A PCWorld reader named Melissa wrote in to their Answer Line column with the following question regarding online backups: “With hackers now able to hack into government and large holding companies’ computers, wouldn’t I also be at risk?” Melissa’s concern is valid considering the increasing visibility of online attacks by vigilante groups, state sponsored hackers, and other cyber-villains. Cloud data is under increasing attack by cyber-attackers, as it’s seen as a “fruit bearing jackpot” of data: security-as-a-service provider Alert Logic warns that there has been a 45 percent increase in application attacks in 2015. Breaches such as the ones suffered by Hilton Hotels, Target Corp, Sony Pictures, and Ashley Madison provide ample reason to question the security of your online backups. Need more motivation? Take a look at datalossdb.org, a project that tracks all data breaches and includes a ranking of the largest incidents to date.
Attackers rely on wide variety of techniques to gain unauthorized access to your online data, including sniffing, spoofing, insertion, and man-in-the-middle attacks (to name a few). Most successful attacks are a result of lax security methods, such as insufficient encryption and poor password management.
What To Look For
- Your data is most vulnerable in-flight (when it’s en route from your location to your cloud provider). Make sure your data is encrypted both at-rest and in-flight.
- Older encryption methods are more susceptible to brute-force attacks. Ensure that your data is encrypted to the highest practical levels for your application.
- Do you control your encryption key? Make sure you know who has access to this for two reasons:
- Whoever holds the private key has access
- If the key is lost, you’re locked out of your own data
- How often is your password rotated? It’s important to have solid password rotation support for your cloud backups.
- What exactly happens when you delete your backups? Check whether your provider offers data destruction certificates.
How We Do It
At Armada Cloud, we address all of these issues:
- Our Asigra-based platform encrypts data in-flight and at-rest from cradle to grave.
- We offer customers their choice of encryption strengths ranging from DES 56-bit with an 8-character key, to AES 256-bit with a 32-character key.
- Our Key Escrow Management allows our customers to choose whether they hold their encryption key or place it in secure escrow with us (we never have access to customer keys in either scenario).
- Password Management and Password Rotation support allows us to align with our customers’ existing security policies and procedures, including a feature that allows for auto generation of passwords.
- We support destruction of data based on certificate of destruction policies, accommodating the most sensitive data requirements including EHR and PHI data.
- Our underlying platform is the first data recovery solution of its kind to receive U.S. government validated NIST FIPS 140-2 certification for high security standards.
- Our Asigra platform has an untarnished security track record of zero breaches or compromised systems in 26 years of existence and over 1 million installations in end customer sites.
Are Your Backups Protected?
If you’re currently backing up to the cloud, ask your provider how they are protecting your data. If you’re not satisfied with their response, contact us.