Not all (Public) Clouds are Created Equal


When you talk about data protection, the idea of encryption is going to come up, probably sooner rather than later. There’s a good reason for that. If you want to keep your data safe, it has to be encrypted. 

Even with today’s super-sophisticated technology, data protection is as much a concern for IT managers as ever. In fact, according to recent research by The Enterprise Strategy Group (ESG), information security initiatives rank as the most important IT priority. And not far behind that priority is improving data backup and recovery. Put those two priorities together and the need for encryption becomes paramount. The bottom line? Without encryption there is no data protection.

Many IT managers tend to focus on data “on the corporate floor”; that is, the data that’s housed at headquarters. Of course, that’s important. But these days, with so many employees on the go and using a variety of devices, there is more data outside the “corporate walls” that requires protection as never before. And what about all of those branch and remote offices?

With so much data in so many different places being moved around by so many types of devices, it’s clear that encrypting data should never be an afterthought. And with so much backup activity happening in the public cloud, it’s important to recognize that not all clouds are created equal.

EMC Mozy uses world-class encryption to protect data—before, during, and after backup. With the Mozy service, your data is protected by encryption even before it reaches the cloud. Mozy encrypts data before it ever leaves the device, whether that’s a desktop, tablet, smartphone, or server. Not only is your data secure before it leaves your machine, it’s secure during the transfer process across the wire, and while at rest in the cloud.

With the Mozy service, your data is secured using 256-bit AES encryption. AES is an industry leading 256-bit encryption algorithm that has become the de-facto standard for governments in encrypting both secret and top secret information. AES is one of the most widely supported and utilized algorithms for encryption.

When it comes to enterprise encryption, Mozy provides two types of encryption to protect your data, and you determine which one to use during the installation of the Mozy software. Whichever you choose, that encryption is permanently associated with the files stored in the cloud.

Here are the differences between the Mozy encryption keys:

Personal encryption key

The user enters a passphrase that is used to create the personal encryption key. Each user creates a unique key. The Mozy personal encryption key uses 256-bit AES encryption and requires a passphrase, which is known only to the user. When you download files, you are required to supply the passphrase. Mozy does not have access to your personal encryption key and cannot decrypt files for you.

Corporate encryption key

The administrator enters a passphrase that is used to create the corporate encryption key. You can create a key for all users in the company or a unique one for each user group. To protect against unauthorized access to the corporate encryption key, Mozy assigns a shared secret that is used to encrypt the corporate key file using the Blowfish algorithm. This two-step process ensures that your encryption key is secure. Corporate encryption keys are shared among all users in your organization or within a user group and can be distributed to the local computers or stored on a network server for users to access.

There are a number of cloud-based backup services out there, but they are not all created equal. Not only do many popular cloud-based backup services fail to implement such high standards of security as EMC, but some fail to encrypt your data in a fully secure manner. And when it comes to protecting your data, you don’t want pretty good encryption. What you’ll get with EMC Mozy is an entirely different cloud—with best encryption available.

About the Author: Brian Heckert