Data breaches have become increasingly common in recent times. They can be caused by a number of reasons – from human error and oversight to attacks by malicious software. In my opinion, besides the legal and remediation costs, the biggest impact of a data breach is really to the reputation of a firm. Particularly, if you are in the data protection business, you need to be very careful about protecting yourself from such an event. How can you trust someone to protect his data based on your technology / service if you cannot protect yourself from a data breach?
Asigra has built a number of security features into our software platform to ensure that our customers are not exposed to the harmful effects of a data breach. After all, a number of our customers hold and protect very sensitive data for enterprises of various sizes in highly regulated industry verticals.
Asigra’s technology ensures that all the data is encrypted before it is transferred over the WAN from the customer premise to the secure offline data center. The Asigra software needs the customer to provide two encryption keys – one at the account level and another one at the level of the individual DS-Client that aggregates, encrypts and compresses the data on the customer end. Only a person who knows both the keys can restore the data in unencrypted form from the secure offsite vault, where it is stored in encrypted form.
Asigra supports up to AES 256 bit encryption, selected by the United States National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) to be a secure method for encrypting confidential data. Further, the job of encryption is performed by the DS-Client software so that the data is encrypted even before it leaves the customer premise. Therefore, the sensitive data is protected both in flight and at rest. As this data can only be decrypted by the same software that encrypted the message in the first place, the data that is stored in our secure offsite vaults cannot be read and understood even if accessed by an unauthorized source.
To further ensure the security of information at our partner data centers, we have implemented additional security features in the software. The DS-System software that controls the vault at the secure offsite data center registers the hardware and software configuration information of the DS-Client software at the customer end when the two pieces of software connect for the first time. Thereafter, the DS-System validates this information with the DS-Client when the DS-Client attempts to establish a connection with the vault. Further, the software also ensures the authenticity of the encryption keys to ensure that the data is backed up and encrypted by the same set of keys.
It is little wonder, therefore, that Asigra is one of the very few backup and recovery solutions that have been accredited by the US National Institute of Standards and Technology (NIST) to be Federal Information Processing Standard FIPS 140-2 certified. This is precisely the reason why companies looking to achieve HIPAA compliant, Gramm Leach Bliley compliant, SOX compliant, or PIPEDA compliant backups turn to service providers whose backup services that are powered by Asigra. And why most of the CIOs who protect their data using a Asigra powered backup service don’t worry about data breaches and sleep easy at night
- Smartphone, tablet security and management guidelines on tap from NIST (networkworld.com)