Data Encryption before uploading
We support three different Encryption algorithms.
DES - Having a
key length of 64 bits, 56 are used as a key, while the remaining eight
are used to check for errors. The user selects which one of more than 72 quadrillion
transformation functions are to be used by selecting a 56-bit key. The theory
behind the security of DES has been that, short of trying all 72 quadrillion
combinations, there is no way to "break" the algorithm.
Triple DES (3DES)- To increase the security of DES, you can use "triple DES" - or three operations of DES with two keys to protect data.
Blowfish - Unlike DES, however, the Blowfish algorithm has a variable key length, which can be extended from 32 bits to 448 bits. Blowfish continues to gain acceptance in the marketplace because is faster and more secure than DES.
We ensure data security by following methods,
Communications
Since the information
is transmitted across the Internet, the communications
between the user and the server should be encrypted to prevent a malicious
person from intercepting data as it is transmitted over the Internet. As part
of the
initial connection procedure, the client software negotiates a compatible
set of encryption methods before sending any user information or data to the
server. This ensures that all user communications during the entire backup
and restore process are completely encrypted.
Storage on Server
When the encrypted backup
data has be successful received by the server, it is
immediately stored on the disk in the encrypted format and the filenames are
further encrypted to make it more difficult for someone to identify the user
data
on the server. Data must be encrypted while stored on the server to prevent
from an unauthorized user from accessing your data files and to protect the
data
in the event of the physical storage devices being obtained by an unauthorized
third party.
Storage on Client
Important information
such as the user's password must be stored on the client
computer in order to facilitate the logon process to the EZVault server.
This password and other important information is stored on the client system
in
an encrypted format that can only be read by the client application.
User Authentication
User authentication is
perform immediately after the encrypted connection
between the client and server has been made. The client software sends the
username and password to the server to be validated against the Windows NT
user database. This method of user authentication provides a robust and secure
method for managing users. Using the Windows NT user database provide a
standard secure database of users with the ability to quickly validate users
against this database.