Secure Online Backup

I’m glad you asked! I can tell you one thing that makes backing up your data to an online server “secure” and that is that you would have an extra copy of your data stored online in case something bad happened. This would, in theory, protect your data from fire, flood, hardware failure, natural disasters, and other physical forms of data corruption. However, it wouldn’t protect your data from being hacked, downloaded, deleted, viewed, or corrupted. Actually, just storing data online may give you some peace of mind but your data is not necessarily “secure”.

In order for your backups to be secured on a remote server you need to take into account several factors. For example:

Server Security

Are the connections to the backup server secured with SSL or TLS?

Does the server have the latest patches installed to help prevent it from exploits?

Is the server adequately firewalled to prevent unauthorized access?

Does the server have a mechanism to deal with Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks?

Is there a network Intrusion Prevention System (IPS) in place?

Is the data center that houses the server itself, secure?

These are some of the concerns regarding the backup server, but there are other aspects to securing your data such as the backup software and the service.

The Backup Software

Does the backup software use strong file encryption such as 256-bit AES?

Are the password keys generated using SHA-256, SHA-384, or SHA-512 as recommended by the National Security Agency?

The Online Backup Service

Does the service require you to enter your password in a web page form making it prone to server-side eavesdropping and discovery?

Does the service offer a password recovery option which also subjects your password to discovery?

Over the next few weeks, I’m going to address some of these questions and how they relate to the SecureBackup service.