I am unable to find an option to fully encrypt the contents of our remote storage backups,
It has been picked up in a data privacy impact assessment that the backups must be encrypted when stored offsite. It would be nice to have a Plesk feature that would allow full backup encryption.

This is just another BS move by Plesk to push 'what should be included' toward their famous paid feature scheme!

Whatever the case, there are more competing webhosting panels in effect today than ever, based solely on such nonsense.

- as always, nature takes its course

No encrypted backups in 2021. Really? Any updates from Plesk team?

"Thanks for your input, we understand the importance. "
2 years later: plesk backups still being stored and transfered to remote storages like amazon or google unencrypted. Plus misleading "encryption" function in GUI.

I am just baffled that backups are still unencrypted.
Backups contain files from Laravel, Slim, Drupal, Wordpress, Joomla, ... that store database credentials, SMTP credentials, keys, database dumps that may contain sensitive information, ... and other sensitive data without any form of encryption.

Plesk leaves system administrators and users without any proper options to encrypt backups.
In addition, the wording of the current 'backup encryption' feature is super misleading! I bet many people think their backups are fully encrypted.

As to the Plesk staff, this feature has nothing to do with popularity.
Not implementing this feature immediately is plain negligence.

Most of us do not have access to /var/*, gpg, curl or ftp-pasv...
This is a problem Plesk needs to fix ASAP.

Script/command to encrypt and transfer all local Plesk backups to your FTP storage (linux):

tar -zc /var/lib/psa/dumps/ | gpg -c --passphrase <encryption phrase> --batch --yes --cipher-algo AES256 | curl --ftp-pasv --ssl -k -u <username:password> -T - "ftp://<your ip and path>/backup_$(date +%F).tgz.gpg"

This is no feature whose popularity needs to be assessed. I know, the GDPR is not very popular... but we have to abide by it. Using the current "password protection" will render the user liable to prosecution since there is no protection at all. In my opinion calling it "password protection" even is a fraudulent representation.

It's soon 2020 and still everything would get uploaded in clear text to Google Drive and others. That is insane!!
This is no feature whose popularity needs to be assessed. I know, the GDPR is not very popular... but we have to abide by it. Using the current "password protection" will render the user liable to prosecution since there is no protection at all. In my opinion calling it "password protection" even is a fraudulent representation.

Also it could be as simple as that (using gpg):

Encrypt:
tar -czf - [FOLDERS] | gpg -c --batch --passphrase [PASSWORD] -o backup.tgz.gpg

Decrypt:
gpg -d --batch --passphrase [PASSWORD] backup.tgz.gpg | tar -xzf -

I'd change it myself if I had access to the source...

There is no option to encrypt backups. I do not trust Google or any other cloud service. Yet I could use the (otherwise completely useless) storage to put my backups there.

So please include a proper and secure encryption. Thanks!

Edit:
It could be as easy as running gpg as a last step before uploading:

Encrypting (simple tar example):
tar -czf - [FOLDERS] | gpg -c --batch --passphrase [PASSWORD] -o backup.tgz.gpg

Decrypting:
gpg -d --batch --passphrase [PASSWORD] backup.tgz.gpg | tar -xzf -

This is a security hole, it should get top priority instead of sitting in the backlog for years.

please, implement asap. If I understand this issue correctly, this renders any effort to be GDPR complaint useless, because DB files are not completely encrypted and only passwords are being encrypted.

When that option will apear in plesk? Thant is very important for security reasons.

Very much looking forward to this feature.

For the time being I think it would be good to update the misleading 'Backup security settings' wording, which imply that the entire backup is being password protected. Which is not correct.

This is what it currently reads:
For security reasons, we recommend that you protect data contained in backups. By default, all backups are encrypted with the Plesk's internal encryption key, which is unique for each Plesk installation. Note that the backups encrypted with such a key can be restored only in the Plesk installation where they were created, and cannot be restored in another Plesk installation. Therefore, we recommend using a password for protecting backup files.

+1

+1. A backup without an encryption is weird. Not only passwords should be protected but also archive content. Very much needed

2018 -> plesk sends unecrypted data over a non-secure protocol -> this must be a joke?

FTPS has too many issues, encrypting Zip's is easy so please do it, the sooner the better...

It is a yoke. How it is possible that data is not encrypted?! It is very serous issue. When it will be done?

+1 for password encrypted zip files. This is definitely a must-have, especially considering GDPR-regulations.

According to the new GDPR this data needs to be encrypted/protected! If you have an offsite backup, this data shouldn't be allowed to be accessed without protection. This has to be added asap!