High level approach to encryption:

Encryption of archival data – Tape Encryption

• • Recommend hardware-based encryption for all backup tapes
  • Utilize central automated tape management and key management solution, such as Tivoli (TKMS) with appropriate tape hardware

Encryption of data at rest – NAS Encryption

• • Not recommended to encrypt entire NAS storage due to implementation and operational cost and complexity (e.g. performance impacts)
  • Recommended to apply database and/or application encryption to specific (high value, high sensitivity) data types i.e. Vormetric or Oracle encryption

Encryption of data in transit – Network Encryption

• • End-to-end protection for data in transit using SSL/TLS type encryption is recommended (Customer application owned)
  • Recommended for high value links like MSSP to Clients using (Cypher Optics)

https://www.bestitdocuments.com/Samples