Hi Lutz,

When viewing it as a scylla&charybdis alternative I probably (knowing nothing about your clients and your rates) would opt for automation as well.
Guessing a bit further, a determined attempt robbing your place would get info to decrypt somehow - there are too many ways.

But is it really scylla&charybdis?
- The weekly DVD-RAM in vault should be considered safe from robbery if viewed in effort compared to ransacking a private place and a great fire insurance fordata as well.

- The remoted VPN data is insurace for the difference of actual day compared to bank vault day - against any chance of mishap at your place like fire or robbery of HW plus dayly DVD-RAM, but probably more than doubles the robbery risk (guessng your place has more security).

If your server ***process*** were to encrypt the data for DVD-RAM and remote machine via a crypt-key stored in your server (still automatable), the risk of having your server machine stolen would be identical. But a thief just stumbling over the remote machine or the DVD-RAM would NOT be given direct access - and a copy of the key in an USB stick could be at a second bank vault and/or a notary to guarantee restore working. You might even add a third copy of the safety-data to an USB-3 stick to put on your ring with the car keys (if you get a week on DVD.Ram, a month should be possible on tiny USB with 32 or 64 GB), as it is encrypted and can only be decrypted either on your home machine or with the USB crypt-key sticks.

As you have your hourly backup, you could go the route of having double key encryption: an encrypt key in your server for automation and a special decrypt key in bank vault and perhaps in a very hidden place in your home - as the risk of somebody just taking the server with the raw data cannot be avoided, not really an additional risk at your place.

(sometimes it is fun to have a paranoid streak)

my 0.000001€

thomas

>The robbery problem occurs to myself too, but somehow the server has to run. One can encrypt the HDD but as long as the server is on ...
>And one will die one dead HDD encryption or automation. It's not much sense to have the HDD encrypted and the password on the comp/server.
>
>So the second server is a mirror, and the DVD RAM ;)
>
>:)
>