ITHELP-BOCS
asked on
Backup Exec; Encrypt media to prevent unauthorized access if it is lost or stolen?
Running Backup Exec V9.1 Small Business Suite on Microsoft Small Business Server 2003 and considering options to encrypt media to prevent unauthorized access if it is lost or stolen becuase it is taken off-site.
Features currently in use include;
File System (data only)
Exchange Information Stores & Mailboxes
System State
Features not in use;
SQL Server
Intelligent Disaster Recovery
Remote Agents
There is only 1 domain controller!
Is it possible to acheive this through Backup Exec or would we be looking at EFS?
If so how is Backup Exec configured?
What precautions need to be taken to ensure a successful restoration of the back up data on to a new server after complete loss of the existing one?
Any help most appreciated!
Neil
Features currently in use include;
File System (data only)
Exchange Information Stores & Mailboxes
System State
Features not in use;
SQL Server
Intelligent Disaster Recovery
Remote Agents
There is only 1 domain controller!
Is it possible to acheive this through Backup Exec or would we be looking at EFS?
If so how is Backup Exec configured?
What precautions need to be taken to ensure a successful restoration of the back up data on to a new server after complete loss of the existing one?
Any help most appreciated!
Neil
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
From memory, though, that doesn't encrypt the tape data?
No, that's why I added "if that's secure enough for you".
I couldn't remember if BE 9.1 encrypted or not and I was too lazy to google it...
:-)
:-)
And I mainly wanted to point out that the remote agent was needed to backup exchange...
:-)
:-)
ASKER
I would prefer not to buy any additional hardware or software and am looking for a solution using what we already have; Small Business Server 2003 , Veritas Backup Exec V9.1 and a Dell PowerVault 110T VS160 DLT drive.
Is the answer that BE V9.1 doesn't have functionality to encrypt the media?
Is using EFS in Windows Server 2003 an options?
Thanks for your help.
Neil
Is the answer that BE V9.1 doesn't have functionality to encrypt the media?
Is using EFS in Windows Server 2003 an options?
Thanks for your help.
Neil
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Rindi,
OK, thanks for the advice about the remote agant for Exchange.
What does "Password Protect Media" option in BE actually do? My understanding is that it's meant to prevent accidental overwritting of the media and not unauthorized access?
Also, with regard to backing up Exchange / using EFS on Exchange files - even if the EDB's, STM's and LOG's are encrypted, will this prevent access to when the data has been restored to another server because, my understanding is that BE doesn't backup the files like that, rather it extracts the information and backs it up in it's own format (especially in regard to Exchange Mailboxes brick level backup).
Any more advice appreciated.
Neil
OK, thanks for the advice about the remote agant for Exchange.
What does "Password Protect Media" option in BE actually do? My understanding is that it's meant to prevent accidental overwritting of the media and not unauthorized access?
Also, with regard to backing up Exchange / using EFS on Exchange files - even if the EDB's, STM's and LOG's are encrypted, will this prevent access to when the data has been restored to another server because, my understanding is that BE doesn't backup the files like that, rather it extracts the information and backs it up in it's own format (especially in regard to Exchange Mailboxes brick level backup).
Any more advice appreciated.
Neil
It'll require you to enter the password when restoring data. I'm not very sue about how encryption works within exchange, but it should also work with encryption keys, so as long as these keys are kept separate from the backup itself you should be safe.
Have you though of keeping the tapes in a bank's safe? This should reduce the chance of theft to a minimum.
Have you though of keeping the tapes in a bank's safe? This should reduce the chance of theft to a minimum.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You do need the remote agent running on the server in order to make a backup of exchange, even if exchange is running on the same server!