From: Gerry G. <geo...@gm...> - 2012-05-18 11:30:05
|
I agree with the data de-duplication issues mentioned. This is one of BackupPC's strongest features and defeating this option will seriously reduce the attraction of the software. On the other hand, ignoring the encryption requirement, how does the conversion form "pull" to "push" backups as was described (proposed?) sound to be able to provide an offsite data backup service? What about the potential challenges to the client web access under the current model if the backup server is located remotely to the client? Gerry George On Fri, May 18, 2012 at 7:00 AM, Arnold Krille <ar...@ar...> wrote: > On Thursday 17 May 2012 15:46:26 John Hutchinson wrote: > > ok That answers my question. The issue is that we are looking at > > backing up clients machines and my boss wanted to be able to tell them > > that even we can not see their files. I did not think it was possible > > but thought it was worth asking. > > Encrypting the data on the client side has several consequences: > - BackupPC is really good with de-duplication. The same file stored on > several > clients in several backups only takes up the space one time in the pool. > With > client-side encryption, this would be deactivated half-way as only the same > file from the same client could be de-duplicated. > - Client-side encryption also enforces client-side decryption. Loose the > key > on the client (because you lost the client) and you also loose all the > data. > This pretty much counters the whole purpose of a backup. > > Yes, your clients have to trust you regarding the backup. But they > (hopefully) > already trust you with their system-administration. > And it will be easier for them to trust you with the backup while all is > well, > then trusting you in that you can restore at least some of their data from > their fried disk using a clean-room and an oscilloscope. > And they should trust you with their backup instead of trusting a thieve to > return the data... > > What we do: > - Encrypt the disk backuppc runs on, that helps when someone steals the > disk/machine. > - Secure our systems, that helps when someone enter the network. > - Write gpg-encrypted tars to tape/nas. Helps when someone steals the > media. > > Have fun, > > Arnold > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > BackupPC-users mailing list > Bac...@li... > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: http://backuppc.wiki.sourceforge.net > Project: http://backuppc.sourceforge.net/ > |