Instead of asking why you should encrypt your backups, you might be better off trying to justify the reverse. Ask yourself, “Why shouldn’t I encrypt my backups?” It’s harder to come up with a justifiable reason. And if you leave it at that, then you're encrypting. And that’s the right decision.

There are two basic backup encryption technologies that help protect your backups: Source-side data encryption and server-side encryption. Source-side data encryption uses customer-controlled keys to encrypt your data before it leaves your server or network. In BlueSky Cloud Backup, that means protecting your data with 256-bit AES encryption. The Advanced Encryption Standard is used worldwide and back in 2003 the U.S. Government announced it was secure enough to protect classified data. It’s a symmetric algorithm, meaning the same key is used to encrypt and decrypt your data.

Ransomware has been a growing problem for businesses and consumers this past year. Ransomware attacks disrupt normal business continuity by encrypting important business documents (or personal files like pictures, video, and documents) and demanding a ransom to recover the data. To help protect customer backups, we implemented ransomware protection functionality in BlueSky Backup. BlueSky Backup performs the initial backup and efficiently analyzes the bit structure of each file to determine if the file is encrypted. During subsequent backups, we compare the original byte structure to the current byte structure. This allows us to identify any newly encrypted files. The backup plan completes normally, however, we prevent existing backups from being deleted regardless of retention policies. This way, existing good backups are protected and are available for restore.

We consider our product to be HIPAA compliant as we encrypt data on transmit and at rest. We also as a company don't have access to your customer data. All the transfer occurs between you and Amazon S3. AWS claims HIPAA compliance too - check out their compliance center.