From: Arnold K. <ar...@ar...> - 2012-05-18 11:00:54
|
On Thursday 17 May 2012 15:46:26 John Hutchinson wrote: > ok That answers my question. The issue is that we are looking at > backing up clients machines and my boss wanted to be able to tell them > that even we can not see their files. I did not think it was possible > but thought it was worth asking. Encrypting the data on the client side has several consequences: - BackupPC is really good with de-duplication. The same file stored on several clients in several backups only takes up the space one time in the pool. With client-side encryption, this would be deactivated half-way as only the same file from the same client could be de-duplicated. - Client-side encryption also enforces client-side decryption. Loose the key on the client (because you lost the client) and you also loose all the data. This pretty much counters the whole purpose of a backup. Yes, your clients have to trust you regarding the backup. But they (hopefully) already trust you with their system-administration. And it will be easier for them to trust you with the backup while all is well, then trusting you in that you can restore at least some of their data from their fried disk using a clean-room and an oscilloscope. And they should trust you with their backup instead of trusting a thieve to return the data... What we do: - Encrypt the disk backuppc runs on, that helps when someone steals the disk/machine. - Secure our systems, that helps when someone enter the network. - Write gpg-encrypted tars to tape/nas. Helps when someone steals the media. Have fun, Arnold |