@Melissa Adams , if you are concerned about on prem security as well, then you should encrypt the Primary copy. There’s no conflict between that an an encrypted S3 Aux copy.
Is the S3 encrypted by CV, or by AWS?
Can you clarify what you mean about the specific encryption type?
@Melissa Adams I would always enable Commvault encryption as well and as Mike said it will not conflict. The encryption type might be set on CommCell level (control panel → system → encryption) or can be set also on storage policy level.
@Mike Struening Both the primary and the aux are going to encrypted S3 buckets. We do not have a primary copy on premises at this time. Primary is S3-IA and secondary copy is combined tiers S3-IA/Glacier (90 days). Hope that helps clarify. IF this was just a normal storage array on prem we would enable encryption. Also, traffic is always encrypted, correct?
Thanks!