What is KMIP?

KMIP stands for Key Management Interoperability Protocol (now you know why we just call it “KMIP”). KMIP is an industry-standard protocol that defines the language for encryption devices to exchange keys in a secure manner which means products that follow the KMIP standard can share keys. This open standard gives you greater choice points for building secure storage solutions, whether you are storing house keys, car keys, or both. The KMIP specification was developed by OASIS, a consortium for development of open standards formed by a conglomeration of industry participants that have a vested interest in encryption and interoperability between products. In order to ensure that the KMIP specification is followed, SNIA, in cooperation with OASIS, has developed a set of testing tools and utilities in order to exercise the KMIP device for adherence to the KMIP specification. You can submit your company’s products to SNIA for testing to ensure that they confirm to the KMIP standards.


Why MSL6480 is first

The HP StoreEver MSL6480 Tape Library successfully passed the testing as defined by SNIA MSL.jpgandis the first tape library to achieve this level of KMIP compliance verification. While KMIP compliance verification is an important achievement to recognize, it’s important to understand the development work that went into the MSL6480 tape library and the other security-related features built in to the tape library solution. This library also supports a FIPS 140-2 compliant operating mode with both LTO-5 and LTO-6 drives for added security and protection.


If data security is a top concern for your business, then the MSL6480 tape library should be considered as you make your choice for a secure, reliable long-term storage solution for your critical data. For key management, the ESKM 4.0 KMIP server is a great addition giving you a complete solution—and it’s all from HP.


Learn more

Blog: The increasing cost of data breaches drive demand for StoreEver tape encryption solutions


More resources:

HP StoreEver Tape

Enterprise Secure Key Manager

StoreEver supported Encryption Key Managers

0 Kudos
About the Author


Our team of Hewlett Packard Enterprise storage experts helps you to dive deep into relevant infrastructure topics.