Hey administrators, in AhsayCBS v7, you can make your backup users upload their encryption keys in encrypted format to AhsayCBS after backup, so that if a user forgot or lost his/her encryption key, you can send the encrypted key file to us. We will then decrypt the key and send it back to the user’s contact email address.
Since the encryption key of a user’s backup set uploaded to AhsayCBS is in encrypted format, administrator won’t be able to know the actual user’s encryption key. Besides, the decrypted key will be directly sent to the user’s contact email address, the administrator won’t be able to get the decrypted key. Ahsay only has the encryption key but does not have the access to your user’s backup data. Therefore, the mechanism is totally secure.
Sending us user’s encrypted encryption key file for decryption should be your last resort. You should always educate your users about the importance and methods for keeping their keys safely. Here’s a best practice of encryption key management for your reference: https://forum.ahsay.com/viewtopic.php?f=192&t=14090
To understand the details of our Encryption Key Recovery Service, click here.