Apply Backup Encryption

By default, the Backup Service uses AES-256 server-side encryption for storage devices, preventing unauthorized access outside the server. This document describes how to apply customer-side AES-256 encryption to a protection plan using a password.

Prerequisites:

  • Make sure that your browser allows popups.

  • Only contract owners, administrators, or users with the Create Backup Units privilege can manage Backup Units.

Opening the Backup Console

In the DCD, go to Menu > Storage and select the required Backup Unit in Backups:

Use the Backup Console dropdown to select a Backup Unit and open the Backup Console popup.

Encrypting backups

Backup encryption can be enabled only during creation of the new protection plan.

  1. Navigate to MANAGEMENT > Protection plans.

  2. Click on the + Create Plan in the right pan.

  3. Click on the Specify password link in the Encryption section.

Enable Specify password in the Encryption section
  1. Enter a strong encryption password and confirm it to ensure there are no typos. Make sure to store this password securely, as it will be required to restore the backups.

  2. Configure any additional settings for your protection plan.

  3. Assign this protection plan to your devices.

Result: The backups are encrypted with the specified password, ensuring that the data is secure and can only be restored using this password.

Note: Backup agents on your devices encrypt data locally before sending it to the Backup Service. If you lose your encryption password, you won't be able to restore your data. Store this password securely.

Last updated

Revision created

commented latest release