270 IBM Midrange System Storage Hardware Guide
The array is now secured, as indicated by the padlock in a locked position, as shown in
Figure 5-11.
Figure 5-11 Array is now secured with Disk Security enabled
5.4 Additional secure disk functions
In the following sections, we discuss the following functions:
Changing the security key
Saving the security key file
Secure disk erase
FDE drive status
Hot spare drives
5.4.1 Changing the security key
The security key can be changed if the details of the existing key be corrupted or the pass
phrase forgotten, provided that there are no outstanding Secure Disk communications
between the FDE drives and Disk Encryption Manager (for example, if a disk is in a “locked”
state). Because the disk encryption key never leaves the disk, you might want to periodically
change the encryption key, the way a user might periodically change the administrative
password to an operating system. This depends on the organization’s security guidelines.
The process to change the security key is very similar to that of creating it initially. To change
the key, select, in the top left hand corner of the Storage Manager menu, Storage
Subsystem Drive Security Change Security Key.
To Next Page
Loading...
Need help?
General