This content has been marked as final. Show 5 replies
make the backup software an excluded task in the EEFF policy - then it will only ever see the encrypted data.
thanks for your reply.
i am working with neil on this stuff.
we have the following setup in our test environment
1) One windows machine acting as a safeboot server.
2) One windows machine acting as a backup server with backup software (Netvault) installed.
3) One windows machine with safeboot installed and client of backup software installed.
4) One bare windows machine with just client of backup software installed.
5) One more windows machine with safeboot installed and client of backup software installed.
i) We encrypted a folder on the safeboot machine (step 3 abv).
ii) We started backup of the encrypted folder from the backup server.
iii) The safeboot client machine (on step 3 abv) gives a pop-up asking for username and password of the group member who has access to the encrypted folder.
iv) Once entered correctly backup process completes successfully on the backup server.
v) when the question of restoring the backup from backup server comes, we face the following issue.
a) When the backup is restored on a machine (be it machine 3 or 5, encryption of the folder remains intact, and it behaves the way it should.
b) But when we restore the folder from the backup server to machine 4 (one without safeboot client) the folder is restored without encryption. ie. all and sundry can open it.
Is this normal? i feel that the backup of the encrypted folder takes place without encrption, and may be some properties of the encryption algorithm are embedded in the folder. refer (step a)
hope this is clear.
the folder is getting decrypted before the backup task sees it - so the backup is in plain text. It's not encrypted on your backup server.
if you want that to be the case, make a task exclusion as I previously mentioned so the backup task sees the encrypted data, not the plain text version.
we will check this when we get to office on Monday.
we knew the backup was being taken in unencrypted format. we didnt know about the EEFF policy.
we tried the exclusion policy but the backup software only takes the backup of the folder and not the contents inside the encrypted folder.