Contents

Downloadable User Guide

Alerts

>

Mozy Encryption

Mozy User Guide

Article Reference ID:

000155179

Print   Comment        

In simple terms, encryption is a secret pass phrase applied to the contents of your files to ensure they are completely unreadable without the means to do so in conjunction with that encryption key. Mozy encrypts your files on your computer before they are sent over the Internet to the Mozy cloud. Your files remain encrypted when stored in the Mozy cloud and can only be read if you have both the encryption key and the means to read the encrypted file.

When you install Mozy software, you may be able to select the type of encryption key you want to use for your backups. Whether you can choose and exactly which types of encryption keys are available depends on the type of account you have. MozyHome accounts can choose either the Mozy default encryption key or a personal encryption key. If you use MozyPro or MozyEnterprise, your administrator can determine the encryption key types you may choose from or whether you can choose at all. That encryption is permanently associated with all files sent to the Mozy cloud from that computer.

You can change the encryption key type after you install the Mozy software. Doing this requires you to uninstall the Mozy software, delete that computer from your account, then reinstall the software, choosing the different encryption key at that time. The Mozy software then uploads all your files again to ensure that the stored files match the current encryption key.

Encryption Options

The type of encryption key used determines whether some tasks are seamless and simple or whether extra steps are required. The Mozy default encryption key yields the least complicated experiences. A personal or corporate encryption key requires an extra set of steps for certain tasks. For example, if a personal encryption key is used, that key must be supplied to access files from the Mozy cloud when you use the Mozy mobile app. If a personal or corporate key is used, when you download files from the Mozy cloud using a Web browser you must then also use the Mozy decryption utility to supply that key.

With a few exceptions, all features of Mozy are available regardless of which type of encryption key is used.
Note: If you use MozyPro or MozyEnterprise, some features may have been disabled by your administrator. For example, some organizations choose not to permit their users to access their files online.
Default Encryption Key The Mozy default encryption keys are 448-bit keys created using the Blowfish algorithm.

Mozy separately stores the key. This lets us automatically decrypt your files when you download or restore them. This is the least complicated, most seamless experience for users, imposing no restrictions on any Mozy features.

Personal Encryption Key A personal encryption key, which uses 256-bit AES encryption, is provided by you and known only to you. When you install Mozy software and choose to use a personal encryption key, you are asked to enter your key. The key can be any combination of characters, symbols, or numbers, and can be as short or long as you like. When you provide the key, you can type it, paste it, or import it from a plain text file.

To ensure you can download and restore your files, you must either remember your key indefinitely, or you can save it and store it separately. If you choose to save it, a plain text file is saved to the location you choose. The file contains only the characters you entered when creating your key. To ensure you can always provide your key, it's best not to save it only on your computer, which could fail, or only anywhere else which you could easily lose or damage, such as a USB stick.

When you download and restore files, you must supply this key to decrypt those files. Mozy does not have access to your personal encryption key and cannot decrypt files for you. This means that if you lose your key, we cannot help you decrypt your files. Even under force of law, Mozy cannot decrypt your files if you choose to use a personal encryption key. When you reinstall the Mozy software or install it on a replacement computer, you must supply this same key to ensure continued access to files you have previously backed up.

If you choose to use a personal encryption key and you also use the Mozy mobile app, you must provide your personal key to view and download files from the Mozy mobile app. For more information, see Provide Personal Encryption Key in the Mozy Mobile App.

If you choose to use a personal encryption key with Mozy Sync, each instance of the sync software you install must use exactly that same key.

If you choose to use a personal encryption key these Mozy features are affected.
  • File previews and image thumbnails are not available in Mozy on the Web.
  • File previews and image thumbnails are not available in the Mozy mobile app.
  • Files cannot be uploaded from a Web browser to your set of synchronized files.
  • Files cannot be uploaded from the Mozy mobile app to your set of synchronized files.
  • You must use the Mozy decrypt utility to manually decrypt archive packages downloaded from the Web and files instantly downloaded from the Web.
Corporate Encryption Key A corporate encryption key is created by your administrator; therefore, the resulting corporate encryption key is unique to your organization. You don't need to remember this key, because it is installed automatically when you install Mozy software and is managed by your administrator. The corporate encryption key option is available only to MozyPro and MozyEnterprise accounts.
If a corporate encryption key is used, these Mozy features are affected.
  • The Mozy mobile app cannot be used.
  • Files cannot be uploaded from a Web browser to your set of synchronized files.
  • File previews and image thumbnails are not available in Mozy on the Web.
  • When manually downloading files instantly from the Web, or when downloading archive packages, the administrator must use the Mozy decrypt utility to manually decrypt the files.
  • When the Restore Manager is used to download files from the Web, it must have access to the corporate key.

Encryption Schemes

If you have a MozyHome account, you can use the same type of encryption key, or the exact same personal encryption key, when you install each instance of the backup software. Or, you can choose to install each instance of the backup software with a different type of encryption, or a different personal encryption key. You can install Mozy Sync with the same encryption key as the backup software or a different one; however, all your instances of Mozy Sync must use the exact same encryption key. In making these choices during installation, you can choose to create the simplest experience possible when downloading or restoring files. Or, you can choose to be responsible for managing the most secure experience, which can also be the most complex.

If you have a MozyPro or MozyEnterprise account, you may not be able to choose which type of encryption to use. Or, your administrator can determine which types you can choose from. If you can choose, the same considerations described for a MozyHome account apply to you as well. As always, if you use Mozy Sync, each installed instance must use not only the same type of encryption, but the exact same key.

Table 1. Simplest Encryption Scheme
Device & Mozy Software Type of Encryption Key
Computer A, backup software Default
Computer A, Mozy Sync software Default
Computer B, backup software Default
Computer B, Mozy Sync software Default
Computer C, backup software Default
Computer D, Mozy Sync software Default
With this scheme, you never need to remember or supply an encryption key to use any Mozy features.
Table 2. Most Complex Encryption Scheme
Device & Mozy Software Type of Encryption Key
Computer A, backup software Personal key you provide = example-ABC123
Computer A, Mozy Sync software Personal key you provide = example-123XYZ
Computer B, backup software Personal key you provide = example-DEF456
Computer B, Mozy Sync software Personal key you provide = example-123XYZ
Computer C, backup software Personal key you provide = example-GHI789
Computer D, Mozy Sync software Personal key you provide = example-123XYZ
With this scheme, you must always be able to provide each key as necessary to use certain Mozy features, particularly when restoring or downloading files, or when installing any Mozy software when you replace any computer.

Related Content
Haven't found what you are looking for?
Ask the Community