Secure by Design
Security matters, not least of all in data backup. Keepit is not a legacy backup system retrofitted to the cloud - Keepit was built from scratch to do precisely this: cloud to cloud backup.
What this means is that multitenancy was not an afterthought, it was a core design principle before we wrote the first line of code.
We are not trying to protect an aging platform from the Internet. Instead, we built our platform for the Internet.
This history does matter: Security cannot be bolted on as an afterthought.
Data Secrecy and Security
Security is many things – keeping your data from prying eyes is naturally a fundamental necessity. A significant variety of security measures are used to protect and safeguard your data.
Keepit employs encryption in transit using HTTPS secured with modern TLS when accessing your data through primary workload vendor APIs such as Microsoft Office 365, Salesforce, G Suite, and others. This security is at least as good as what is being used by your users - but as an additional physical layer of security, Keepit will typically exchange traffic directly with the workload providers over major internet exchanges, far from the prying eyes of the average Wi-Fi hotspot eavesdropper.
Once data reaches Keepit, it is encrypted before being stored on our storage systems. For this purpose, we employ AES encryption directly on our storage systems - this is the same encryption algorithm that is used throughout industry and governments to keep secret practically anything that needs to be kept secret. But as an additional physical layer, the storage media upon which your data resides is kept in a physically secure datacenter. Faulty media is destroyed, not sent back for repairs.
The Keepit architecture is centered around a multiple datacenter strategy for redundancy. Each one of our regions employs two regional datacenters, each data center being a complete mirror of the other.
The two datacenters operate in active-active mode, continually keeping data replicated between the centers. For this reason, any single system can fail without affecting the operation of the platform, and even a full site can fail without affecting the platform, as it has a separate, mirrored data center operating alongside it. This keeps your data reachable and available for restore even in the unlikely event of the loss of a full datacenter.
On top of this, all individual systems of course employ their own component level redundancy. Adding it all up, we keep an equivalent of two copies (or more) of your data in each of the two datacenters giving you the peace of mind that we have a total of four (or more) copies of all of your data, throughout your backup history.
Each software component of Keepit has been developed with scale and speed in mind. Below are some important points on the software stack:
- No single point of failure in the platform - any single system can be lost without affecting the operation
- Front-end nodes are the load-balancers; front-end nodes can be added as needed to scale
- All internal components are simple single-purpose components
- All internal components can be scaled vertically and horizontally
- Any number of full platforms can be deployed for perfect isolation and scalability
- Each geographic location has two mirrored data centers
- Seamless scalability to millions of users
- Storage Islands support to facilitate complete knowledge of customer data location
- Multi-threaded processes to leverage easy scaling of each important workload. Adjustable down to tenant level
- Intelligent backup algorithm ensures maximum throughput
- Ability to deploy multiple independent instances of Keepit for increased scalability
- Fully automated deployments Encryption
Ready for tomorrow
- Not API first – API only!
- One API – integrate once
- All features available as API endpoints
- Cloud Backup SDK
- Licensing: license configuration, provisioning, and deactivation through API or Web UI
Keepit has been built to be tamper-proof by being an inherently immutable data store; once data is in, it cannot change. The application does not expose any APIs or other means that would allow data overwrites.
Furthermore, the blockchain-like structure allows all layers in the platform to verify that a given requested data object is unaltered from its original form. This simply adds another layer of confidence.
Data only leaves the platform when it falls out of the customer configured retention period.
In the event that the customer (or an attacker who successfully assumed the identity of the customer) deletes a workload from Keepit - or the entire account - data will remain untouched for a fixed retention period of your choice, but a default of at least one month.
This additional precaution protects the customer from a ransomware attack (or worse) where the attacker would first seek to destroy backups before proceeding to encrypt or destroy the primary data.