The following best practices can ensure smooth operations when you administer software encryption:

• Create strong pass phrases by doing the following:

  • Use more than the minimum number of characters that are required.

  • Use a combination of upper- and lower-case letters, numbers, and special characters.

  • Avoid literary quotations in pass phrases.

  • Keep your pass phrases secure.

• Run Backup Exec Services in FIPS mode and use 256-bit AES encryption to be FIPS compliant.

  This option is available at Tools > Options > Network and Security. It is called Use FIPS 140-2 compliant software encryption.

• Use software compression with encryption if the data must be compressed.

• Avoid using hardware compression with software encryption.

• If you do not use software encryption when you back up data to a backup-to-disk folder, use File System encryption to prevent unauthorized access.

• Use the same encryption key for all of the templates in a synthetic backup policy.