Step 10. Compression and Encryption Options
Specify compression and encryption options for the backup plan.
Backup for Windows allows you to compress your backup contents to decrease the space required to store the backup and the uploading time to the target backup storage.
In addition, you can protect your backup by encrypting its contents, file names, or both. MSP360 (CloudBerry) Backup supports AES encryption with key sizes of 128, 192 and 256 bits.
The more the key size, the stronger the encryption (with more time required for processing your backup). See the following article to learn more about AES encryption: Advanced Encryption Standard.
If you chose to save your backup plan configuration to the destination storage, this configuration file will not store the encryption password for security reasons and you need to save this password elsewhere to be able to restore the backup's contents afterward.
Note that if you change any of the encryption settings (algorithm or password), you will be prompted to select if you want to backup up the whole dataset on the next backup plan run with updated encryption settings or apply the updated encryption settings only to new files that would appear in the backup source at the moment of the backup plan execution
Specifying Amazon S3 Encryption Settings
If you selected Amazon S3 as destination storage for your backup, the Backup Wizard provides an extended version of this page enabling you to specify the encryption options for protecting the data stored on Amazon cloud servers as well.
The following additional settings are available when using Amazon S3 for storing your backup:
Server-Side Encryption
Enables encryption of your backup on the side of the Amazon cloud server.When choosing this option, you need to specify which permissions a user is required to have to be able to access the data in this backup:
- Use the Amazon S3 Service master key When choosing this option, Amazon S3 will decrypt data for anyone who has the permissions to access this object in the cloud.
- Use the Amazon key Management Service master key When choosing this option, Amazon S3 will decrypt data for anyone who has the permissions to access this object in the cloud, along with permissions to use a specified master key.
See What is AWS Key Management Service for more information.
Selecting the S3 Storage Class
If you selected Amazon S3 as a destination storage for your backup, you can make the backup service use the following storage classes:
These storage classes can help you strike the right balance between storage costs and data availability. Learn more about Amazon S3 storage classes here.
Using Microsoft Azure Blob Storage
If you selected Microsoft Azure as destination storage for your backup, the Backup Wizard provides an extended version of this page enabling you to choose Azure Blob Storage.
You can choose among the following options:
Archive Blob Storage This is a low-cost storage option for infrequently accessed data.
As opposed to hot and cool storage tiers, fetching data from archive storage takes up to several hours.
Cool Blob Storage Cool storage tier has lower storage costs and higher access costs compared to hot storage. This tier is intended for data that will remain in the cool tier for at least 30 days.
This feature is only supported for General Purpose v2 Azure accounts. If you are using another kind of account, you need to upgrade your account to be able to use this feature.
Please be informed about the additional charges and increased blob access rates resulting from upgrading your Azure account.
See the following document to learn more about the difference between Azure storage tiers: Azure Blob Storage - Hot, cool, and archive storage tiers.