Get user data encryption key (ekey)
To ensure that the Microsoft 365 data that is backed up is secure, you must configure inSync to get the data encryption key (ekey).
inSync requires access to the ekey to initiate the scheduled backup of any Microsoft 365 app data. The ekey is used to encrypt the user data when it is being backed up to the inSync Cloud. This is part of the digital envelope encryption process that Druva strictly adheres to. Druva does not store ekey of the users and has no access to the data.
Use one of the following methods to enable inSync to get the user data encryption key(ekey):
- Deploy inSync Connector
- Connect a user device
- Enable Cloud Key Management
Deploy inSync Connector
At least one inSync Connector is configured and connected to the inSync Cloud (default option). For more information, see:
Note:
- inSync Connector acts as a SaaS Apps connector to provide the ekeys without requiring users to have their devices connected for the SaaS Apps backup .
- If the registered inSync Connectors are not connected, backup of the configured SaaS Apps data fails.
- inSync Connector does not need to have any domains or AD mappings added to it.
- inSync generates a Not Connected alert if inSync Connector is not connected.
Connect a user device
If the inSync Connector is not configured, then, at least one endpoint device (desktop or laptop) for every user in inSync is configured for backup.
Enable Cloud Key Management
If none of the earlier mentioned deployment options are used, you must have the Cloud Key Management feature enabled. For more information, see Configure Key Management for SaaS Apps.