Vorsite takes the security and privacy of sensitive business information seriously. This document provides an overview of the steps taken to protect data in its Cloud Backup application, both at rest and in transit.
Access to Data
At the highest level and by necessity, Vorsite will always have the same level of access to customer data that is implied by the permissions of the credential provides to us. In order to back up the data, Vorsite needs access to the data. However, Vorsite maintains a strict access policy and a set of industry-standard mechanisms for ensuring the privacy and security of backed up customer data.
Additionally, Vorsite Cloud Backup only restores data to the original mailbox or site to prevent a non-owner of the mailbox or site from accessing its data.
We do the following:
- Per-contact AES-256 encryption backed by RSA 2048-bit public private key certificates managed via the Windows/Azure infrastructure for both credential management and user content.
- Certificates are separated by both environment (production/testing) and value type (credential/content).
- Engineer access is controlled on a needs basis by role-based access to both the compute infrastructure and the certificate private keys. Only engineers requiring access to deploy or trouble-shoot production environments are granted access to those environments.
Security in Search
This is the focal point of the trade-off between security and convenience. Rapid return search is fundamentally at odds with end-to-end encryption of the searchable content. The trade-off we make is that we only index a small amount of each document’s metadata (e.g. folder path, subject, attachment names) and store the index in a separate area with its own role-based access, limited to the developers who work directly on the search server.
Leveraging Secure Platforms
To ensure the highest level of physical and virtual security Vorsite Cloud Backup is managed on Microsoft Windows Azure for 100% of our production server resources. These are all protected by those facilities’ physical and virtual security.
Security - Data at Rest
We utilize secure servers on Windows Azure for the stored data.
Credit Card Information
All transactions go through Authorize.net, so Cloud Backup does not require a credit card number stored on any media controlled by Vorsite.
Each element of sensitive user information that will be required to be known by a system for Cloud Backup is stored under AES-256 bit symmetric key encryption. The per-datum symmetric AES keys are themselves encrypted using a variable set of RSA 2048 bit public keys. The corresponding private keys are retained in Windows Azure certificate management stores and are available only to the systems that require them.
Access to the dependent systems, the certificates holding the private keys, and the decrypt functionality enabled by the private keys is programmatically logged, monitored, and governed by a strict access policy. After reception all sensitive user information remains encrypted at all times in memory on intermediate systems and when being transferred between systems. It is only decrypted on dependent service endpoint systems and then only to do the necessary authentication/authorization.
Each element of sensitive user information that is not required to be known at any point is encrypted using a one-way hashing process.
Access is managed through accounts with usernames and passwords. All user account credentials to the site are stored with individually salted one-way SHA-2 hashes.
Security - Data Transfer
All data, including those sent to/from Exchange or SharePoint Online and transmitted across network boundaries, are transmitted via TLS enabled protocols. For example, Vorsite uses HTTPS for Exchange Web Services and all other web service protocols.