Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section III. Encryption of data at rest
  7. Data at rest encryption security
  9. Configuring standard encryption on clients
  11. About configuring standard encryption from the server
  13. Automatic backup of the key file
NetBackup™ Security and Encryption Guide

Automatic backup of the key file

The automatic backup method is less secure, but it ensures that a backup copy of your key file exists.

This method requires that you create a non-encrypted policy to back up the key file. If the key file is lost, you can restore it from the non-encrypted backup.

The problem with this method is that a client's key file can be restored on a different client.

If you want to include the key file in the back up to a client, add the key file's path name to the client's include list.

Redirected restores require special configuration changes to allow a restore.

Feedback

Was this page helpful?
Previous

Manual retention to protect key file pass phrases

Next

Restoring an encrypted backup file to another client

Feedback

Was this page helpful?