Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


11:30 AM

ISCorp Augments Security

Backup services specialist ISCorp eyes new customers after deploying Decru

For many firms, security hardware is simply a necessary, and often expensive evil, although on-demand backup specialist ISCorp is looking for some major new revenue thanks to a big security overhaul.

Last year the Milwaukee, Wis.-based firm rolled out Decru encryption devices as part of an effort to lock down corporate data. Nothing unusual there, perhaps, although ISCorp's CTO Scott Rodenhuis sees things a little differently. "It's going to help us bring in $1 million in new business this year [by] giving customers an additional level of security for disk and tape-based backup," he says.

ISCorp is competing with some big names, including IBM Global Services and Pfizer, which offers on-demand services via a partnership with virtualization specialist Cassatt. (See Suppliers Serve Virtualization.) "Having that security makes our clients more confident and helps drive sales," explains Rodenhuis, adding that ISCorp can now send encrypted tapes to its offsite vaults.

ISCorp, which provides data processing, sales performance and ERP on-demand services to around 500 customers, including seven of the top 10 financial firms, realized some time ago that it needed to bolster its own security story. (See On the Brink of Storage Disaster, Chase Trashes Tapes, A Tale of Lost Tapes, and Top Tips for Compliance .)

The firm stores 50 Tbytes of customer information across two Fibre Channel data centers kitted out with EMC Clariion SANs, Sun tape libraries, and Compellent replication software.

Amongst this infrastructure, Rodenhuis and his team identified tape as ISCorp's Achilles' heel after meeting with clients last year. "It wasn't a single event," that prompted closer scrutiny of tape usage, he explains. "It was our communication with some of our end-clients and finding out what they needed."

Just over a year ago Rodenhuis started to check out his encryption options, before eventually settling on Decru's DataFort FC525s. (See Quantum, Decru Hook Up.) Last October, after six weeks of testing and evaluation, the CTO deployed two DataForts in a cluster at ISCorp's primary data center in Milwaukee.

The DataForts sits on the SAN fabric at the Milwaukee data center, encrypting data before it is sent off to disk and tape-based storage. ISCorp also installed a third DataFort at the firm's secondary data center at Brookfield in the suburbs of Milwaukee.

Prior to deploying the DataForts, Rodenhuis and his team also looked at Neoscale's CryptoStor device, although the exec told Byte & Switch that Decru beat its rival on cost. "We got a deal [with Decru], there was some negotiation," says the CTO, somewhat mysteriously, although he would not say how much he paid. Pricing for Decru's DataFort appliances starts at around $30,000.

Rodenhuis also considered a software-based approach, scoping out Oracle, which offers its own database encryption software.

The problem with the Oracle solution, according to the CTO, was that it was limited to Oracle databases and the exec admits that he had some performance concerns. "The encryption and decryption of data, if is contained on the database, has to be performed by the same CPUs that are running the database," he explains. "That means that you have more overhead on the database server."

Despite opening the door to additional revenues, Rodenhuis still wants Decru to improve its story with regard to the likes of Symantec and Legato. "The one thing that I have asked them for is tighter integration with some of the backup software," he says, explaining that this would give better control of encrypted data and the keys associated with it.

At the moment, Rodenhuis can create keys for certain devices, but not for actual files, a feature which Decru only offers on its NAS-based encryption products. (See File Security Gets All Cryptic.)

The exec is also wondering how he can tie the PGP encryption software that secures data on one of ISCorp's financial services to the DataFort devices. "It could be useful to have an agent or something that would allow you to have a secure key management system," he says.

Despite both NeoScale and Decru opening up the APIs on their encryption products, other users have already voiced their desire to see more work done in this area. (See Regulus, Multivendor Management Locked Up, Security Smorgasbord on Show, and All Keyed Up With NeoScale.)

— James Rogers, Senior Editor Byte and Switch

  • Cassatt Corp.
  • Decru Inc.
  • IBM Global Services
  • NeoScale Systems Inc.
  • Oracle Corp. (Nasdaq: ORCL)
  • PGP Corp.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Inside the Ransomware Campaigns Targeting Exchange Servers
    Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
    Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
    Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
    Register for Dark Reading Newsletters
    White Papers
    Current Issue
    2021 Top Enterprise IT Trends
    We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
    Flash Poll
    How Enterprises are Developing Secure Applications
    How Enterprises are Developing Secure Applications
    Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2021-04-15
    An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to messages sent by outgoing webhooks to private streams meant that an outgoing webhook bot could be used to send messages to private streams that the user was not intended to be able to send messages to.
    PUBLISHED: 2021-04-15
    An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the can_forge_sender permission (previously is_api_super_user) resulted in users with this permission being able to send messages appearing as if sent by a system bot, including to other organizations hosted by the sa...
    PUBLISHED: 2021-04-15
    An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the all_public_streams API feature resulted in guest users being able to receive message traffic to public streams that should have been only accessible to members of the organization.
    PUBLISHED: 2021-04-15
    In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.
    PUBLISHED: 2021-04-15
    The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attackers to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting (XSS) vulnerability caused ...