If you are planning to use ADE, then please *plan*. As David says, a strategy to manage encryption keys is absolutely necessary, and planning for worst-case scenarios is recommended.
1) Backups - how (and where) do you manage keys.. Do you keep the keys with the data (as an example)? 2) If you needed to retrieve data in 7 years time (e.g. a tax audit) - would you know all the keys - and the passwords - used 7 years ago? 3) Would your successors in the Company know how to obtain - and use - those same keys and passwords? 4) Is it so easy that anyone stealing a backup tape would have the keys and passwords as well? 5) What is the backup / archive strategy when individual keys and/or passwords are added or changed at a point in time? 6) Fully test any DR scenario - use observers from outside the immediate I.T. team to "keep it honest": *** Freshly change encryption keys on a file that day - after the last backup - before the failure Is simulated *** Simulate loss of the current system hardware (e.g., fire or flood) *** Simulate loss of key staff - forget what you know. *** Use different hardware - with no previous user IDs created *** Ignore all previous knowledge of keys, passwords and procedures - only work from routinely secured media and stored documentation *** Fresh installation of UniVerse or UniData *** Document every step followed so the post-mortem can check this was an honest test 7) Run a post mortem - use the observers to help appraise the results. *** Did it work? *** Was it TOO easy to unlock data? *** Was it too difficult / time consuming? 8) Run the application(s) and exercise all the files after recovery 9) Re-run the scenario until it works flawlessly 10) Repeat at regular intervals - e.g. annually. Why be so careful? Unlike "file corruption" (for example) - restore from backup ALONE may not be a solution. It is possible to have your data and for it to still be "beyond use". You don't need to feel concerned about using ADE - it has been fairly hammered in a number of scenarios as the consequences of a serious issue are well appreciated. You DO need to plan and be extra careful. Check for any specific advice, issues or notices as a matter of routine diligence. Regards JayJay _______________________________________________ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users
