SC3020 new purchase needs encryption keys

Hello, 

FYI:  You created this in the Equallogic SAN forum, not the SC one. 

However, I happen to know the answer.  Other than the qualified 3rd party Key Managers there are no supported options.  Even if theoretically another one worked today you can't be sure that down the road that a SCOS update isn't going to break that.  In which case your data is no longer accessible. 

 With RAIDed storage you would have to steal the entire enclosure with controllers to get access to the data.  Especially in configurations with multiple storage tiers that's much more difficult. 

 There is also file level encryption for many OSs.   The SED drive is most effective in JBOD conflagrations where simple access to the drive will allow data access.   

 Regards, 

Don 

Hello, 

 I understand your frustration.  While TPM H/W might not cost much, the development cost to make it work with SCOS would be significant. 

 But let's look at what it would take to get data off a "drive"   if they stole a single physical hard drive it would do them no good.  Data is spread out across multiple drives. 

So you need everything. Chassis and controllers, shelves, cables, etc..   But in order to access a LUN you have to be connected to the designated server. If not just connecting up a server isn't going to help.  So you also need the login credentials for the array to allow you to change the server info to the new one. 

 So that's several road blocks already.  If you also encrypt the filesystem then even if they have all that they will be stuck.  Plus of course controlling physical access to the arrays as well. 

  Regards, 

Don