Backup365 security overview

When we starting designing Backup365 in 2017, we were (and continue to be) 100% committed to our customer being an MSP. We wanted to deliver something that worked like they worked, and would provide an easy to deploy, secure and reliable solution for backuping their customers data as it moved to cloud services such as Office 365.

Backup365 has been architected with the following design values and priorities:

Guiding Lights…

  • MSP’s User eXperience guides our design and features
  • SMB’s cloud choices guide our cloud backup selection
  • Backup everything – delete nothing

Technical Considerations…

  • High fidelity backups -- High fidelity restores.
  • Scalability, Security, reliability transparency at the core of all services.

How does Backup365 secure my data?

Backup365 have strict protocols in place to ensure the privacy and security of our customer’s end user data.

  • Customer data: All data is stored encrypted in S3 and access is protected by Amazon's security and is limited to only those with access to the AWS console. All of the email data stored in S3 is encrypted and has the same security afforded by KMS as the password storage (see below).
  • Passwords/Keys: All passwords storage, and encryption keys are managed using Amazon's Key Management Service (KMS). The key is generated using KMS and stored encrypted in S3. The plaintext version of the key is never stored on disk. When the key is needed, a request is sent to KMS to decrypt the key. The plaintext key is sent back to the program, which uses it and then deletes it. This ensures that the plaintext key is only stored in memory for the shortest time possible.
  • Users do not know, or have access to their customer impersonation credentials as they are generated by Backup365.

Backup365 Data Centre

Backup365 stores customer data on Amazon S3 providing a highly durable storage infrastructure designed for mission-critical and primary data storage. Objects are redundantly stored on multiple devices across multiple facilities in an Amazon S3 Region. To help better ensure data durability, Amazon S3 PUT and PUT Object copy operations synchronously store your data across multiple facilities. After the objects are stored, Amazon S3 maintains their durability by quickly detecting and repairing any lost redundancy.

Amazon S3 standard storage offers the following features:

  • Backed with the Amazon S3 Service Level Agreement
  • Designed to provide 99.999999999% durability and 99.99% availability of objects over a given year
  • Designed to sustain the concurrent loss of data in two facilities

For further information on the data centre controls and compliance, please review "Backup365 (AWS) Data Centre" article.