During a risk assessment exercise, I realized that my backup admin does not encrypt data in backup tapes. He argues, it is not required as an adversary cannot recover/read data from the backup tape, assuming its stolen, if he does not have the corresponding catalog. He further adds that catalog is kept secure. We are using Veritas netbackup 6.5. I am unfamiliar with the technology, hence would want to know the following:
a) If catalogs are secure, why should the software have a feature for encrypting data in the backup tape?
b) If the argument is invalid, how can an adversary read/recover the data from the stolen backup tapes, even if he does not have the catalog. Please help in articulating the risk.
Any help in this regard is appreciated.
Thanks in anticipation