Instead, for each backup session a unique session symmetric encryption key is generated automatically and then stored in the backup file, encrypted with the backup encryption key. Those keys use mathematical symmetric cryptography and are not used to encrypt the data itself to avoid impacting backup performance. To enable encryption functionality, backup encryption keys have to be generated. Without the key used for encryption or access to the original Veeam Backup & Replication console itself, the backup files remain secure. On the other hand, if the backup files are encrypted, unauthorized users cannot access any data in the backups or even learn any critical information about the backup infrastructure, as even backup metadata is encrypted.
![veeam backup and replication user guide veeam backup and replication user guide](https://helpcenter.veeam.com/docs/backup/em/images/em_catalog_sync_schedule.png)
#Veeam backup and replication user guide install#
Without encryption enabled, these unauthorized persons could install their own copy of Veeam Backup & Replication and gain access to the stored backups easily. Because these drives are rotated offsite, they are at a higher risk of falling into the hands of an unauthorized person. Encryption does not prevent authorized Veeam users from being able to access data stored in backups.Īn example is the use of rotated drives for an offsite repository. Authorized users of the Veeam console do not need to know the password to restore data from encrypted backups. These settings protect data in case of an unauthorized user gaining access to backup files, e.g. This site uses Just the Docs, a documentation theme for Jekyll.īackup and Backup Copy Job Encryption What does it do?īackup and backup copy job encryption is designed to protect data at rest.
![veeam backup and replication user guide veeam backup and replication user guide](https://img.veeam.com/blog/wp-content/uploads/2017/01/05135927/instant_recovery_finalize.png)