After decades of experience supporting the Datacenter environment, TAS has concluded that one of the most important and often overlooked processes in the tape world is performing audits.   The ramifications of lost or missing tapes not only financially justifies the growing need for audit services, but also the responsibility to protect both corporate customers and shareholders.

 

 

Potential Costs Associated with Data Breaches Resulting from Tape Loss

 

Number of lost records resulting from a tape loss.

Potential cost at 2008 estimate of $202 per record*

2,000,000

$404,000,000

 

 

 

It’s an unfortunate fact that a can of tuna is inventoried and tracked far better than backup tapes in corporate tape libraries. As a shareholder or board member of any corporation, one would expect that tapes containing customer information, personnel files, financial data and vital records would be independently audited on a quarterly or annual basis. Regrettably, an astoundingly large number of the largest US companies do not conduct independent audits of their tape libraries.  The common practice of spot-checking a handful of tapes does not mitigate any risk, it only provides a false sense of security.
 

 


Can you afford to lose even one tape?

 

Media Type

Amount of Data

 Real Life Application
LTO-6 3200GB 1/3 of the entire collection of the U. S. Library of Congress.
LTO-5 1600GB 75,000 trees made into paper and printed.
DLT-S4 800 GB All the X-ray films in a large technological hospital.
LTO-3 400 GB 4 library floors of academic journals.
3592 300GB 15 copies of the works of Beethoven.
LTO-2 200 GB 200 pickup trucks filled with paper.
LTO-1 100 GB 1,000 meters of shelved books.

3590J

40GB

 50 copies of the human genome.

9840

20GB

 360 hours of MP3 music.

 

As shown above, with current technology, some tapes can contain an astronomical amount of data. With this vast amount of your financial and corporate information residing on each tapes, how can you afford not to know where every tape is?

 

 


The first step in assessing corporate risk is to ask your data processing manager to submit the last independent tape library audit report.  Keep in mind that this should take into account EVERY tape, not just a spot-check or small sample.  Also be aware that offsite vendors should not be considered an independent auditor, since they have a vested interest in not exposing problems.  

 

 

If you didn't get the response you were expecting, follow the links to see how Tape Audit Solutions performs a tape library audit and contact us to help eliminate your risk and protect your corporation.

 

 

*Source: Enterprise Strategy Group Whitepaper, Enterprise Tape Backup Encryption Requirements for the Banking Industry

*Source: http://www.privacyrights.org/ar/ChronDataBreaches.htm#CP

*Source: Ponemon 2008 Annual Study: Cost of a Data Breach