All of the SNS IT’s Online Backup Storage Platforms are hosted using secure hosting facilities, which are a combination of secure data centres and fully resilient network infrastructure.
The backed up data, held on the Primary Storage Platforms, is replicated every 15 minutes and is transferred (via the private network) to the Mirror Storage Platforms in a second remote data centre.
The data centres are housed in highly secure disaster recovery buildings, owned and managed by IBM Business Continuity & Recovery Services, which offer a wide range of benefits:
- Private fully secure data centres
- 24-hour security with CCTV monitoring of all access within the buildings
- Restricted access within buildings controlled by swipe card systems
- Multiple, redundant, mains power feeds with UPS and mains power generator backup
- Fire suppression systems
- Monitored air conditioning
The software uses a combination of Blowfish encryption and SSL secure data transmission to ensure the safety of your data.
When the Backup Client has to transfer data to the Storage Platform, it connects using a secure SSL (1024 bit RSA key exchange, 128 bit RCA stream cipher and SHA-1 integrity checking) connection to transfer the data. Signed SSL certificates and Certificate Revocation Lists (CRLs) are used to verify server integrity.
Data is stored using 448-bit Blowfish encryption to encode the data on the Server. This is the highest level of encryption that is commercially available to date and considerably greater than the encryption used for Internet banking and online credit card transactions.
Your encryption key is seen as a passphrase by the Storage Platform. A random encryption key is automatically generated when any account is created and this random key (and not the passphrase specified by you) is used to encrypt your files.
The encryption key is protected by the passphrase (your encryption key) and without this passphrase you cannot decode the actual encryption key. When you change the encryption key in the Backup Client, the actual key is decrypted and re-encrypted with the new passphrase.
The data is never touched. All data since the initial backup is encrypted with the same random encryption key even when the passphrase is changed. If you change your encryption key, you do not have to remember the previous encryption keys for future restores – the Backup Client will be able to retrieve the data from the Storage Platform.
Your encryption key is not stored anywhere on the Storage Platform and is only known to you. If you forget this encryption key, it will render your data unrecoverable.
Security standards and techniques employed by Attix5 Backup Professional are audited by PricewaterhouseCoopers to ensure that sensitive corporate data remains safe from prying eyes when transferred over the internet or stored on a server.
Blowfish is an encryption algorithm. It is a symmetric block cipher, which uses a variable-length key from 32 bits to 448 bits. Backup Professional uses the maximum strength 448-bit key.
The Secure Sockets Layer (SSL) is a commonly used protocol for managing the security of data transmission. Attix5 Backup Professional makes use of the SSL protocol (1024 bit RSA key exchange, 128 bit RC4 stream cipher and SHA-1 integrity checking) for secure data communication between the backup clients and the storage platform, including data transmission.