At my company we currently have a monthly archival backup process. So at month end, we copy off various backups of our systems and save them to an external hard drive. These are then taken offsite (someone’s house) and kept in a safe.
My question is; is it overkill (or too risky) to then encrypt these backups too?
My feeling is you can never be too secure, but if we lost the recovery key, are we putting ourselves at too greater risk? Baring in mind someone would have to break into the house, then the safe, and know what to do with the backups.
What’s the general best practice for this sort of thing, and your personal opinion on the matter?