Our backups are encrypted: where are the keys?
AES encryption on your backup is good news. But without the key a backup is a closed vault. Key lost = backup lost.
Try this first
- 1Inventory: which encryption is enabled at which layer? VM backup, fileshare backup, cloud backup: all configured separately.
- 2Document where the keys live. Not in the same tool as the backup itself; that is like leaving the house key under the mat.
- 3Keep at least two copies of the master key: one in a password manager managed by two people, one offline (paper in a safe).
- 4Test recovery with the key annually. A forgotten key is something you want to discover in a drill, not a real disaster.
When to bring us in
Key management is not an IT detail, it is an existential risk. We help set up a key vault with a four-eyes principle and escrow procedures. Call before you trust a yellow sticky note.
See also
- We have backups but we do not know if they workA backup that cannot be restored is not a backup. Testing matters as much as taking the backup.
- Suspected ransomware: what to do RIGHT NOWThe first 30 minutes are critical. One wrong move spreads the damage. Read before acting.
- Someone accidentally deleted an important folderUsually fine to recover. The trick: do not save anything new on that drive until you know how.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.