Veeam Data Cloud
User Guide
Related documents
Search

Configuring Encryption Settings

Veeam Data Cloud allows you to encrypt backed-up fields and files using data key that is enciphered with either a Veeam Data Cloud master key or an Amazon Web Services Key Management Service (AWS KMS) master key. By default, encryption is enabled for all object fields and file types with a Veeam Data Cloud master key.

When you edit a backup policy and enable encryption for already protected fields and files, the Veeam Data Cloud runs an encryption session — either immediately or an hour later, depending on the settings that you specify. Keep in mind that for larger Salesforce tenants, encryption operations may take significant time to complete. When the encryption process completes, Veeam Data Cloud further runs data and file sessions instead of encryption sessions to encrypt the protected fields and files on the fly. For more information on types of backup sessions, see Backup Session Types.

Important

  • Shared AWS KMS keys are not supported in Veeam Data Cloud.
  • If an AWS KMS key is used to encrypt backed-up data, DO NOT delete this key from the AWS KMS account. Otherwise, you will not be able to decrypt the encrypted data.

In This Section

Managing AWS KMS Connections

View all results across Veeam
Back to document search