Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Security

Created: 19 Oct 2011 • Updated: 27 Oct 2011 | 1 comment
Vinothkumar's picture
0 Agree
4 Disagree
-4 4 Votes
Login to vote

Hi Team,

Just an idea from me might be helpful for the end users who really worried about data security

No matter wherever we perform the backup (Disk, Tape, VTL,...Etc..) If someone  knows how to do the restore they can perform the restore and they can steal the data. Rather how about an idea just setting up a "Password" before starting the restore ?

When we read about this idea "Encryption" will come in perception , but all we knows about the disadvantages

http://www.symantec.com/business/support/index?page=content&id=TECH83239

It clearly tells about the risk factor and there is lot more disadvantages

 

- If you forget your passphrase and/or keyfile then there is almost no chance of recovering your data.

- Some forms of encryption only offer nominal protection and can be broken easily with the right program e.g an older ZIP archive or Word Document.

- Some encryption programs are too complicated for the everyday user and they may end up using them incorrectly. This could lead to securing data which they did not wish to encrypt or failing to encode data which they did wish to protect.

- The very existence of encryption programs or encrypted files will attract suspicion as to what it is you are trying to protect whereas a non-encrypted system would not attract the same level of interest.

- With reference to the above point, in certain countries such as the UK, Police can use legislation to compel you to reveal passwords to encrypted data. You could face jail time if you failed to comply.

- Certain types of encryption software are banned in some countries. For example, US versions of the program PGP cannot be exported outside the country.

- As Encryption protects your personal data e.g bank details, love letters etc. it also protects drug dealers who make deals from having their messages intercepted, terrorists planning attacks and paedophiles peddling child pornography.

 Encryption is the one all the users afraid of it and  most of the users use encryption rarely.

 We do have the encryption level at the storgae level(detinations) but what is the security level from our side

Scenario: 

If we are performing the tape backup

At the time of the backup need setup a password (Should be a common password for all the tapes) and at the time of the restore the same password needs to be provided. To avoid the risks in the encryption we can have the password which is shared between the back up operators,others wont be able to steal the same.

That might be helpful ,, we need to think this idea from the end user perspective who is really need a simple security which will protect the backup sets.

Thanks and Regards

Vinothkumar.R

An !! idea !! can change your Lifesmiley

 

 

 

 

 

 

Comments 1 CommentJump to latest comment

CraigV's picture

Hi,

The same can be said for a password to be supplied:

1. If the user who maintains the passwords hasn't given it to someone else, and that user dies, you're unable to restore data.

2. If you maintain the passwords in an unencrypted file and a hacker/someone else with malicious intent gets hold of it, that's it...they have access to do what they want, including restoring data and taking it away with them.

Encryption at least allows a better way of storing an encryption key. If you've encrypted the backup, I'd hope an admin would be clever enough to know the pitfalls.

 

Thanks!

Alternative ways to access Backup Exec Technical Support:

https://www-secure.symantec.com/connect/blogs/alte...

+1
Login to vote