What is the point of ENABLECLIENTENCRYPTKEY option?

Mita201

Mita201

ADSM.ORG Senior Member
Joined
Apr 20, 2006
Messages
601
Reaction score
31
Points
0
Location
Beograd, Serbia
Hi,
I am wondering of what is the practical use of having backups encrypted on TSM server and let TSM server itself manage keys?
There is an option ENABLECLIENTENCRYPTKEY, that you can use with BA clients and API clients (it is only available option for ISP for Databases, SQL and Oracle) so backups are encrypted on client side, but backup and the keys resides on TSM server.
If I have encrypted backup I would like to have keys stored separately from backup, or at least passphrase for the key.
I see no point of having them "in same basket".
Anyone thinks differently?
 
I don't want to worry about managing keys so I let TSM do it for me. No Key Manager system to install, manage, maintain, etc.
 
But what is the point of client side encryption if it is completely transparent to a client? With BA client you may manage passphrase of the key, so one can't access backuped data without knowing it, on another "evil" node. With API clients and this option - encryption is completely pointless.
 
You must log in or register to reply here.

Data Privacy Impact Assessment

Compliance Assurance in Every Byte: Discover the Impact of Our DPIA Services.

Sponsor ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

Navigation Menu

Forums
   IBM TSM
   EMC Backup and Recovery
   Symantec NetBackup  
   SAN  
   NAS
   Platforms / OS
Mailing List Archives
   ADSM-L
User Groups

NordVPN 3 Months FREE

Help Support ADSM.ORG and Get NordVPN with 64% Off and 3 Months FREE.

NordVPN with 64% off + 3 months FREE

Forum statistics

Threads
31,968
Messages
135,434
Members
21,947
Latest member
dylbrawn
Back
Top