beautypg.com

When should i use encryption, How do i enable encryption, When will i be asked to enter the key – HP StoreEver DAT Tape Drives User Manual

Page 51: What happens if i don't remember the key, 51 how do i enable encryption, 51 when will i be asked to enter the key, 51 what happens if i don't remember the key

background image

When should I use encryption?

Your company policy will determine when you need to use encryption. For example, it may be
mandatory for company confidential and financial data, but not for personal data. Company policy
will also define how encryption keys should be generated and managed. Backup applications that
support encryption will generate a key for you or allow you to enter a key manually.

NOTE:

Encryption with keys that are generated directly from passwords or passphrases may be less secure
than encryption using truly random keys. Your application should explain the options and methods
that are available. Please refer to your application's user documentation for more information.

How do I enable encryption?

Hardware encryption is turned off by default and is switched on by settings in your backup application,
where you also generate and supply the encryption key. Your backup application must support
hardware encryption for this feature to work. The software supplied with the tape drive provides this
support. See

http://www.hp.com/go/connect

for an up-to-date list of other suitable backup software.

When will I be asked to enter the key?

Encryption is primarily designed to protect the media once it is offline and to prevent it being accessed
from another machine. Often, you will be able to read and append the encrypted media without
being prompted for a key as long as it is being accessed by the machine and application that first
encrypted it. However, this depends entirely on the backup application and its Key Management
capabilities.

There are two main instances when you must know the key:

If you try to import the media to another machine or another instance of the backup application

If you are recovering your system after a disaster

What happens if I don't remember the key?

If you are unable to supply the key when requested to do so, neither you nor Technical Support will
be able to access the encrypted data.

This guarantees the security of your data, but also means that you must be careful in the management
of the encryption key used to generate the tape. It is very important to back up the backup application's
key storage to prevent data loss. The tape drive itself clears keys on power cycles and numerous other
backup application defined events.

WARNING!

You should keep a record or backup of your encryption keys and store them in a secure place separate
from the computer running the backup software.
Not even data recovery services will be able to recover encrypted data without the key!

DAT SAS Tape Drives

51