Jump to content

Password-protected backup set security


Recommended Posts

I'm doing an informal security audit of a client (Retrospect any many other items). They currently do not password protect backup sets, which is something that will change. They are likely moving towards a hard drive backup, using the File method (multiple backup sets per drive).

 

One question - how secure is a password-protected backup set? If the password is lost, is it something EMC could conceivably recover? Have there been any verified reports of password-protected file backup sets being compromised? (Other than obvious issues such as guessing the password or using the backup station where the backup admin has selected to save the password for all operations. But this would include any cracks of Retrospect's preference file, where passwords can be stored.)

 

The passwords would be saved in Retrospect for automated actions only. The backup administrator should NOT be able to access data without manually entering the password to the backup set.

 

Thanks,

 

Mitch

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...