begin quoting John H. Robinson, IV as of Wed, Oct 04, 2006 at 10:29:45AM -0700: > Andrew Lentvorski wrote: > > > > Backup tapes are probably the only stuff that absolutely *demands* > > encryption. > > This is generally considered a bad idea. If you lose the encryption > keys, your backups are now completely useless. If you lost your > decryption software; your backups are entirely useless. The delay in > gettng the decryption system running, the keys out of their sage storage > is time lost in recovery. In some cases, this is multiple millions of > dollars. > > While encryption can keep the bad guys out, it can also prevent > legitimate access. Is this what you want to base your disaster recovery > around?
System backups shouldn't be encrypted, data backups should, especially when it's sensitive data. So your OS, applications, encryption software, etc. shouldn't be encrypted, but your database backups probably should be. Of course, you shouldn't need to back up the former nearly as often as you do the latter. -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
