Is Your Online Data Storage Secure?

Posted by trycmcw

June 18, 2008

Online backup is growing in popularity as an easy, safe, and inexpensive part of businesses’ disaster recovery plans. Before implementing such a program, you need to be sure that your backup provider offers a secure environment for your data.

128-bit Secure Socket Layer

When you connect to the remote backup server over the internet, you are sending your data over the largest public network ever created. It’s like shouting sensitive company information across a crowded restaurant.

However that doesn’t mean your data is unsafe as long as the connection is through an encrypted channel. The standard for internet encryption is the Secure Sockets Layer (SSL). This is a set of cryptographic standards that scrambles your data during transmission. Even if someone is eavesdropping on your data as it is being sent, all they get is gibberish. The data is unscrambled at the other end so that the server can store your data.

In its original implementation, US government restrictions on cryptographic technology limited SSL to 40-bit encryption. That meant there were 2^40 or approximately a trillion different possible encryptions that a transmission could use. This is actually a very small number and it was possible, although difficult, to crack this encryption.

Today, SSL uses 128-bit encryption which provides approximately 3.4 x 10^38 or 340,000,000,000,000,000,000,000,000,000,000,000,000 different combinations. To put that in perspective, if one million copies of the world’s most powerful super computer all worked on cracking this code simultaneously, it would take 880 billion years for them to succeed.

Encrypted Data Storage

SSL protects only the transmission from eavesdroppers. What if hackers break into the remote server that holds your data?

To provide an acceptable level of security, the provider should encrypt all data storage as well. That means that without your password to unlock the encryption, the files they could get would be unreadable.

Because of the way encryption works, there is no reason for your password to be kept on the remote data storage servers. To get to your data a hacker would have to get access to your password as well as break into the remote system.

IP Access Restrictions

A final piece of security that not all remote data storage hosts offer is the ability to restrict access to only certain IP addresses. When you connect to the internet, you are given an IP address. Whenever data is sent to you from a remote site, your IP address is how it finds you. It is your identification to other computers on the network.

The remote host can prohibit access to anyone not coming from an address you have approved. That means that even armed with your password, an intruder couldn’t read your backups unless he was working from a computer within your organization. As long as these security protocols are in place, online file storage is safe from unauthorized access.

Author is a freelance copywriter. For more information on Data Storage services visit http://www.offsitebackupsolutions.com.

Data Recovery