Backup Exec 21.1 Best Practices
- Backup Exec Best Practices
Best practices for Backup Exec software encryption
Best practices include tips and recommendations to help you use software encryption effectively with Backup Exec. For more information about software encryption, see the Backup Exec Administrator's Guide.
The following best practices can ensure smooth operations when you administer software encryption:
Create strong pass phrases by doing the following:
Use more than the minimum number of characters that are required.
Use a combination of upper- and lower-case letters, numbers, and special characters.
Avoid literary quotations in pass phrases.
Keep your pass phrases secure.
For 256-bit AES PBKDF2 (enhanced password-based Key Derivation Function algorithm), the pass phrase must contain at least one upper case, one lower case, one number, and one special character.
Run Backup Exec Services in FIPS mode and use 256-bit AES encryption to be FIPS-compliant.
To enable FIPS compliance, select the Network and Security settings.option in the
Use software compression with encryption if the data must be compressed.
Avoid using hardware compression with software encryption.
If you do not use software encryption when you back up data to disk-based storage, use File System encryption to prevent unauthorized access.
Use the same encryption key for all of the templates in a synthetic backup policy.