摘要 |
When removing an HDD, in which a failure has occurred, after the execution of hot swap in a storage apparatus having a stored data encryption function, an encryption key assigned to that HDD is shredded and thereby data in the HDD is automatically crypto-shredded; and after a new HDD is installed, data in a spare disk regarding which copy back to the new HDD is completed is automatically crypto-shredded and key generation for the spare disk is requested to a security administrator in preparation for the next hot swap. Then, with the storage apparatus which imports and uses an encryption key generated by an external key management server for encryption/decoding of stored data, the encryption key for the spare disk is imported from the external key management server in advance and the encryption key is prevented from the use other than the intended use in preparation for a case where the encryption key may not be imported due to a communication failure with the external key management server at the time of the hot swap, thereby causing a shortage of encryption keys.
|