Spectra T50e - Exporting and Protecting Encryption Keys

To Next Page

To Previous Page

Chapter 10—Encryption and Key Management BlueScale Key Management

August 2017 User Guide—Spectra T50e Library

307

8. ClickNexttomovetothenextpartitionconfigurationscreen.Navigate

throughtheremainingpartitionconfigurationscreensbyclickingNext.

9. WhenyoureachtheSummaryscreen,clickSave.Alldatasenttothis

partitionisencryptedusingthekeyyouselected.

10. Accesstheencryptionfeatureandconfirmthatthelistedkeysreflect

theassignmentsyoujustcompleted.

Exporting and Protecting Encryption Keys

Ensuringthatyouhaveabackupofallkeysusedinthelibraryanda

recordofthepasswo rdforeachexportedkeyisessentialtoensuringthat

youcanrecoverencrypteddata.Forsafe‐keepingandsecurity,exportthe

encryptionkeyandstoreitinasafe,securelocationsothatyoucanimport

itbackintothelibraryifneeded.

Overview

Decryptingencrypteddatarequiresboththeencryptionkeyandthe

encryptionkeypasswordusedtoprotecttheencryptionkeywhenitis

exported.Toensurethatthekeysareprotected,usetheExportKeyoption

describedinthissectiontoexportencryptionkeystoaUSBdeviceassoon

aspossibleafteryoucreatethem.

Best Practice

SpectraLogicrecommendsthatyouexporteachencryptionkeytoatleast

twodifferentUSBdevicesandstoretheminseparatelocations.Remember,

lostencryptionkeyscannotberecreated;youshouldkeepthemassecure

(andasbackedup)asyourdata.

Caution

Data cannot be recovered without the encryption key used to encrypt the data, so

protecting encryption keys is extremely important to data decryption and recovery.

To decrypt and restore encrypted data, you need the data, the encryption key, and

the encryption key password used to protect the exported key and data.

Important

Backup files of the library configuration include any encryption keys that were

stored in the library at the time the file was created.

Caution

As a matter of best practice, Spectra Logic recommends exporting encryption keys

to a USB device instead of using email.

Although emailing encryption keys is supported by the library, using email

presents security issues, including the following:

 Copies of encryption keys may be left on the email servers used for sending and

receiving email and are thus subject to compromise.

 The difficulty in verifying where all of the copies of emailed encryption keys

may be located can make security audits more challenging.

Main Page

Spectra T50e - Exporting and Protecting Encryption Keys

Table of Contents

Other manuals for Spectra T50e

Related product manuals