Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ CloudPoint Install and Upgrade Guide
  5. Section I. CloudPoint installation and configuration
  7. Volume Encryption in NetBackup
  9. Volume encryption for GCP
Veritas NetBackup™ CloudPoint Install and Upgrade Guide

Volume encryption for GCP

You can encrypt disks in GCP using the following methods:

  • Encryption by default (PMK or Google Managed Key)

  • Customer Managed Encryption Key (CMEK) using Google Cloud KMS

For more information on GCP encryption, see: https://cloud.google.com/security/encryption-at-rest

Table: Encryption for creating snapshots

Disk encryption

Snapshot encryption

Platform Managed Key (PMK)

Same PMK is used as the source disk.

CMEK

Same CMEK is used as the source disk.

Table: Encryption for restoring snapshots

Snapshot encryption

Restored disk encryption

PMK

Same PMK is used as the snapshot.

CMEK

Same CMEK is used as the snapshot, if the target restore location is within the scope of the key.

Note:

For successful restoration, the target restore location must be inside the scope of the key during restoration.

Feedback

Was this page helpful?
Previous

Volume encryption for Azure

Next

Volume encryption for AWS

Feedback

Was this page helpful?