Re: [ADSM-L] tape encryption in TSM environment
2011-06-13 15:59:04
Someone here is not willing to bet his career on the reliability of a TSM
server managed encryption key. He reasons that if a key is lost on the TSM
server side of backups, the data could not be recovered, and we would be
accountable. If a client admin loses an encryption key, he is accountable. So
we do not use drive-based encryption, and tell our customers to use
client-based encryption, specifying 'encryptkey save'.
I cannot guarantee that TSM will never lose an application managed encryption
key. Am I missing something?
With my thanks,
Keith Arbogast
|
|
|