CommVault® Data Encryption
Ensure Secure Data with Encryption as Part of the Data Management Process
CommVault's Data Encryption capability secures data over networks and on media. What makes CommVault's approach unique is the flexibility of when and how the data is encrypted along with secure management of the decryption keys.
Administrators are able to select encryption as follows:
- Before the data leaves the client system to ensure secure network transmission, for replication, backup and archive data copies
- When writing the initial backup or archive data copy to disk or tape
- When making secondary copies of backup and archive data copies, from one storage device to the next — especially useful for encrypting data before it is stored on removable media such as tape
- Any combination of these options
CommVault software offers a variety of encryption algorithms, including Advanced Encryption Standard (AES) with a 128-bit cipher and 128- or 256-bit decryption keys. Other algorithms provided include Blowfish using an implementation designed specifically for speed on 32-bit machines, Serpent, Twofish and 3-Data Encryption Standard (DES).
Data encryption keys can be pass-phrase protected, and stored within the CommCell system, on the media, or both.
