With ITRM’s Backup and Disaster Recovery (BDR), your data is encrypted — both at rest and in motion — through all stages of data storage and transfer. The backup agent encrypts all blocks transferred to the Continuum BDR appliance using the 256-bit Advanced Encryption Standard (AES). The encrypted backup is stored on the appliance and in the cloud, encrypted as received.
When the Site SBM appliance replicates data to the cloud, your already-encrypted Disk Safe data is transmitted using the transport layer security protocol (TLS). The geographically diverse data centers utilized by the Continuum Cloud infrastructure ensure that data is stored redundantly.
All access to data in the cloud is over a secure TLS connection. Recovered data can only be accessed using the previously established Disk Safe encryption passphrase.
When shipped, any data on a recovery drive is stored on an encrypted file system using AES 256-bit cipher, which is protected with a public/private key scheme. Disk Safes stored on this encrypted recovery drive also retain the original encryption protection established by the initially created passphrase.
State-of-the-art data centers
The data centers hosting ITRM’s BDR are SAS 70/SSAE 16-certified. This certification ensures adequate oversight for the processing of information and enables the ITRM’s BDR service to serve as a foundation upon which end customers can build their SAS 70/SSAE 16-compliant data processing and storage policies and practices. A SOC2 report detailing the organizational controls related to Continuum BDR security, data availability, processing integrity, confidentiality, and privacy is available upon request.
Continuum BDR security policy settings are based on established industry best practices that satisfy HIPAA technical safeguards, as defined by 45 CFR 164.304.