White Paper

Carbonite Endpoint Encryption: An In-Depth Look At The Encryption Technology Behind Our Premium Endpoint Backup Solution

Source: Carbonite

As one of our core pillars, addressing the end-to-end security and privacy of data is a primary requirement of Carbonite Endpoint. By utilizing our automated key management and encryption technology in conjunction with our unique data deduplication, both efficiency of data deduplication and security of data can be accomplished. This document describes the end-to-end encryption process and encryption key life cycle management.

Company creation

During creation of a company account (tenant), a cryptographically random asymmetric RSA 1024-bit encryption key is generated and stored in the vault. Company encryption keys are stored separately from any data that will be stored in the vault and are NOT used to encrypt data. Company encryption keys are used to wrap and escrow device keys as described below. Company encryption keys can be rotated as required by contacting Carbonite support.

During company key rotation, a new cryptographically random key is generated. Each device key is re-wrapped with the new company key. Since no data is encrypted with the company key, rotation does not require any data to be re- uploaded or any devices to be reactivated.


Get unlimited access to:

Trend and Thought Leadership Articles
Case Studies & White Papers
Extensive Product Database
Members-Only Premium Content
Welcome Back! Please Log In to Continue. X

Enter your credentials below to log in. Not yet a member of VAR Insights? Subscribe today.

Subscribe to VAR Insights X

Please enter your email address and create a password to access the full content, Or log in to your account to continue.


Subscribe to VAR Insights