Security Friendly Features

When you connect your office to the Internet, you open up the perimeter of your network and are exposed to a world of security risks. Backup for Workgroups is designed with your security issues in mind. Precautions have been taken to protect your data from unauthorized view or access. When you use Backup for Workgroups, you will be able to backup and restore your data without unnecessarily exposing your data to further security risks.

• Backup Clients do not open any ports and do not accept connections from your network. 
  It is important that when you install new applications, you know if they are opening up your computer’s ability to accept connections from outsiders. When applications open up a port they are exposing your computer to unauthorized connections through your network and to outsiders when your network has Internet access. Hackers commonly use automated tools to port-scan computers for these vulnerabilities. When hackers use a port-scanning tool, they can find and exploit open ports and gain access to your data and use your computer for their vices. The Backup Client software does not open any ports to communicate with the Backup Server.

• Backup Clients do not broadcast their existence over your network.
  Backup Clients do not broadcast any information about themselves over your network. The Client will only connect with the Backup Server that you tell it to communicate with. Since the Client software does not accept connections, a hacker cannot gain access to your backup data through the Client.
  
  Some client/server backup products require their backup clients to broadcast their existence, user name and password to the network and the Internet. This exposes you to hackers who can connect to the client computer, gather data about them, and use this information to trick the client into sending its backup data from their computer to the hacker. Rest assured that Backup for Workgroups has built-in security features to protect your data.

• Outsiders cannot hijack your data.
  Backup for Workgroups operates according to a Client-initiated backup. Only the Client can start a backup or submit restoration requests.  Because the system operates in this manner, a hacker cannot trick a Client into sending the hacker any of its files.
  
  Some client/server based backup products control the backups from a central server, meaning that anyone who is on the network with these Clients, including the Internet, can use the Client software to request your files. They do this by impersonating the Backup Server, and then they use the Client backup software as a hacker’s agent to pull the client files from your computer and deliver them to the hacker.

• User account passwords are not transmitted over your network with each backup or restore.
  Backup for Workgroups does not send the Clients’ passwords over your network upon each backup. To prevent sending your passwords over the network, the Backup Server requires you to create the Client account before the Client can login.  Both the Backup Server and the Client require you to enter the appropriate Client name and password information separately. Your password is validated using a token that is passed between them to avoid exposing any of your Clients’ passwords should a hacker use a line sniffer on your network or through the Internet.

• Data is encrypted at the Backup Server.
  You can select the level of encryption that you want to use. Backup for Workgroups supports three types of encryption methods: AES 256 bit encryption, Blowfish 56 bit encryption, and file scrambling. The Backup Client performs the encryption process before sending your backup data over your network to the Backup Server.  This protects your data from “line sniffers” – hackers who use tools to listen and watch your network activity. Additionally, the files are stored at the Backup Server in this encrypted format to prevent hackers from reading files directly from your Backup Server.

• Filenames are obscured when stored at the Backup Server.
  Backup for Workgroups stores the backup files under an encoded filename to prevent unauthorized people from learning information from the actual filenames.  For example, a file named “Payroll.xls” draws unnecessary attention because of its descriptive nature. In the Backup Server, the Payroll file may be called “affe2000004c8-00000000000001c1-c171eff1.1”. When encoded, the file does not stand out.