While the nuances and details of the kind of security you may hedge your online or offline data with may vary with the kind of storage you use, the fact remains that your data is vulnerable. So, how safe is your data?
Securing your backed up data is a challenge.
Offline data is heavy on physical security. You need to keep your data in an offsite repository as part of your disaster recovery plan. The physical storage space must be fireproof, waterproof, burglar proof and earthquake proof. That is asking for a Fort Knox kind of set up for your data. Even if you are able to provide the right kind of security, your data tapes and disks are still vulnerable. They can be attacked by fungus or become corrupted over time for a variety of obvious and not so obvious reasons.
The technology you use in your business may be upgraded and you may no longer have the facility to recover the data from the obsolete storage systems you adopted a while ago. If the data stored in the disks and tapes have been encrypted, the encryption keys may have been lost. If none of the above disasters have succeeded in depriving of your data, you may find that the data recovery process itself is so slow that you need to dedicate entire IT infrastructures to the process, or bring your business to a standstill for a number of days or even weeks or months while the data is being recovered.
Online backup security offerings seem immensely attractive in the context. However, online security may also be a myth if the online backup service provider has not put in place the right kind of technology for securing backed up data. The first concern you must express while entrusting your data to an online backup service is security of the data at various stages of transmission and storage.
Data transferred over the Internet is vulnerable. What has the service provider done to ensure that the data is not hijacked, stolen, corrupted or destroyed during transmission? How does the provider safeguard against listeners and eavesdroppers on the network?
Online backup service providers use 128-bit, 256-bit AES encryption or blowfish encryption to ensure that data is encrypted before it is transmitted over the network to the online backup server. The cryptographic models are largely proprietary and very few proprietary models have been certified as safe by relevant certifying authorities.
While encryption can confuse and confound eavesdroppers on the network, the availability of encryption keys with the backup vendor will make the exercise futile. Consequently, online backup service providers ask their customers to generate a customized encryption key at the time of installation of their product on the client machines. The encryption key remains with the IT Administrator at the customer end. However, loss of the encryption key will make the data stored on the online backup server irrecoverable.
Data stored in online backup repositories cannot be accessed by unauthorized personnel. Many online backup service providers store data in an encrypted format in the online data repository. Authorized personnel of the enterprise can access the data by inputting the right authentication and authorization protocols into the application. Authentication and authorization protocols are defined by the customer’s IT Administrator. The IT Administrator can create user profiles and assign them rights and permissions using the management console provided by the backup service provider.
Data stored in online repositories are taken offsite instantaneously and have been proven to be an excellent method of safeguarding mission-critical information against disaster. Many online backup service companies provide additional security by replicating the data on to one or more geographically dispersed servers. A few service providers offer to ship back the backed up data to the enterprise on removable disk drives for offsite storage.
Data recovery is facilitated by online backup services in innumerable ways. Changing technology remains the responsibility of the online service provider. Customers can download data using a web-based application on to same or similar environments anywhere, anytime.
Bare metal restores on entirely new computing environment over the Internet is also possible with sophisticated data backup service providers, like SecurStore, powered by Asigra.
Additionally, enterprises can choose to go on to a public cloud taking advantage of economies of scale or can choose to work with the service provider using dedicated private clouds. Hybrid clouds are available to those who want to make distinctions between the types and categories of data and store the more mission critical ones in safer repositories.
Increasing adoption of the cloud by small and medium enterprises over the last two years is a clear indication that security of backed up data in the cloud is gaining popularity.