Hello,
If Veeam performs backup copy job to the cloud:
1. Which encryption method/key is used?
2. Is the encryption key stored on-premise or in the cloud (or both)?
3. Is Veeam compliant "GDPR and Schrems II" with its encryption method?
Thanks.
-
brucquat
- Enthusiast
- Posts: 32
- Liked: 2 times
- Joined: May 12, 2016 1:32 pm
- Contact:
-
PetrM
- Veeam Software
- Posts: 3625
- Liked: 608 times
- Joined: Aug 28, 2013 8:23 am
- Full Name: Petr Makarov
- Location: Prague, Czech Republic
- Contact:
Re: GDPR and Schrems II compliant
Hello,
1. AES256CBC is used for backup encryption regardless of destination whether it is cloud or on-premises. You may find more info on this page.
2. Encryption key is stored on tenant side. On cloud side, there is only metakey to process blocks of encrypted backups. The metakey does not provide access to backup content.
3. It seems GDPR does not have any specific requirements for encryption, at least on this page we can find the following statement:
Thanks!
1. AES256CBC is used for backup encryption regardless of destination whether it is cloud or on-premises. You may find more info on this page.
2. Encryption key is stored on tenant side. On cloud side, there is only metakey to process blocks of encrypted backups. The metakey does not provide access to backup content.
3. It seems GDPR does not have any specific requirements for encryption, at least on this page we can find the following statement:
However, let me double check it with our security analysts.The GDPR deliberately does not define which specific technical and organisational measures are considered suitable in each case, in order to accommodate individual factors.
Thanks!
-
brucquat
- Enthusiast
- Posts: 32
- Liked: 2 times
- Joined: May 12, 2016 1:32 pm
- Contact:
Re: GDPR and Schrems II compliant
Many thanks for your feedback. Any feedback from the security analysts? Thanks.
-
PetrM
- Veeam Software
- Posts: 3625
- Liked: 608 times
- Joined: Aug 28, 2013 8:23 am
- Full Name: Petr Makarov
- Location: Prague, Czech Republic
- Contact:
Re: GDPR and Schrems II compliant
Hello,
Not yet. Just to clarify: I'm waiting for the feedback regarding the question 3 only but I'm pretty sure that the provided statement won't be changed. I'll update the topic as soon as I have more info.
Thanks!
Not yet. Just to clarify: I'm waiting for the feedback regarding the question 3 only but I'm pretty sure that the provided statement won't be changed. I'll update the topic as soon as I have more info.
Thanks!
-
PetrM
- Veeam Software
- Posts: 3625
- Liked: 608 times
- Joined: Aug 28, 2013 8:23 am
- Full Name: Petr Makarov
- Location: Prague, Czech Republic
- Contact:
Re: GDPR and Schrems II compliant
@brucquat
My sincere apologies for being late with the update. We discussed your questions internally and I have nothing to add to my initial statements. The whole point is that Veeam has no access to an encryption key as it is stored on the tenant side.
Thanks!
My sincere apologies for being late with the update. We discussed your questions internally and I have nothing to add to my initial statements. The whole point is that Veeam has no access to an encryption key as it is stored on the tenant side.
Thanks!
-
brucquat
- Enthusiast
- Posts: 32
- Liked: 2 times
- Joined: May 12, 2016 1:32 pm
- Contact:
Re: GDPR and Schrems II compliant
No worries for the delay and many thanks for your investigations.
Who is online
Users browsing this forum: Bing [Bot], jie.yan, Semrush [Bot] and 82 guests