You must configure Tivoli® Storage
Manager so that
data identified as sensitive is stored only in storage pools that
will enforce shredding after that data is deleted.
Procedure
Complete the following steps to set up your shredding
configuration:
- Specify that you want data to be shredded either automatically
after it is deleted or manually by an administrator. You can specify
how shredding is to be done by setting the SHREDDING server
option.
shredding automatic
You
can also set the shredding option dynamically by using the SETOPT command.
- Set up one or more random access disk storage pool hierarchies
that will enforce shredding and specify how many times the data is
to be overwritten after deletion. For example,
define stgpool shred2 disk shred=5
define stgpool shred1 disk nextstgpool=shred2 shred=5
- Define volumes to those pools, and specify disks for which
write caching can be disabled.
define volume shred1
/var/storage/bf.dsm formatsize=100
define volume shred2
/var/storage/bg.dsm formatsize=100
define volume shred1 j:\storage\bf.dsm formatsize=100
define volume shred2 m:\storage\bg.dsm formatsize=100
- Define and activate a policy for the sensitive data. The
policy will bind the data to a management class whose copy groups
specify shred storage pools.
define domain shreddom
define policyset shreddom shredpol
define mgmtclass shreddom shredpol shredclass
define copygroup shreddom shredpol shredclass type=backup
destination=shred1
define copygroup shreddom shredpol shredclass type=archive
destination=shred1
activate policyset shreddom shredpol
- Identify those client nodes whose data should be shredded
after deletion, and assign them to the new domain.
update node engineering12 domain=shreddom
Results
If you have specified manual shredding with the SHREDDING server
option, you can start the shredding process by issuing the SHRED
DATA command. This command lets you specify how long the
process will run before it is canceled and how the process responds
to an I/O error during shredding. For objects that cannot be shredded,
the server reports each object.
Note: If you specify manual shredding,
run the SHRED DATA command regularly, at least
as often as you perform other routine server-maintenance tasks (for
example, expiration, reclamation, and so on). Doing so can prevent
performance degradation of certain server processes (in particular,
migration). For best results, run SHRED DATA after
any operation (for example, expiration and migration) that deletes
files from a shred pool.
To see the status and amount of
data waiting to be shredded, you can issue the
QUERY SHREDSTATUS command.
The server reports a summary of the number and size of objects waiting
to be shredded. To display detailed information about data shredding
on the server, issuing the following command:
query shredstatus format=detailed
Figure 1 displays a detailed report
for the storage pool.
Figure 1. Querying
shredding statusShredding Objects Occupied Data left
Active Awaiting Space to shred
Shred (MB) (MB)
--------- -------- -------- ----------
NO 4 182 364
When data shredding completes, a message is issued that reports
the amount of data that was successfully shredded and the amount of
data that was skipped, if any.