Security

The most vulnerable part of corporate data is that saved on individual PCs and laptops. Security must be constantly monitored and maintained which is why our managed PC Backup solution is perfect for busy professionals and IT teams who want confidence that business information is protected.

The Data Backup Agency takes security seriously at every level from backup to storage and retrieval. To create a secure environment for data backup four security objectives are followed: Data Transfer Security, Storage Security, Management Security and Facility Security.

Read on for an overview or download the Whitepaper on PC Backup Security located in the download centre.

1. DATA TRANSFER SECURITY - prevents access to customer's data during transfer for backup or retrieval

The PC Backup solution acts as a mediator between the PC and offsite, high security Data Centre and always initiates contact. SSL encryption (TLS 1.0) protects all customer information during transmission between the two. The user encryption key allows the Data Centre to authenticate the PC Backup solution while it authenticates the server using a digital certificate embedded in the installation package. After authentication, the PC Backup solution encrypts every file flagged for backup with 128-bit Advanced Encryption Standard (AES) and sends the encrypted data to the Data Centre. When trying to retrieve files the PC Backup solution requires a valid password or valid technician ID and password.

2. STORAGE SECURITY - prevents unauthorized access to backed up data stored on the server

The Data Backup Agency stores all backed up data in highly secure, offsite, underground facilities provided by Iron Mountain.

Security features include:

• 128-bit AES-encrypted files stored without being decrypted
• Every account has a unique encryption key, used to encrypt and decrypt each file that the PC Backup solution backs up
• Facility servers do not provide a view to customer data

3. MANAGEMENT SECURITY - prevents unauthorized access while providing client account management

The Data Backup Agency uses and trusts Iron Mountain’s storage facilities.

Staff security features include:

• Access to Data Centre areas is restricted to facility administrators only
• Only employees and signed-in escorted guests can gain access to the Iron Mountain facilities
• All employees receive a picture/ID card-key for entry to the facility which must be displayed at all times. Card key usage is logged and reviewed regularly

4. FACILITY SECURITY - physical security practices and facility hardening

The Data Backup Agency uses Iron Mountain’s secure off-site facilities.

Facility security features

• All data received is mirrored and immediately replicated by high speed links
• Up-to-date virus protection
• Intrusion detection systems monitored by an Underwriter Laboratories-listed station

Physical security features

• Level 9 (Ultra-Reliable Data Centre) rating by independent security consultants BRUNS-PAK
• Level 4 (highest) Security Rating
• External security – high steel perimeter security fence, single point of entry controlled by computerised zone access, state-of-the-art intruder alarm and CCTV surveillance linked to an external 24/7 monitoringsystem, the roof the data centre is monitored by infrared motion sensors
• Internal security – networked CCTV, access control and intruder detection,24/7 security
• Uninterruptable power supply – independent power supply via two banks of industrial batteries supported by a large external generator which provides enough power to ensure the data centre remains fully operational even in the event of a major national grid outage
• Dedicated team of IT professionals 24 hours a day, 365 days a year
• Fire detection and suppression - automatic fire detection and alarm system compliant to BS5839 and BS6266

Powered by Iron Mountain, enhanced by the Data Backup Agency.