Making backups of your data is critical. If you don't regularly create usable backups, any outages, disk failures, or administrative errors can cause permanent data loss. But, although backups address the availability (and to some degree integrity) aspects of the AIC security triad (availability, integrity, confidentiality), they can introduce significant risks with respect to the confidentiality or secrecy of your data. In other words, when you centralize all your data on removable storage (e.g., tape drives), things can get very bad very quickly if the tapes are misplaced or stolen.

Encrypted Backups

The solution, of course, is to encrypt your backups. Depending on the risk you're willing to accept, strong encryption can even let you store your files in potentially insecure locations (e.g., a public cloud storage provider). In general, most backup programs support 256-bit AES, which is extremely strong, so with properly generated keys that are secured from attackers, your data should be safe from decryption for at least a few decades. However, you must consider several other issues when deciding how to apply encryption to your backups and how to manage your encryption keys.

Data in Transit and at Rest

Generally speaking, data is considered either "in transit" (being sent over a network) or "at rest" (having been written to media such as a tape or a hard drive). Data in transit is vulnerable to interception – even local area networks can be compromised and configured to mirror data to a server the attacker controls. This means that any encryption used to secure the data in transit must also allow the client to authenticate the server and vice versa (e.g., so attackers can't inject malicious data into backups that is later used to restore a system). Typical solutions here would include SSL with certificates or VPN software, such as IPsec using certificates or shared authentication.

[...]