Online Backup Security - Do You Know Your Provider's Security Policies?

Online Backup Security – Do You Know Your Provider’s Security Policies?

Box o DiscsSo you’ve decided that you want to have an offsite backup, and online backup is the way you want to go.

Many people look at the different options out there and make their decision on price or how pretty the website/software looks. There is nothing wrong with that, but if you are entrusting your sensitive information to a third party, you want to know that your data is protected.

Any cloud backup provider worth using should have a security page describing how they protect your data (if they don’t, that’s a good sign you should be looking elsewhere!).

For example, the service I personally use is CrashPlan. Code42 (the company that makes the software) has a comprehensive page about Security, Trust + Compliance. They talk about their encryption process, their physical setup, their certifications, and the compliance requirements like HIPAA.

Another popular service is Backblaze. They also have a security page, and there is another page specifically about encryption. You can even see how they design their storage pods.

When you’re evaluating online backup security, you want to look for things like:

  • What encryption do they use, and is it “in transit” (just encrypted when you upload and download) or “at rest” (encrypted on their servers)?
  • Can you use your own encryption keys?
  • Who has access to your information?
  • What certifications and compliance do they talk about?

If you use a different service, they should have a similar security page. Even if you don’t understand what the heck they are talking about, it is a good place to start asking questions from. If you feel like you are getting the runaround, it is time to start looking for another service.

(Photo by Janet McKnight)

About the Author

Brooks Duncan helps individuals and small businesses go paperless. He's been an accountant, a software developer, a manager in a very large corporation, and has run DocumentSnap since 2008. You can find Brooks on Twitter at @documentsnap or @brooksduncan. Thanks for stopping by.

Leave a Reply 1 comment

Craig Webster - March 2, 2015 Reply

Good post. I use Wuala for anything sensitive. It has client side encryption and cross server storage. On the Mac you can set it up to appear as just another drive. Downside is that it is not integrated with many (any?) iPhone / Android apps the way that Dropbox et all is.

Leave a Reply: