Encryption uses a mathematical algorithm that transforms source information into a non-readable cipher text. The goal of backup encryption is to make data unintelligible to unauthorized readers and extremely difficult to decipher when attacked.
Data that is backed up over the Internet must be encrypted before the first bit leaves your organization and travels over the WAN (backup encryption in flight). When the data arrives to its destination, it should remain encrypted as well (backup encryption at rest). Backup encryption both in flight and at rest ensures that backups are secure, both across the Internet and in the backup repository itself.
NAKIVO Backup & Replication uses AES 256 encryption, which is the de facto worldwide encryption standard that secures online information and transactions by the likes of financial institutions, banks, and e-commerce sites.
Backup encryption in flight is performed by a pair of Transporters. The Transporter is a component of NAKIVO Backup & Replication that performs all of the data protection and recovery tasks including data read, compression, deduplication, encryption, transfer, write, verification, granular and full VM recovery, and so on.
The source Transporter for the offsite backup encrypts and sends the encrypted data. The target transporter receives and decrypts data. For example, when you send backup copies over the WAN to an offsite location, the Transporter installed in the source site compresses and encrypts VM data before transferring it over WAN. Then, the Transporter installed in the Target site receives and unencrypts the data prior to writing it to the Backup Repository.
It is equally important for the data at rest to be secured by encryption. NAKIVO Backup and Replication provides the ability to encrypt backup repositories so that backup data at rest, housed in the repository itself, is secure.
With the added benefits of in flight and at rest data encryption, NAKIVO Backup & Replication not only ensures your data is safe but also secure.