Disaster Recovery Site ConsiderationsIf you plan to use a disaster recovery (DR) site, the Encryption Key Managerprovides a number of options to enable that site to read and write encrypted tapes.These are:v Create a duplicate Encryption Key Manager at the DR site.Set up a duplicate Encryption Key Manager at the DR site with the sameinformation as your local Encryption Key Manager (configuration file, tape drivetable, key groups XML file, and keystore). This key manager would then be inplace and capable of taking over for one of your existing production keymanagers to read and write encrypted tapes.v Create a backup copy of the three Encryption Key Manager data files to be ableto recover as needed.If you create a current copy of the four data elements needed by the EncryptionKey Manager (configuration file, tape drive table, key groups XML file, andkeystore) then you would be able to start a key manager at any time to act as aduplicate at the DR site. (Remember that you should not use the Encryption KeyManager to encrypt the copies of these files as you would not be able to decryptit without a functioning key manager). If your DR site uses different tape drivesfrom your primary site, the configuration file and tape drive table must containthe correct information for the DR site.Considerations for Sharing Encrypted Tapes OffsiteNote: It is important to verify the validity of any certificate received from abusiness partner by checking the chain of trust of such a certificate back tothe Certificate Authority (CA) that ultimately signed it. If you trust the CA,then you can trust that certificate. Alternately, the validity of a certificate canbe verified if it was securely guarded in transit. Failure to verify acertificate’s validity in one of these ways may open the door to a“Man-in-the-Middle” attack.Sharing LTO 4 and LTO 5 TapeIn order to share encrypted data on an LTO 4 or LTO 5 tape, a copy of thesymmetric key used to encrypt the data on the tape must be made available to theother organization to enable them to read the tape. In order for the symmetric keyto be shared, the other organization must share their public key with you. Thispublic key will be used to wrap the symmetric key when it is exported from theEncryption Key Manager keystore using keytool (see “Exporting Data Keys Using==Key StoreDrive TableConfig FileKey GroupsKey StoreDrive TableConfig FileKey Groupsa14m0255=PrimaryEncryptionKey ManagerSecondaryEncryptionKey ManagerTape LibraryATape LibraryBTape LibraryCFigure 2-6. Two Servers with Different Configurations Accessing the Same DevicesChapter 2. Planning Your Encryption Key Manager Environment 2-9||||||