When we get requests for our premium email products from large corporations we often are asked about our Backup process. This is something that a lot of people don’t really think about so I thought that I would cover this on my blog to educate our existing clients as well as potential customers.
Our secure, offsite data backup system, custom built using Amazon.com’s Amazon Web Services, avoids the performance pitfalls of transportable media backups (e.g., tape, optical) without needing to rely on a local storage area network that would sacrifice the advantages of offsite data. It is also faster than traditional file-based backup systems because it is application aware and able to more efficiently determine which files and attributes need to be stored and which do not. This makes restoring data as fast as possible.
Every night, new emails and attachments on the mail storage servers are compressed and encrypted. These copies are then transmitted to Amazon’s Simple Storage Service (S3). The backup proceeds in parallel, with each mail server connecting directly to S3, backing up messages that have arrived since the previous night’s backup. Amazon’s S3 automatically distributes copies of backup data to multiple data centers, thus ensuring high availability of backup and restoration services.
How Long Do We Store Backups?
Another question we get from time to time is how long do we store backups of email. Backups are retained for 14 days; if a message was deleted from the system 13 days ago, but the email was present for the nightly backup 14 days ago, the message can be restored. This can be done via your control panel by the system administrator.
Individual folders or entire mailboxes can be restored to either the original mailbox or to an alternate mailbox. This allows greater flexibility for email administrators and email users in recovering an important email message.
What about Security for Backups?
Email integrity and access controls are a vital component when considering offsite backup storage. It must be ensured that message contents are intact and that only authorized parties can access messages stored in the backup system.
Protecting message contents from being viewed by unauthorized parties is accomplished via encryption with the AES-128 (Rijndael-128) algorithm. AES-128 encryption is recognized by the U.S. federal government as acceptable for government documents considered “Secret” level. As a further protection, each mailbox is assigned a unique, secret key used for the encryption of that mailbox’s data.
After the message has been encrypted, the well-known MD5 algorithm is used to generate a signature. When the message is accepted by the backup system, the MD5 process is again completed and the two signatures are compared. If the message has changed during its transport to the backup system, the system simultaneously starts a new transfer to get the data moved to the backup system and lets system engineers know about the event. In this way, message contents are assured to be stored unchanged.
Finally, to prevent the possibility of email address harvesting from the backup system, the IDs associated with the encrypted mail stores are long-digit random numbers. Only by using protected data at separate facilities can individual users be associated with a given backup email store. In combination with individual encryption keys, this creates a “silo” for each user’s email data, distinct and protected from other users’ information.
Want to Know More?
If all of this has peaked your interest and you would like to know more about Pleth Networks Premium Email Solutions you can visit our website: http://www.pleth.com/services=email_overview.htm or request a proposal online: http://www.pleth.com/contact=request_proposal.htm.
Nice website, a lot of really good information here for web developers and hosting companies alike!!