Basically regular amanda is not particularly safe.
There are at several questions to ask, surely more:

a) Can an unauthorized party ask a client for a backup?  Amanda uses
"BSD" security, which means "just like rsh and rlogin", trusting the
IP address and perhaps DNS if names are in .amandahosts.  This is just
plain lame in 2005.

Recent 2.4.4 has kerberos 4 support you can use instead.  This is only
DES, which is lame but not quite as lame.  It's hard to configure if
you don't already understand kerberos.

Firewalls etc. can help here.

b) Can an unauthorized party who obtains the traffic to the authorized
backup server recover the bits?  The default is not to encrypt this
channel.

With krb support, you can add the 'kencrypt' option, which encrypts
(again single DES).

c) If someone gets the tapes, can they get the bits?

Usually you want the answer to be yes.  But some use gpg to encrypt
the backups.  This mitigates a and b, making them attacks to obtain
the ciphertext.  But if you lose the keys, you lose.

d) Can an unauthorized party ask the server to retrieve backups?

I'm not the least bit comfortable with this; I don't run the recover
or indexing daemons.

There are surely other issues (are there any buffer overflows?), but
these you should consider.

-- 
        Greg Troxel <gdt AT ir.bbn DOT com>