Redstor uses state-of-the-art security measures like Transport Layer Security (TLS) and encryption to ensure the complete safety of all data that it protects. Our software enables you to confidently recover lost data in just about any situation.
The graphic below illustrates a typical Redstor implementation with data being transferred either over a LAN or to the cloud.
Storage Platform security
The Storage Platform only allows Agent connections that use TLS (1.0, 1.1 and 1.2). Connections with insufficient security will be blocked. We recommend that you configure your connection to disable TLS 1.0 and 1.1 whenever TLS 1.2 is possible to ensure maximum protection against protocol downgrade attacks.
Data on the Storage Platform is stored in encrypted form using 256-bit AES (GCM).
Note: To further improve security on the Storage Platform, a log message pointing out any insecure cipher suites that are still accessible to the Storage Platform’s operating system will be generated daily. For more information, see Article 588.
ESE Agent security
Each Redstor Account has its own encryption key, which is used to encrypt that account’s data during the backup process. If this encryption key is lost (e.g. if the machine hosting that account's Agent dies and the user cannot remember the encryption key), there is no way to access the backed-up data, not even for Redstor employees. See our encryption key best practices below.
During the backup process, data blocks are compressed with LZ4 and then encrypted on the Agent using the user’s encryption key specified when the account was created. This encryption occurs prior to data being transferred to the Storage Platform. TLS is used to authenticate the data transfer and to create a secure session between the Agent and the Storage Platform.
We use a symmetric-key cryptographic block cipher, 256-bit Advanced Encryption Standard (AES) in Galois Counter Mode (GCM) or AES-GCM to ensure authenticated encryption, guaranteeing the integrity of your data. Through AES-GCM, the integrity of each block of data is verified using its inherent checksum before being stored on the Storage Platform. Files that have become corrupt or are missing on the Storage Platform (due to disk corruption, for example) are identified by integrity checks and are retransmitted to the Storage Platform at the start of each backup.
During a backup, the Agent maintains a rolling buffer of data transmitted to the Storage Platform. Whenever a connectivity drop and subsequent reconnection to the Storage Platform occur, the service resumes from the exact position of interruption, seamlessly continuing the backup without having to start at the beginning of the file. This is especially useful when large files are being transferred.
For more information on how ESE maintains data integrity, see Article 1102.
Encryption key best practices
We recommend the following best practices for managing encryption keys:
- Only the necessary Administrators should have access to encryption keys, but never just one person.
- Access to the location of encryption keys should be protected with multi-factor authentication (MFA).
- Encryption keys should be kept separate from the data they have encrypted.
- Encryption keys should adhere to guidelines for strong passwords such as those suggested by Microsoft. These include: