Raid Redundant Online Backup Servers

I’m happy to announce, today, that we brought our new RAID redundant backup servers online. It’s been a long time in the making and I’ll be honest, it’s taken much longer than we had originally anticipated. However, we wanted to make sure that everything was not only working correctly, but working well. One of the things that we wanted to be sure about was making sure that we could monitor all aspects of the server from the fan speeds and internal temperatures to the hard drives and making sure that we could be alerted of any problems as early as possible. Most of the time, a potentially failing hard drive can be detected before it actually fails giving us time to replace it. But of course with a RAID redundant server, even a completely failed drive is not an issue and no data would be lost.

I also wanted to mention that all existing SecureBackup customers will be upgraded to the new servers and all of their existing data will be switched over to the new servers as well. This is going to be performed over the next couple of weeks.

We want to provide the best service possible and we know how important it is to provide a safe and secure backup environment for your precious data. We will be releasing a press release shortly regarding our new RAID backup servers.

We hope that with our continued efforts to improve our services that everyone will be happy to recommend SecureBackup.com to their friends, family, and business acquaintances.

With all of the advantages that online backup provides, there are some things to keep in mind when choosing an online backup service:

• Data Security
• Reliability
• Ease-of-Use
• Acquiring a Free Trial

Data Security
Data security is the most important thing to look for in an online backup service. If your data is not secure, then there is really no point in having a backup in the first place. There are two main aspects of security that are important in the world of online backup.

The first is backup server security. Imagine the chaos and worry if a hacker broke into your backup server and deleted your backups. In order to prevent something awful like this from happening, look for an online backup service that provides secure TLS/SSL server connections. This keeps your password secure and also prevents a “man-in-the-middle” attack which allows a hacker to corrupt your data.

The second security issue to be aware of is backup file encryption. Some businesses have highly sensitive data which must be protected. For example, doctor’s offices are required to maintain patient privacy; their main concerns are with HIPAA compliancy. Other businesses, such as software developers, want to protect their trade secrets; they don’t want their source code falling into the wrong hands. AES file encryption provides protection against these risks, so be sure the online backup service offers this important feature. AES encryption is superior to other forms of encryption; it is the new standard adopted and deployed by the U.S. Government to protect classified information. It keeps confidential information, confidential.

Reliability
There are a number of things that can go wrong with backing up your data, especially when it takes place over an Internet connection. For example, an Internet connection could fail in the middle of a backup resulting in a faulty copy of the data stored on the backup server. To avoid this scenario, a good backup service will ensure that the data is verified not only before it is transmitted over the Internet but afterwards as well.

If data is not verified after it has been uploaded to the backup server, you may not know about a problem until you try to restore it. This would defeat the whole point of having a backup in the first place. Ensuring that the backup service provides full file verification will save you time, aggravation, and money in the long term.

In addition to full file verification methods, you want to ensure that your online backup service provides RAID redundancy. A RAID redundant backup server prevents data loss when a hard drive on a particular server fails. Look for a service that provides RAID-1, RAID-5, or RAID-6 redundant servers to help prevent this from happening and to protect your backups.

Ease-of-Use
Ease-of-use is a given when choosing an online backup service. After all, the backup software is your interface to protecting your valuable data and you need to be comfortable using it. If the service offers backup software with a “set-it-and-forget-it” interface, you will be able to run your backups automatically and never have to worry about them again. Typically, you want to be able to schedule your backups to run at night when nobody is in the office.

You don’t want software that automatically chooses the files for your backup set. You also don’t want software that places restrictions on the types of files that you are allowed to backup. Being able to select specific files and folders to backup is important for your business. Selecting these files and folders should not require anything more than clicking on a few checkboxes within the software.

Another important aspect concerning what makes an online backup service easy-to-use has to do with restoring your data in the event of data-loss. Connecting to your backup server and restoring your data should be fast and simple. The last thing anyone wants to deal with is spending time restoring data with a slow and unresponsive server.

Acquiring a Free Trial
No matter which online backup service you choose, you want to take it for a test drive before committing. Often, there is little in common between online backup services; you want to be confident in subscribing to the best online backup service for your particular business needs. When you find a service that meets your requirements, take full advantage of a free trial offer if there is one offered. Keep in mind it is all about ease-of-use and quality of service. An online backup service that provides a free trial indicates that they are confident in their services and that they are willing to prove it to you for free.

Be responsible. Provide your business with a true sense of security. Answer the question “Got protection?” with a confident, resounding “Yes!” When it comes to protecting your business from a data-loss disaster, you need to consider the advantages that a secure online backup service provides.

Backing up your data online is the easiest way to protect your company’s irreplaceable assets. Unfortunately, some businesses don’t realize the importance of backing up their data until it’s too late. The statistics are quite alarming. According to the U.S. Bureau of Labor and the National Archives in Washington, 60% of companies that lose their data close down within 6 months and 93% close their doors within 5 years.

Fortunately, backing up your data doesn’t have to be as complex as it once was. When you back up your data online, all you need is an Internet connection and backup software. Keeping track of full, differential, or incremental backups is no longer necessary. And, manually storing your backup media offsite to protect against fire, theft, and natural disasters, is no longer a concern.

According to recent surveys, more and more businesses are choosing an online backup solution for their data protection needs for a multitude of reasons! There are several advantages, including:

• Critical business data is automatically stored offsite.
• No need for additional hardware and storage media.
• There are no backup device or media failures to worry about.
• You don’t need to maintain or rotate backups.
• All you need is an Internet connection and backup software.

With an online backup solution, you will be relieved from worrying about purchasing, installing, and maintaining any additional hardware. You won’t need to worry about the shelf-life of your backup media. You may not even need someone from the IT department to help you get started. All you need to do is ensure that your computer or office network has an Internet connection. Then it’s simply a matter of installing the online backup software. After this, you can start backing up your data immediately and confidently.

The inherent beauty of an online backup solution is that your data will be automatically protected from fire, theft, vandalism, flood, and other types of natural disasters. This is due to the fact that your data is already stored on a remote backup server. In the past, businesses hoping to protect their data from physical disasters may have used tape backup devices. They would store their tapes in safe-deposit boxes which are located offsite, typically, at a bank. This does keep data stored offsite but requires the inconvenience of transporting the tapes to that offsite location. In addition, these types of backups must be rotated to replace older backups with new ones. With an online backup service, however, your business will have the convenience of readily available backup data that is already safely stored offsite.

SecureBackup Website

We started our Search Engine Optimization (SEO) campaign in early March 2009 and are pleased to see that we are currently ranking in the top 3 for online backup, secure online backup, online data backup, secure online data backup, secure online file storage, and online data storage. There are probably some other terms that we rank well for but I haven’t looked.

Marketing an online backup business in this day and age is not always cheap or easy to do but we are pleased with the results so far. Nothing is guaranteed in the world of SEO, page rank, position, or Alexa Pagerank. And our rankings will fluctuate with time so this is, of course, an ongoing effort. Just got a little excited to see how well we are ranking these days and wanted to share it.

Secure Online Backup

It’s been a while since I posted in reference to my “Secure Online Backup” series. In my, “What Makes an Online Backup Solution, Secure?” post I wanted to address the need to keep servers patched, so here it goes.

Patches are an important part of server reliability and security. There are two types of patches that should be installed as soon as they become available. This is especially true for servers that are “serving” information over the Internet. The first type of patch that we should be concerned about is one that fixes errors within the software running on the server. A particular piece of software could have some issues that keep it from functioning properly. If it crashes or has a memory leak or some other type of issue, it may affect the server somehow. This is less common with modern servers today but could still be an issue for software that doesn’t deal with memory leaks properly. Probably the most important reason for patching software is that it may be tied in with a service that is “served” over the Internet. This is especially true on Linux. So patching software is an important part of server reliability.

The second type of patch that we need to be concerned with are security patches. A security patch fixes a known vulnerability or exploit. Often times, these patches are created in response to a known threat. This means that a server may not always be 100% secure due to the fact that a malicious party may know about the exploit before anything is ever done to resolve it. As previously stated, software companies often release security patches *after* a known vulnerability or exploit has been discovered. It is good practice to install security patches immediately.

In addition to security patches, it is often desirable to have a server that only serves a limited number of services. For example, a backup server only needs to provide the necessary services to allow backups to be performed. If it starts providing additional services, such as email for example, the server will also need to maintain patches for its email services. This can make the server less secure due to the fact that more potential vulnerabilities and exploits can be used to gain unauthorized access.

The SecureBackup backup servers only “serve” data backup services. This makes the service as secure as it can be in terms of vulnerabilities and exploits.

Secure Online Backup

In the “What Makes an Online Backup Solution, Secure?” post, I wanted to address server-side eavesdropping so I’ll do my best to describe it in “English”.

Your online backups are only as secure as your password. What a lot of folks don’t realize is that entering a password online, even with SSL encryption and an HTTPS connection, is not 100% secure. You may wonder why this is so. Afterall, online banking uses SSL encryption when you access your bank account online. Well, the reason why it’s not 100% secure is due to the fact that SSL only encrypts the communication between your computer and the server. Once data enters the server, it is no longer secured by SSL. This is because the server needs to interpret whatever data you sent from your browser to the server. So the data on the server is open to eavesdropping. I’ll be honest and say that eavesdropping is not an easy thing to do. In theory, you first need to gain access to the server. Secondly, you need to install a program on the server that “listens” or “scans” for this type of information. Both of these are hard to do and there measures that a Server Administrator can put in place to help prevent this but it’s still not 100% secure.

SecureBackup avoids the problem altogether by the way in which it was designed. We don’t have a copy of your password so you don’t need to enter it online. Your password is created on your computer and is never transmitted across the Internet. This provides for a level of protection above and beyond what SSL alone can provide. If no password is ever transmitted, no password can ever be intercepted.

This is why SecureBackup requires you to sign up for service within the software rather than online. The main idea here is that everything is created and encrypted right on your computer.

Your Password is Your Security

As mentioned in some of my other posts, your online backups are only as secure as your password. If you want to keep them from prying eyes, you need to safeguard your password. With SecureBackup, we have done what we can on our end to protect it. Secure password protection is the key to having a secure, online backup service.

Secure Online Backup

In my “What Makes an Online Backup Solution, Secure?” post, I touched on the fact that an online backup service should never offer a password recovery option because it can subject your password to discovery. I should also have mentioned that some backup services offer an encryption key recovery option instead, which is just as dangerous.

An encryption key is typically a series of bytes generated from your password. So if you had a password that was say, “password123″, it would be transformed into an encryption key. The encryption key is what is used to encrypt and decrypt your files. So whether we are talking about password recovery or encryption key recovery, it is essentially the same thing.

I’ve seen quite a few online backup services offer some form of recovery. Yet these services claim that your backups cannot be viewed by anyone but you. This is simply a misleading statement on their part. The reality is that if the backup service provides a recovery method for your password or encryption key, your backups are at risk. Afterall, a malicious party could claim to be you, provide the right credentials, and then get your password handed over to him, or he could find a way to get your password by hacking the recovery system itself. Either way, your backups are compromised because your password is the only thing protecting them from prying eyes. If you really want to be secure, the online backup service should not have a copy of your password and should never offer a recovery option of any kind.

SecureBackup was engineered from the ground up to be as secure as possible. We simply don’t have a copy of your password or file encryption key stored anywhere. Even if someone held us at gunpoint demanding your password, we wouldn’t be able to provide it. Now you may wonder if we would take the bullet for you? Quite honestly, we wouldn’t have a choice.

Secure Online Backup

As promised in my “What Makes an Online Backup Solution, Secure?” post, I’m going to answer some questions and concerns regarding SSL/TLS backup server connections.

There isn’t a whole lot of difference between SSL and TLS. They both provide a mechanism to secure the communication channel. In terms of transmitting data over the Internet, SSL/TLS connections protect your data from being viewed or modified during transit. This is accomplished through data encryption and digital signatures. Digital signatures ensure that the data has not been altered and prevent “man-in-the-middle” attacks.

In the world of online backup, this ensures that your backup files arrive at your backup server without being intercepted and possibly modified along the way.

SecureBackup pre-encrypts your files using 256-bit AES encryption before they are ever even sent across the Internet. This allows them to be stored securely on the server. However, SSL/TLS adds another level of protection over pre-encryption alone. Not only does it prevent man-in-the-middle attacks, but unlike an FTP backup solution, it also protects usernames and passwords from being intercepted by a malicious party. For example, FTP sends passwords across the Internet in plain text!

Choosing an online backup solution that provides TLS/SSL backup server connections allows for an added level of protection for your data.

Secure Online Backup

I’m glad you asked! I can tell you one thing that makes backing up your data to an online server “secure” and that is that you would have an extra copy of your data stored online in case something bad happened. This would, in theory, protect your data from fire, flood, hardware failure, natural disasters, and other physical forms of data corruption. However, it wouldn’t protect your data from being hacked, downloaded, deleted, viewed, or corrupted. Actually, just storing data online may give you some peace of mind but your data is not necessarily “secure”.

In order for your backups to be secured on a remote server you need to take into account several factors. For example:

Server Security

Are the connections to the backup server secured with SSL or TLS?

Does the server have the latest patches installed to help prevent it from exploits?

Is the server adequately firewalled to prevent unauthorized access?

Does the server have a mechanism to deal with Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks?

Is there a network Intrusion Prevention System (IPS) in place?

Is the data center that houses the server itself, secure?

These are some of the concerns regarding the backup server, but there are other aspects to securing your data such as the backup software and the service.

The Backup Software

Does the backup software use strong file encryption such as 256-bit AES?

Are the password keys generated using SHA-256, SHA-384, or SHA-512 as recommended by the National Security Agency?

The Online Backup Service

Does the service require you to enter your password in a web page form making it prone to server-side eavesdropping and discovery?

Does the service offer a password recovery option which also subjects your password to discovery?

Over the next few weeks, I’m going to address some of these questions and how they relate to the SecureBackup service.