Many people want to be famous, but nobody wants to hit the headlines in an incident resulting in the theft or misuse of their employees’ or clients’ confidential data. While the necessity of securing the confidentiality, integrity, and availability of the enterprise’s servers and data is well-known and understood, the backup server is often overlooked in the security planning. This is very regrettable, because the backup server infrastructure stores copies of all the enterprise’s most important data, often going back years. Valuable data is often copied to tape and transported off-site. These tape cartridges are highly portable and hence potentially vulnerable to loss or theft. Knowing all this, the backup server and its infrastructure could represent a highly attractive target of unauthorized access from either inside or outside your data center. How secure are your backup server and its disk arrays? Do you know where each and every one of your backup tapes is located - right now?
This IBM Redbooks publication will take you through the various security features of Tivoli Storage Manager and show you how to use them, together with best practice principles, to design, implement, and administer a more secure backup management environment. We will cover passwords, administrative levels of control, the vital role of encryption, and procedures for managing off-site data, among other topics.
This IBM Redbooks publication is targeted at experienced Tivoli Storage Manager administrators - we assume a good knowledge of how Tivoli Storage Manager works, how to install it, and how to administer it. You can use the publications listed in the Bibliography as background reading, particularly IBM Tivoli Storage Management Concepts, SG24-4877, and IBM Tivoli Storage Manager Implementation Guide, SG24-5416.
Table of contents
Chapter 1. Introduction
Part 1. Tivoli Storage Manager client considerations
Chapter 2. Client sessions
Chapter 3. Client files and services management
Chapter 4. Securing the client
Part 2. Encryption
Chapter 5. Client data encryption
Chapter 6. TS1120 tape encryption
Part 3. Tivoli Storage Manager server considerations
Chapter 7. Server administration
Chapter 8. Storage pool considerations
Chapter 9. Deployment in a network secured environment
Chapter 10. Protecting the server
Part 4. Recovery scenarios and summarized guidelines
Chapter 11. Providing a secure disaster recovery environment
Chapter 12. Recovery and prevention of security breaches or data loss
Chapter 13. Guidelines for audits