Do you have a secure online backup provider?

Recently, online storage space startup divShare announced on their blog a recent security breach by "a malicious user." Lucky for them, only basic profile information available through the database was accessed during the intrusion. But the important question here is what else could have been taken by a more skilled trespasser?

Many people think that backup is a simple application – what's so hard about backing up a PC?   I remember one of my MIT students grousing about Google's success: "Anyone can write a search engine," he said.  Backing up the data is not the problem. The problem is dealing with huge volumes, millions of database transactions, hundreds of thousands of customers, and all the complexity that this implies – all while making sure that there is 100% security.  Carbonite backs up over 50 million new files every day without losing any of them.  Like any other web site, we constantly get attacked by hackers, but we have enough security measures in place that these attacks are always unsuccessful. As I mentioned in a previous post, Carbonite was one of only two backup services that the guys at Heise Security weren’t able to crack. 

If you’re doing your engineering properly, online backup can be made to be extremely secure.  For instance, Carbonite starts with encrypting the data BEFORE it leaves your PC so that by the time we get it, it's already useless to an intruder in the very unlikely event that someone acutally gains access to our system. We also make sure that the authentication is rock solid, so that there are no "man in the middle" vulnerabilities.  And, we actually pay people to constantly test our defenses. 

After we get your encrypted files, we want to make sure that we don't lose them, so we store all your data on RAID-6 redundant arrays that are 36 million times more reliable than a single drive.  The main Carbonite data center is located in a "bomb-proof" building, alongside those of major Boston financial institutions and telco companies.

Online backup is a hot area right now and you'll see more startups entering the space over the next couple of years.  Not all of them will know enough about security to be really bullet-proof.  It isn't easy or cheap, but I can tell you that for Carbonite it's a live-or-die proposition. 


Dave
CEO, Carbonite

Posted on June 23, 2008 16:36 by Dave
Tags: , , , , , ,
Topics: Industry News
Actions: E-mail this post | Share: Add to Del.icio.us Add to Digg Add to Facebook Add to reddit Add to Technorati

Related posts

Comments

July 12. 2008 03:35

Jeremy Kenyon

Hi

You worry so much about a secure online backup, which is of course important. But the BIGGEST hole by far with Carbonite is that you do not back up all files, instead limiting it to only back up certain file types.

This is a very fundamental problem. I have heard the explanation that you can force Carbonite to back up files, but that is no practical use if you have to do it for every file / folder. What is so annoying is that there is no significant benefit to restricting the file extensions backed up. The saving in data is miniscule at best, but the loss in sales due to people passing on this disastrous flaw in Carbonite is huge.

You already have so many negative comments on the web because of this. Please please drop the limitation, post comments saying you have done so and then you would have by far the best solution. Until then though, Carbonite is not something anyone with any software development background would ever use, or recommend (and I am sure most of your customers will have come from an original recommendation from someone in the software industry - my entire family and lots of their friends use Mozy because of me).

File extensions are incredibly fluid and arbitrarily not backing up files because of their file extension is a guaranteed way that most users will be sadly disappointed if the worst happens.

Cheers
Jez

Jeremy Kenyon

Add comment


(Will show your Gravatar icon)  

  Country flag





Live preview

August 27. 2008 21:28

About | Newsroom | Jobs | Contact Us | Affiliate Program | Resellers
Privacy | Terms of Use  | ©2008 Carbonite, Inc.
HACKER SAFE certified sites prevent over 99.9% of hacker crime.BBBOnLine Certification: Carbonite Online BackupBBBOnLine Privacy Certification: Carbonite Online Backup