|
Re: [BackupPC-users] encrypted pc and pool directory
2012-05-18 07:31:00
I agree with the data de-duplication issues mentioned. This is one of BackupPC's strongest features and defeating this option will seriously reduce the attraction of the software.
On the other hand, ignoring the encryption requirement, how does the conversion form "pull" to "push" backups as was described (proposed?) sound to be able to provide an offsite data backup service? What about the potential challenges to the client web access under the current model if the backup server is located remotely to the client?
Gerry George
On Fri, May 18, 2012 at 7:00 AM, Arnold Krille <arnold AT arnoldarts DOT de> wrote:
On Thursday 17 May 2012 15:46:26 John Hutchinson wrote:
> ok That answers my question. The issue is that we are looking at
> backing up clients machines and my boss wanted to be able to tell them
> that even we can not see their files. I did not think it was possible
> but thought it was worth asking.
Encrypting the data on the client side has several consequences:
- BackupPC is really good with de-duplication. The same file stored on several
clients in several backups only takes up the space one time in the pool. With
client-side encryption, this would be deactivated half-way as only the same
file from the same client could be de-duplicated.
- Client-side encryption also enforces client-side decryption. Loose the key
on the client (because you lost the client) and you also loose all the data.
This pretty much counters the whole purpose of a backup.
Yes, your clients have to trust you regarding the backup. But they (hopefully)
already trust you with their system-administration.
And it will be easier for them to trust you with the backup while all is well,
then trusting you in that you can restore at least some of their data from
their fried disk using a clean-room and an oscilloscope.
And they should trust you with their backup instead of trusting a thieve to
return the data...
What we do:
- Encrypt the disk backuppc runs on, that helps when someone steals the
disk/machine.
- Secure our systems, that helps when someone enter the network.
- Write gpg-encrypted tars to tape/nas. Helps when someone steals the media.
Have fun,
Arnold
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [BackupPC-users] encrypted pc and pool directory, (continued)
- Re: [BackupPC-users] encrypted pc and pool directory, Jeffrey J. Kosowsky
- Re: [BackupPC-users] encrypted pc and pool directory, Gerry George
- Re: [BackupPC-users] encrypted pc and pool directory, Jeffrey J. Kosowsky
- Re: [BackupPC-users] encrypted pc and pool directory, Adam Goryachev
- Re: [BackupPC-users] encrypted pc and pool directory, Carl Wilhelm Soderstrom
- Re: [BackupPC-users] encrypted pc and pool directory, Les Mikesell
- Re: [BackupPC-users] encrypted pc and pool directory, Arnold Krille
- Re: [BackupPC-users] encrypted pc and pool directory,
Gerry George <=
- Re: [BackupPC-users] encrypted pc and pool directory, Les Mikesell
|
|
|
