Our Most Important Job is to Secure Your Data
While most traditional backup systems do a good job of archiving data, they do little to actually secure it. Portable backup media (tape cartridge, CD, DVD or USB disk) can easily be misplaced or stolen. Once in the wrong hands, your confidential data is easily compromised.
Fortunately, the Dr.Backup online backup service does not suffer from this shortcoming – and is a great tool to help you achieve HIPAA compliance.
We take great care to ensure the confidentiality, integrity and security of your valuable business data. We do this by implementing administrative, physical and technical safeguards including:
Prior to leaving your PC, all of your valuable data is encrypted. By employing military-grade encryption technology, we make it virtually impossible for anybody to read your data – even if they were somehow able to physically intercept it. The data leaving your PC is completely protected at all times.
Our PC client software offers you the choice of multiple different encryption algorithms including DES, TDES (triple DES), AES 128, AES 192, AES 256 and Blowfish (default) with a variable length key of up to 448 bits.
Each time the client software is installed, a unique encryption key is generated. This key is loaded into the backup program and used to backup or restore your data from the offsite storage vault.
At installation time, you MUST record the value of this encryption key and store it in a safe place. You alone are responsible for securing and keeping your key private. As this key can be completely random, Dr.Backup personnel do not know your encryption key value. If for any reason you need to reinstall the backup client software to recover data, you will need this key.
Remember, your password is NOT your encryption key!
Without the encryption key, nobody can access your information – not even the employees of Dr.Backup. This provides you with assurance that your data cannot be read by unauthorized personnel.
The Dr.Backup data vault is a network of purpose-built servers. Each server performs only one function – securing your data. Operating system software is mirrored on dual high-speed disk drives. Your encrypted data files are stored on a Raid storage array equipped with hot standby disk drives – which automatically activated in the event of a hard disk failure. Critical system components are either redundant or spared onsite.
Our commercial firewall service employs sophisticated network port blocking and packet filtering techniques to prevent unauthorized access to the servers. Failed attempts to access the server are logged and reviewed by the system administrator. Remote administration of the server is performed using remote terminal software over an encrypted management link.
End users do NOT have an operating system account on any server and can perform no tasks other than backup and restoration of encrypted data files. In order to ensure the highest levels of security, we do NOT deploy public web servers on our production backup network.
Our back office network undergoes independent PCI scan testing on a quarterly basis to comply with major bank credit card processing requirements.
Dr.Backup servers are collocated in an SSAE-16 Type II certified carrier-grade data center. Within this facility, all equipment is secured in a locked cage.
Security guards on premise provide 24×7 access control to the collocation facility. All visitors to the facility must be pre-authorized and escorted by a registered system administrator. Cameras and other security features are used to supplement the onsite security personnel.
Should your organization have the need for a second, secure and redundant offsite copy of your data, our backup software can be configured to meet this requirement.