Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


11:30 AM

ISCorp Augments Security

Backup services specialist ISCorp eyes new customers after deploying Decru

For many firms, security hardware is simply a necessary, and often expensive evil, although on-demand backup specialist ISCorp is looking for some major new revenue thanks to a big security overhaul.

Last year the Milwaukee, Wis.-based firm rolled out Decru encryption devices as part of an effort to lock down corporate data. Nothing unusual there, perhaps, although ISCorp's CTO Scott Rodenhuis sees things a little differently. "It's going to help us bring in $1 million in new business this year [by] giving customers an additional level of security for disk and tape-based backup," he says.

ISCorp is competing with some big names, including IBM Global Services and Pfizer, which offers on-demand services via a partnership with virtualization specialist Cassatt. (See Suppliers Serve Virtualization.) "Having that security makes our clients more confident and helps drive sales," explains Rodenhuis, adding that ISCorp can now send encrypted tapes to its offsite vaults.

ISCorp, which provides data processing, sales performance and ERP on-demand services to around 500 customers, including seven of the top 10 financial firms, realized some time ago that it needed to bolster its own security story. (See On the Brink of Storage Disaster, Chase Trashes Tapes, A Tale of Lost Tapes, and Top Tips for Compliance .)

The firm stores 50 Tbytes of customer information across two Fibre Channel data centers kitted out with EMC Clariion SANs, Sun tape libraries, and Compellent replication software.

Amongst this infrastructure, Rodenhuis and his team identified tape as ISCorp's Achilles' heel after meeting with clients last year. "It wasn't a single event," that prompted closer scrutiny of tape usage, he explains. "It was our communication with some of our end-clients and finding out what they needed."

Just over a year ago Rodenhuis started to check out his encryption options, before eventually settling on Decru's DataFort FC525s. (See Quantum, Decru Hook Up.) Last October, after six weeks of testing and evaluation, the CTO deployed two DataForts in a cluster at ISCorp's primary data center in Milwaukee.

The DataForts sits on the SAN fabric at the Milwaukee data center, encrypting data before it is sent off to disk and tape-based storage. ISCorp also installed a third DataFort at the firm's secondary data center at Brookfield in the suburbs of Milwaukee.

Prior to deploying the DataForts, Rodenhuis and his team also looked at Neoscale's CryptoStor device, although the exec told Byte & Switch that Decru beat its rival on cost. "We got a deal [with Decru], there was some negotiation," says the CTO, somewhat mysteriously, although he would not say how much he paid. Pricing for Decru's DataFort appliances starts at around $30,000.

Rodenhuis also considered a software-based approach, scoping out Oracle, which offers its own database encryption software.

The problem with the Oracle solution, according to the CTO, was that it was limited to Oracle databases and the exec admits that he had some performance concerns. "The encryption and decryption of data, if is contained on the database, has to be performed by the same CPUs that are running the database," he explains. "That means that you have more overhead on the database server."

Despite opening the door to additional revenues, Rodenhuis still wants Decru to improve its story with regard to the likes of Symantec and Legato. "The one thing that I have asked them for is tighter integration with some of the backup software," he says, explaining that this would give better control of encrypted data and the keys associated with it.

At the moment, Rodenhuis can create keys for certain devices, but not for actual files, a feature which Decru only offers on its NAS-based encryption products. (See File Security Gets All Cryptic.)

The exec is also wondering how he can tie the PGP encryption software that secures data on one of ISCorp's financial services to the DataFort devices. "It could be useful to have an agent or something that would allow you to have a secure key management system," he says.

Despite both NeoScale and Decru opening up the APIs on their encryption products, other users have already voiced their desire to see more work done in this area. (See Regulus, Multivendor Management Locked Up, Security Smorgasbord on Show, and All Keyed Up With NeoScale.)

— James Rogers, Senior Editor Byte and Switch

  • Cassatt Corp.
  • Decru Inc.
  • IBM Global Services
  • NeoScale Systems Inc.
  • Oracle Corp. (Nasdaq: ORCL)
  • PGP Corp.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 9/21/2020
    Hacking Yourself: Marie Moe and Pacemaker Security
    Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
    Startup Aims to Map and Track All the IT and Security Things
    Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
    Register for Dark Reading Newsletters
    White Papers
    Current Issue
    Special Report: Computing's New Normal
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    How IT Security Organizations are Attacking the Cybersecurity Problem
    How IT Security Organizations are Attacking the Cybersecurity Problem
    The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2020-09-23
    An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't be ...
    PUBLISHED: 2020-09-23
    In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms.
    PUBLISHED: 2020-09-23
    In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library c...
    PUBLISHED: 2020-09-23
    In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users.
    PUBLISHED: 2020-09-23
    In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection.