Encrypting Backup Data is Not Just for Online Backup

I have noticed that when data encryption is mentioned about backup data, it is almost always in the context of online backup. It is quite obvious that backup data needs to be encrypted when it is transmitted over a network. But it doesn't seem to be so obvious that a tape with the same backup data needs to be encrypted when it is stored offsite. I am quite sure that the backup tape is the bigger risk. There have been many more security breaches involving lost and mishandled backup tapes than breaches involving online backup.

Every online backup service that I am aware of encrypts backup data during transmission and most of them store the data in encrypted form. Some backup services are more secure than others, and few online backup services do an excellent job of securing data.

Most modern tape backup systems also provide encryption technology, but the encryption is not used in the majority of cases. I think there are two reasons for this: 1) some don't think encryption is needed for tapes, and 2) some IT operations just haven't updated their processes yet. As for the first reason; a tape being handed over to courier that makes stops all over town before delivering your tape to a storage location, is at least as vulnerable as data being transmitted over the Internet. For the IT shops that haven't updated their procedures; all it takes is to designate an IT professional as responsible for implementing the encryption that is already part of the backup software. There is a relatively minor upfront cost in terms of someone's time to get the encryption turned on, tested, and procedures documented, but after the initial hit, there is no additional cost.

Even if backup media is not being stored offsite, it should be encrypted. How many times have you heard about a diskette, hard-drive, or tape being lost or stolen that contains sensitive information. Encryption is for every backup job. Don't wait until sensitive data is compromised.

Broadband and Online Backup

The availability of broadband Internet service to the majority of US homes and businesses brings with it the availability of online backup services. The fact that broadband, whether cable or DSL, usually provides much more bandwidth in the downloading direction than uploading actually is ideal for backing up files over the Internet. At first glance one might think that the relatively slow upload speeds would cause backups to be too slow. The slower upload speed mostly affects the initial backup rather than periodic backups after the initial backup. Good online backup services do a nice job of minimizing the amount of data that needs to be transmitted to the backup service through compression and only backing up changes.

While your initial backup may take a while, it is usually not performed under an 'urgent' situation. When data is lost the situation tends to become more urgent, and fortunately the high broadband download speeds are available to restore data. Read more at Data Backup and Recovery.

Is Online Backup Risky?

Ever search the Internet for information on a particular topic and find a lot of worthless noise? Happens to me all the time. The bigger problem is when people with little or no knowledge of a subject pipe up and post in online forums as if they are experts. Sometimes they have just enough knowledge (or BS) to sound like they know something. Unsuspecting searchers find this garbage and think it is correct. In most cases the dumb-@$$ poster actually thinks he is smart and everyone should know what he knows.

I was researching data backup methods when I ran across a posting where someone was thinking about using an online backup service. One of these dumb-@$$ posters who thinks they know what's best posted a reply, something the effect that online backup is risky and not secure. I bet that dumb-@$$ poster hardly ever back's up his own data, and when he does, he probably does not encrypt the data and probably stores it in the same room with his computer.

The fact is online backup is usually safer than other forms of backup for a number of reasons. It is actually more secure than other media because it is almost always encrypted and furthermore it is always off site where it is safely out of reach of any disaster that would destroy your computer and your backup media that is stored in the same location. So don't believe the mis-informed, un-informed, or otherwise dumb-@$$ 's; online backup is probably your best choice and is far less risky than most other methods. Just do your homework and choose a good provider. You can find a lot of good information about online backup at the Data Backup and Recovery site.