Introduction to the Iron Mountain LiveVault Service Security

Many businesses are beginning to take advantage of the substantial value and convenience of using Internet-based storage services for data protection and disaster recovery. The complete Iron Mountain LiveVault Service™ solution of online backup, recovery, and electronic vaulting managed services is ideal for small and medium businesses or remote sites with little or no IT staff.

Iron Mountain LiveVault Service™ enables you to back up servers in multiple sites continuously and automatically over low-cost Internet connections. Iron Mountain LiveVault Service™’s electronic vaulting protects data by archiving it immediately to a secure offsite location, where it is available for immediate restore operations or disaster recovery. You can back up data to the offsite vault or to a local appliance. The backup technology is the same, though the on-site appliance offers potentially faster restore time.

Using unique replication technology, Iron Mountain LiveVault Service™ Agent software on each protected server copies only the blocks that change in your open files and databases, minimizing server load and bandwidth requirements. Iron Mountain LiveVault Service™’s patented Time-Slice Restore technology enables point-in-time restores of historic file versions. The Iron Mountain LiveVault Service Web Management Portal web management interface enables you to manage the entire online backup and electronic vaulting process from a web browser.

Security, efficiency, and convenience are built into every step of the process to install and establish Iron Mountain LiveVault Service™. The basic steps are:

• You register for Iron Mountain LiveVault Service™, creating an account.

• You download and install Iron Mountain LiveVault Service™ Agent software on the server to be protected.

• Iron Mountain LiveVault Service™ Agent install program collects your login and password, and information about the server.

• Agent install program establishes a Secure Socket Layer (SSL) connection to the  service.

• Agent install program registers the server for protection, establishing additional security parameters for the Agent server, including a digital certificate and a data encryption key.

• The Agent automatically opens an SSL connection to the Iron Mountain LiveVault Service™ service.

• You log onto Iron Mountain LiveVault Service Web Management Portal, create one or more backup policies, and start initial backup (the only full backup).

• Once initial backup is complete, continuous byte-level protection continues as long as the agent is enabled.

Digital certificates (see Secure Transmission Over the Internet) establish and authenticate the secure Internet connections between protected servers and the Iron Mountain LiveVault Service™ service. In addition to the digital certificate that is installed on each protected server (Iron Mountain LiveVault Service™ Agent), there is a digital certificate on the Iron Mountain LiveVault Service™ backup server. When the Iron Mountain LiveVault Service™ starts, the two servers use the certificates to verify one another's identity. If this two-way authentication is confirmed, data begins to move from your server to the backup server. If either server does not confirm the authentication, then the communication attempt is rejected and the connection is disabled.

A data encryption key is established during the installation process and protected with a password known only to you. The data encryption key encrypts all data before it leaves your server. The data remains encrypted at all times when it is not on your server. If you restore any of the data, it cannot be unencrypted until it is on your server. This security is in addition to the security established in the SSL connection.

Once the SSL connection is established, you access Iron Mountain LiveVault Service Web Management Portal from an Internet browser, define backup policies, and start the server’s initial (full) backup. As soon as the initial backup is complete, changes are sent to the Iron Mountain LiveVault Service™ backup server at the frequency selected by you.

Iron Mountain LiveVault Service™ allows you to securely back up protected servers automatically over low-cost Internet connections to a backup server located locally or in a protected offsite data center. Offsite data centers are strategically located to eliminate risk and feature state-of-the-art physical security, UPS, emergency backup generators, fire protection systems, and more. Once there, data is away from disgruntled employees, isolated from viruses, and safe from natural disasters. In providing this service, Iron Mountain LiveVault Service™ ensures the highest levels of data security, customer service, and operational reliability, with features such as: password-protected SSL-level web access, industry-standard digital certificates, a personalized web interface, patented replication and Time-Slice Restore technologies, and round-the clock monitoring by a fully equipped Service Operations Center.