Encryption Overview
In today’s computing environment, businesses are relying on computers to perform daily business activities as well as mission critical functions. The use of computers in business is essential to maintain a competitive edge is almost any marketplace. As smaller companies begin to realize the benefits of computers for bookkeeping, customer databases, word processing, e-mail, scheduling, research and web sites, the need to have a backup copy of this data becomes more important. Research has shown that more than 80% of the businesses suffering from catastrophic data loss have gone out of business with 12 months. This is not hard to believe considering the extent computers are relied upon in businesses of all sizes.
The issue of data protection is not a new issue, but has been more of a large corporate concern because many smaller businesses did not have the computing systems that were in use by larger corporations. Today, with the low cost of computers and the easy access to the Internet businesses of all sizes have the ability to utilize computers for many important job functions. Small businesses rely on computers to automate and simplify tasks in order to reduce the costs of running a business. This make any loss of data a significant business risk. With secure offsite storage capabilities offered by CentralDataVault, a small businesses can automatically protect their data on a daily basis to ensure continuity.
Encryption
When proposing the benefits of offsite storage using the Internet as the communications medium, customers may raise a concern about the security of their data. Whenever data privacy is an issue, some type of encryption needs to be employed to insure that the data can only be accessed by customers with the correct access codes. Encryption allows a customers to specify an access code or password which is used to make computer data unreadable to anyone without the correct password. There are hundreds of encryption algorithms available today, but a few stand out as industry leaders. The DES algorithm is a popular algorithm that has been used by the U.S. Government as the standard encryption algorithm. Another algorithm gaining popularity is the Blowfish algorithm which allows a more powerful encryption and faster performance than DES. These encryption algorithms are available in CentralDataVault.
DES
Adopted in 1977, DES is based on a conventional or secret key system in which the sender and the receiver use a single key to encrypt and decrypt data. The sender uses the key to convert the data to scrambled format according to a complex mathematical algorithm, and only customers with the correct key can successfully decrypt the data.
Having a key length of 64 bits, 56 are used as a key, while the remaining eight are used to check for errors. The DES algorithm will encrypt data in the same amount of space used by the original data. The user selects which one of more than 72 quadrillion transformation functions are to be used by selecting a 56-bit key. The theory behind the security of DES has been that, short of trying all 72 quadrillion combinations, there is no way to "break" the algorithm.
Triple DES
To increase the security of DES, some organizations use "triple DES" - or three operations of DES with two keys - to protect data. This method, however, requires more processing power which may affect performance.
Blowfish
Blowfish was designed in 1993 as a fast, free alternative to DES. Unlike DES, however, the Blowfish algorithm has a variable key length, which can be extended from 32 bits to 448 bits. Blowfish continues to gain acceptance in the marketplace because is faster and more secure than DES.
The CentralDataVault Process
With CentralDataVault, there are several places where encryption is used to ensure that the user’s data is secure.
Communications
Since the information is transmitted across the Internet, communications between our customers and the backup server is encrypted to prevent a malicious person from intercepting data as it is transmitted over the Internet. As part of the initial connection procedure, the CentralDataVault client software negotiates a compatible set of encryption methods before sending any user information or data to the server. This ensures that all user communications during the entire backup and restore process are completely encrypted.
Storage on Server
When the encrypted backup data has been successfully received by the backup server, it is immediately stored on the disk in the encrypted format and the filenames are further encrypted to make it more difficult for someone to identify the user data on the server. Data is encrypted when stored on the backup server to prevent any unauthorized persons from accessing your data. Not even CentralDataVault staff members can access your files when an encryption key is used.
Storage on Client
Important information such as the user’s password must be stored on the client computer in order to facilitate the logon process to the CentralDataVault server. This password and other important information is stored on the client system in an encrypted format that can only be read by the CentralDataVault application.
User Authentication
User authentication is perform immediately after the encrypted connection between the client and server has been made. The client software sends the username and password to the server to be validated against the backup server’s user database. This method of user authentication provides a robust and secure method for managing and authenticating customers.
Summary
With today’s encryption technology and the accessibility of the Internet, smaller businesses can enjoy the level of data protection that was only afforded by large companies. Offsite storage of data provides a safe haven to protect small businesses from catastrophic data loss. The appropriate use of security measures, such as encryption, helps to ensure customers that their data remains private throughout the entire CentralDataVault process.
About The Argeis Technology Group
Founded in 1999, The Argeis Technology Group is a Vancouver, BC based IT services and support organization. Over the past six years, we’ve been assisting our clients in achieving their business goals through the effective use of technology. We provide complete solutions, quality products, and unparalleled service in such areas as custom program and web development, network and system support services, and backup and recovery solutions. Argeis is your professional technology business partner.
