Most Important Job is to Secure Your Data
traditional backup systems do a good job of archiving data, they
do little to actually secure it. Portable backup media (tape cartridge, CD, DVD or USB disk) can easily be misplaced or stolen. Once in the wrong hands, your
confidential data is easily compromised.
Fortunately, the Dr.Backup online backup service does not suffer
from this shortcoming - and is a great tool to help you achieve HIPAA compliance.
We take great care to ensure the confidentiality, integrity and security of your valuable business data. We do this by implementing administrative, physical and technical safeguards including:
to leaving your PC, all of your valuable data is encrypted. By
employing military-grade encryption technology, we make it virtually
impossible for anybody to read your data - even if they were somehow
able to physically intercept it. The data leaving your PC is completely
protected at all times.
Our PC client software offers you the choice of multiple different
encryption algorithms including DES, TDES (triple DES), AES 128,
AES 192, AES 256 and Blowfish (default) with a variable length key of up
to 448 bits.
Each time the client software is installed, a unique encryption
key is generated. This key is loaded into the backup
program and used to backup or restore your data from the offsite
At installation time, you MUST record the value of this
encryption key and store it in a safe place. You alone are responsible
for securing and keeping your key private. As this key can be completely
random, Dr.Backup personnel do not know your encryption key value.
If for any reason you need to reinstall the backup client software
to recover data, you will need this key.
Remember, your password is NOT your encryption key!
the encryption key, nobody can access your information - not even
the employees of Dr.Backup. This
provides you with assurance that your data cannot be read by unauthorized
The Dr.Backup data vault is a network of purpose-built servers. Each server performs
only one function - securing your data. Operating system software
is mirrored on dual high-speed disk drives. Your encrypted data
files are stored on a Raid storage array equipped with hot standby
disk drives - which automatically activated in the event of a hard
disk failure. Critical system components are either redundant or spared onsite.
Our commercial firewall service employs sophisticated network port blocking and packet filtering techniques to prevent unauthorized access to the servers. Failed attempts to access the server are logged and reviewed by the system administrator. Remote administration of the server is performed using remote terminal software over an encrypted management link.
End users do NOT have an operating system account on any server and can perform no tasks other than backup and restoration of encrypted data files. In order to ensure the highest levels of security, we do NOT deploy public web servers on our production backup network.
Our backup office network undergoes independent PCI scan testing on a quarterly basis to comply with major bank credit card processing requirements.
Dr.Backup servers are collocated in an SSAE-16 Type II certified carrier-grade data center. Within this facility, all equipment is secured in a locked cage.
Security guards on premise provide 24x7 access control to the collocation facility. All visitors to the facility must be pre-authorized and escorted by a registered system administrator. Cameras and other security features are used to supplement the onsite security personnel.
Should your organization have the need for a second, secure and redundant offsite copy of your data, our backup software can be configured to meet this requirement.
Back to Top