Nothing at all. If it's a concern, then you can either use the TSM
client encryption, or some application-level encryption prior to TSM
reading it at all.
Of course, even with the data encrypted, the administrator could
compromise the system in other ways, such as deleting backups outright.
To some degree the administrator does have to be trusted, and if you
can't trust him/her then you need to find someone else to do backups.
--
-- Skylar Thompson (skylar2 AT u.washington DOT edu)
-- Genome Sciences Department, System Administrator
-- Foege Building S046, (206)-685-7354
-- University of Washington School of Medicine
On 10/25/11 01:07 PM, Keith Arbogast wrote:
This question came up again here. If a TSM admin with system authorization
knows the client password for a certain TSM node, what keeps him from restoring
files from that node to another server of his choosing?
Sorry to resuscitate this old horse.
With many thanks,
Keith
|