Security FAQ: Backupify/Datto SaaS Protection

Follow

Topic

This article answers frequently asked questions about Backupify and Datto SaaS Protection security considerations. 

Environment

  • Backupify for G Suite
  • Backupify for O365
  • Datto SaaS Protection for G Suite
  • Datto SaaS Protection for O365

Description

User Error

By using Backupify/Datto SaaS Protection, your organization has significantly decreased the risk of data loss due to hardware failure. However, user error (the second largest cause of data loss) still exists. Backupify/Datto SaaS Protection protects against user error, allowing your organization to keep a second copy of all your important G Suite and O365 data.

Built-In 256-bit encryption

These encryption methods apply only to Backupify and Datto SaaS Protection products. Click here for information on encrypting backups on a Datto BCDR device. 

At every step along our data-replication process, Backupify/Datto SaaS Protection uses 256-bit encryption. In particular:

  • All authenticated user interaction with the Backupify/Datto SaaS Protection application
  • Logging in
  • Configuring services
  • Altering settings
  • Accessing archived data

Backupify/Datto SaaS Protection encrypts your duplicate archives. For every new account created (each email address), our system automatically generates a unique AES 256-bit encryption key for that user. All data written for the user is encrypted with that key prior to storage. Data remains encrypted both in-transit and at-rest.

Private keys

Upon retrieval (e.g. when a user views/downloads Archives through the Backupify/Datto SaaS Protection Web interface), the key is used to decrypt the stored data. All users’ AES keys are stored on the Backupify/Datto SaaS Protection production system and the central list of keys is encrypted with Backupify/Datto SaaS Protection's master RSA-2048 private key.

Internal controls

Backupify/Datto SaaS Protection grants access to stored data internally using the “principle of least privilege” through appropriate roles and only on a “need to know” basis and manages its systems in line with security industry best practices, including the ISO 27000 series and NIST Security Publications.

Additional Resources

-

To contact Backupify/Datto SaaS Protection support, click here to submit a Support Request, or click here for more contact options.


Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Head on over to our Community Forum!