You can set a default encryption key to use for all backup jobs, templates, and duplicate backup set jobs. However, you can override the default key for a specific job. You can also use encryption in policies when you create Backup templates or Duplicate Backup Set templates. When you create a Duplicate Backup Set template or a duplicate backup sets job, backup sets that are already encrypted are not re-encrypted. However, you can encrypt any unencrypted backup sets.
If you use encryption in a synthetic backup policy, all the templates in the policy must use the same encryption key. You should not change the key after you create the policy. For the synthetic backup template, Backup Exec automatically uses the encryption key that you select for the other templates in the policy.
When you select encrypted data for restore, Backup Exec verifies that encryption keys for the data are available in the database. If any of the keys are not available, Backup Exec prompts you to recreate the missing keys. If you delete the key after you schedule the job to run, the job fails.
If Backup Exec cannot locate an encryption key while a catalog job is processing, Backup Exec sends an alert. You can then recreate the missing encryption key if you know the pass phrase.
If you use encryption keys with the Intelligent Disaster Recovery option, special considerations apply.
About encrypted backup sets and the Disaster Recovery Wizard