[Discuss] Revisiting VMWare ESX backup options

[Rich Braun]

Richard Pieri <richard.pieri at gmail.com>
> Physical security comes first. Encryption is no substitute for physical
> access controls.

Agreed. They are two separate layers of security.  You can do one, or the
other, or both, or neither.  You decide.

> If you refuse to maintain physical control over your
> data and equipment then you deserve what happens to it. I have no
> sympathy when it does. I laugh and I point and I say "I told you so".

Respectfully, we do not agree on this point. Loss is no laughing matter, no
matter what mistakes were made by he/she who suffered the loss. The point of
this discussion is to encourage readers to think about appropriate steps to
protect against future loss. No security is 100% effective, there will be
future losses and it's impossible to say how or when.

Additional layers of security, whether "necessary" or not, are worthy of
discussion.  Encryption is pretty darned easy to use, doesn't add burdensome
complexity (depending on the tool you select), and is very often necessary for
cloud deployment. (I happen to work in an enterprise-software team deploying
to AWS, so there's no choice: we encrypt. Everything.) For home/small-business
users, the odds of theft or human-error are considerably higher than in an
enterprise situation, depending on your location and other variables.

-rich