1. blocz IO
  2. Resources
  3. Backup Security & Compliance
Backup Security & Compliance

Backup Security & Compliance

Due to the multi-tenant nature of the cloud environment, security becomes a paramount concern of anyone trying to utilise the cloud for back and recovery of workloads. blocz IO ensures that data is secure at all times eliminating the risk of privacy breaches.

blocz IO Cloud Backup is a secure, reliable, agentless data protection software solution that encrypts data in flight and at rest using AES-256 encryption protocols.

blocz IO Encryption Advantage

  • FIPS 140-2 Certified – an independent third party certification
  • From handheld devices like tablets and smart phones to remote laptops or remote office or branch sites to central data repositories within the data centre
  • Key escrow management
  • Password rotation support
  • Data destroyed with certificate of destruction

You can choose from encryption options that range from DES 56-bit with an 8-character key, to AES 256-bit with a 32-character key.  blocz IO maintains backward compatibility of its software enabling users to access and retrieve data encrypted with DES 56-bit encryption in previous versions.

blocz IO Security Track Record

  • Zero breaches or compromised systems in over 30 years of operation
  • IANA-registered ports
  • All data stored in compressed and encrypted format
  • Digital signature for every file and block of data
  • Data on disk in self-describing format
  • Background Autonomic Healing and System Admin
  • Restorability Validation Process (digital signature check)

Password Management and Password Rotation.

Password management and password rotation supports security policies and procedures within data protection policies.  blocz IO Cloud Backup includes a feature that allows for auto generation of passwords. These passwords are changed at random for specific backup user accounts, preventing any unauthorised access to the account or the data.

blocz IO Compliance Advantage

blocz IO Cloud Backup supports a variety of compliance issues:

  • Disk-based, automated solution that runs quietly in the background with no human intervention – tape backups require manual intervention and thus are not compliant with regulations like Sarbanes Oxley (SOX),U.S. Health Insurance Portability and Accountability Act (HIPAA) and Gramm-Leach-Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI DSS), Basel II, Safe Harbour, Patriot Act, American Recovery and Reinvestment Act (ARRA) and others. Contact us for the full list of compliance requirements.
  • All backup data is aggregated, allowing for immediate recovery – traditional backup solutions are not centralised and lead to difficulties in obtaining and providing records to auditors in a timely manner.
  • Backup data is automatically & securely transferred offsite using NIST FIPS 140-2 certified security requirements via private or public cloud – traditional backup architecture requires additional 3rd party products or manual involvement when transferring data offsite on disk or tape and is thus not secure or reliable.

Foot Note: 1FIPS 140-2 is the standard for security requirements for cryptographic modules by The National Institute of Standards and Technology (NIST). NIST is an agency of the U.S. Department of Commerce. Federal Information Processing Standards Publications (FIPS PUBS) are issued by the NIST.

2The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources. Ports 4400 through 4406 are registered to Asigra and cannot be used by any other application.

Resources