Know your gear
Data at Rest Encryption provides hardware-based, on-array, back-end encryption for Symmetrix systems. Back-end encryption protects your information from unauthorized access when drives arc removed from the system. Data at Rest Encryption provides encryption on the back end using Fiber Channel I/O modules. These modules encrypt and decrypt data as it is being written to or read from a drive. All configured drives arc encrypted, including data drives, spares, and drives with no provisioned volumes. With Data at Rest Encryption, keys are self-managed, and there is no need to replicate keys across volume snapshots or remote sites. By securing data on enterprise storage, Data at Rest Encryption ensures that the potential exposure of sensitive data on discarded, misplaced, or stolen media is reduced or eliminated. As long as the key used to encrypt the data is secured, encrypted data cannot be read. In addition to protecting against threats related to physical removal of media, this also means that media can readil