Backing up your important corporate data to the Cloud makes sense, right? It's offsite, highly reliable, and inexpensive. What's not to love?
Of course, it's important for your Cloud backup solution to be secure as well. But you know better than to let the Cloud provider encrypt your data with their key, so you encrypt all information on-premise before backing it up to the Cloud. So far so good.
Remember, however, that any backup routine is only as good as your ability to recover from backup. Anybody who attempted to recover from old tapes back in the day only to find they'd turned to dust knows this lesson all too well. Fair enough. But isn't recovering backed up data in the Cloud a straightforward process?
Yes and no. Remember, you encrypted that information and used your private key and/or password at the time. But that was, what, 12 keys and 47 passwords ago? So you recover the backed up, encrypted file. Only now you can't decrypt it, because you've lost the key or the password. Oops.
To prevent this problem, you make sure you keep meticulous records of old passwords and old keys. Make sure to include dates and files encrypted. Only now you're worried about how to secure those records, since after all, if a hacker gets them, then all is lost. But whatever you do, don't put those records in the Cloud!
Cloud, backup and recovery