Tape encryption management & best practices

I want to enable encryption on all of my backup tapes. I more-or-less know how to do this technically, but the procedural and human elements of implementing this are tricky.

I use HP LTO4 drives with bacula, which doesn't have any key-management features. In fact, its support for hardware encryption is to call an external script which sets the key on the drive before reading and writing.

My questions:

  1. How should I keep track of which tapes have encryption? I already have a few hundred tapes without encryption. Even if I take the time to rewrite them all with encryption, there will be months of overlap where some have it and some don't. How will bacula know whether to set the key before reading a given tape? Is the drive smart enough to read unencrypted tapes even when a key is set?
  2. If the key is ever compromised, we'll have to change it and we'll have the same problem as #1.
  3. If the key is lost, we've effectively lost all of our backups. How can I mitigate this without increasing the risk that it is compromised?
  4. Should the key change regularly? Once per year? What is the best practice?
  5. How do the big ISV backup systems handle these issues?

Very good questions. I too would like to see good answers from people who know more about this than I do. :-)

3 If the key is lost, we've effectively lost all of our backups

Precisely, which is why many or most people don't use encrypted backups.

One possible way to go is to build a couple of "lifeboats", i.e. packages with install media, usernames and passwords for essential systems like backups, Active Directory and others (i.e. the stuff you need to load a backup if the main site has been completely destroyed in a fire, but not the backup data itself). You should store these lifeboats securely off site, for example in a bank vault, or in a high-security safe in a remote office with an alarm system. And lastly document this, so that others can figure out how to use the lifeboats after you've left the company, if needed.

4 Should the key change regularly? Once per year? What is the best practice?

From a practical point of view, I would say to not change the keys, since it quickly becomes unmanageable if you do. If you're worried about backup security not being good enough, then beef up physical security around your tapes, by using a service such as Iron Mountain, or by building a storage system with good physical security yourself.

Lastly: I would prefer to have all encryption & backup handling in one system, so there is less risk of recovery not working. By this I mean to use the built-in encryption in software like Retrospect or Backup Exec, rather than drive-level encryption.


I use a dm-crypt FS, encrypting it with a long and strong passfrase.

In order to avoid losing passfrase I wrote it on a wax sealed letter, gave it to the company property and he stored it in a security strongbox.

Of course you can give it to a notary, or whatever you think.

I think a passfrase is better for this job, as it can be only in the mind of people authorized to know it, while a digital device can be lost, stolen and so on.

You can be tortured, of course :)