Security

Security Features

The Data Authority Remote Backup Vault (RBV) utilizes a backup appliance (or “vault”) and back-up software installed on each server or computer to achieve full point-in-time backups of client data. An optional locator service is provided by Data Authority to enhance portability of the RBV, and to ensure ease of setup and configuration on a LAN. Backup data is never transferred through the locator service.

Secure “Agent” Architecture

Our client-server architecture requires that an agent be placed on each endpoint. Since the agent runs on the local machine, it has direct access to the system so data does not need to be exposed to the local network.

SSL Encryption “Across the Wire”

Data transferred between the client and Data Authority is protected by SSL encryption. The web-based Manager, accessible through a standard web browser, is also secured using SSL.

AES 128 Bit Encryption on the Disk

Data on the RBV disks can be optionally encrypted using 128-bit AES. A system-wide encryption key is used to facilitate common file elimination (CFE) across all clients, saving storage and bandwidth.

Client Key Regeneration

Client installation requires a client key generated in the Manager. This associates a specific client with a specific RBV. Client keys can be regenerated if desired, ensuring that previous keys cannot be used to connect a new client to that appliance.

Client Authorization and Activation Required via Manager

Once installed, an endpoint becomes visible in the RBV Manager interface with a “pending” status. The client is not operational until the System Administrator activates that client.

Restore Data Only to Source

Backup sets or data from a particular client are not visible or accessible to any other client, even within the same LAN environment. Backup set data from a particular computer may only be restored to the same computer, unless the secure, Client Recovery Procedure has been performed.

Secure Client Recovery Procedure

If a computer is reloaded or replaced, it is necessary to re-associate an old profile with a new piece of hardware. Once a client is installed, Data Authority provides the ability to “recover” the client by reassigning the backup sets and data from the “old” client to the “new”.