Topic: Backup encryption / encrypt backup capability

[Bozely]

I have searched high and low in the documentation and forums and found a lack of any resources related to this subject at least in a SME.X environment. I am hoping the community can pitch in.   

Is there any guidance related to encrypting/securing backups so that should they enter the wrong hands they are of little consequence?

Thanks!

[CharlieBrady]

Is there any guidance related to encrypting/securing backups so that should they enter the wrong hands they are of little consequence?

Just don't allow it to happen. Treat your backups as precious data.

It is technically possible to encrypt backups, but in many cases doing so greatly increases the probability of data loss, which sorta defeats the purpose, doesn't it?

AFAIK, nobody has developed a contrib to encrypt backups on the fly (and decrypt them on the fly during restore).

[TerryF]

This contrib does the MySQL dbs only.. http://wiki.contribs.org/AutoMysqlBackup its not a part of the sme server backup system.

[janet]

Bozely

I do not know of this for a fact, but I assume this would be part of the file system that you are backing up to,
ie a share on the network would use an encrypted file system,
SME server backs up to the share,
if the share is physically removable, then you are carrying around an encrypted file system which unathorised people would not be able to access.

[Bozely]

Thanks all,

Just don't allow it to happen. Treat your backups as precious data.

While I'm old fashioned and would dig a hole in my garden and bury them in a safe, insurance requirements state we need to store our backups offsite. We do not have a second location so we are using a third party (who are very reputable), even so, we have some sceptical sorts who want every eventuality covered.

Perhaps preaching a little trust in your fellow man may be the way to go! 

It is technically possible to encrypt backups, but in many cases doing so greatly increases the probability of data loss, which sorta defeats the purpose, doesn't it?

Having had this difficulty in the past with restoring backups to different base systems, this is a good point, but if the trade off between security and reliability is an accepted risk by the admin/management then it would be nice to have the choice. It is also a feature of various other backup software I have come in to contact with in the past.

I assume this would be part of the file system that you are backing up to... ie a share on the network would use an encrypted file system

Thanks Janet, I will give this solution some thought and post back how we decide to move forward (if at all).

This contrib does the MySQL dbs only.. http://wiki.contribs.org/AutoMysqlBackup its not a part of the sme server backup system.

and thanks Terry, this was the one thing I had come across, although, as you rightly mention not a complete solution. For us the files are more critical.

One option may be to use a zero knowledge cloud offering such as Tresorit or SpiderOak and omit the files from the physical backups...

Comments welcome, thanks again.

[janet]

Bozely

Your answers made me think of Affa.
While not the exact answer to your original question, Affa can be used to backup over the net, via ssh using rsync, to a dedicated backup server at another location.
The connection between the servers is secure via ssh, so you can think about/deal with security issues (if you consider there are any) at the remote location. The server operating system is relatively secure if you prevent the password from being reset by unauthorised but knowledgable persons using command line.

Look at Affa3 for sme9
http://wiki.contribs.org/Affa

It does remove the need for transferring backup disk(s) off site, so that's one less issue to contend with ie loss of theft of backup disks during transit.

[Stefano]

a different approach:

modify /sbin/e-smith/do_backupwk to encrypt your backup after a successfully backup..

ideally, you need to store into the db if you want encryption (enabled/disabled), type of encryption..

your best bet is to create a NFR and to post here the results of your tests (and, hopefully, your code)

HTH

[CharlieBrady]

While I'm old fashioned and would dig a hole in my garden and bury them in a safe, insurance requirements state we need to store our backups offsite. We do not have a second location so we are using a third party (who are very reputable), even so, we have some sceptical sorts who want every eventuality covered.

You can use whatever software package you like to encrypt the backup files before handing them to the third party. Then, if needed, you can decrypt the file before using it for restore.