>4 - The security team brought an interesting question to my attention. Is
>the data that we send offsite, via copy pool, encrypted to where someone
>could not just take the tape and view the data. My thoughts are that the
>data is encrypted and cannot be recovered without the TSM database and in
>order to restore the TSM database to another server, I would think there is
>some sort of security there.
Terry - Here's what we've learned thus far about this general subject,
as accumulated in my notes at http://people.bu.edu/rbs/ADSM.QuickFacts:
Security in *SM First, *SM was not designed for
physically insecure environments.
Userid/Password: Rather rudimentary, in
that there is no distinction between
upper and lower case. But it uses a
"double-handshake" authentication
process that's pretty robust and
relatively tough to crack.
Tapes: They are in proprietary,
undefined format, with no customer tools
for directly interpreting them.
Richard
