RE: Tape Backup encryption -- MIDRANGE-L

<snip>

BRMS also encrypts all the tapes the same, whereas when the tape library

does it, each tape is encrypted >differently. That only matters if your
level of paranoia is quite high. (High paranoia is a good thing when it

comes to computer security)

Does that mean that all BRMS encrypted backup uses the same encryption keys?
If so, where does that key come from? If it comes from BRMS itself, what do
you do if it becomes corrupted? You can not restore it from backup since
they are encrypted. Or am I misunderstanding.
<//snip>

The key is kept in QUSRBRM library and yes it uses the same key for each
backup by partition. You set the key on each partition and the tapes are
encrypted accordingly. You must know the passphrase(key) to decrypt any
tapes. One of the things we do is put the appropriate files in a save
file and move that off the system for safe keeping in the event it's needed.
Poor man's SKLM if you will. Basically, the same as your TS3500 from that
perspective.

I agree encryption at the device is preferable, but not always achievable
within a budget and time constraints for an auditor. I can load the two
BRMS pieces, set up the encryption and prove it to the auditor in about 1
hour. And since the encryption is good enough for all but the most
paranoid, it's good for many customers. Many start there, then move to
device encryption.

--
Jim Oberholtzer
Agile Technology Architects

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.