Financial services organizations have extra challenges to face when it comes to data protection.
Do you need to comply with FINRA, Sarbanes Oxley or SEC regulations?
If you must backup your data to achieve regulatory compliance then you need a premier provider of data backup and recovery services that understands your unique requirements and will be there for you when you need them.
This presentation will cover the 5 components your backup solution must provide in order to meet regulatory compliance mandates.
3. Component #1: Security & Encryption
Does the provider have the following:
1.Military grade AES encryption technology up
to 256 bit. FIPS 140-2 certification.
2.LAN security policies that allows data to only
be accessed by those with administrative
rights.
3.User authentication and role-based access
www.bumi.com
4. Component #1: Security & Encryption
In addition, you should ask:
1.Is the data both transmitted and stored in
encrypted and compressed format?
2.Is there a Client/Server authentication
protocol to ensure that no one can restore
your data to alternate hardware without
authorization?
www.bumi.com
6. Component #2: Tamper-Proof Storage
Is the data stored in a tamper-proof,
non-erasable and encrypted format?
WORM (Write Once, Read Many) devices used
to be the standard. But as optical media
became too expensive, the rules were changed
to allow software solutions that encrypt the
data and keep it from being tampered with.
www.bumi.com
8. Component #3: Audit Trail
Does the solution provide:
1.
An audit trail of all backups and restores?
2.
What about destruction certificates of
deleted data?
3.
Serialized originals and, if applicable,
duplicate units of storage media with a
time-date record?
www.bumi.com
10. Component #4: Archive and Retention Rules
There’s this magical #7 out there…
Everyone thinks they need to keep their data
for 7 years.
The truth is that the rules vary, so it’s
important to have highly customizable archive
and retention rules configured based on
specific business needs.
www.bumi.com
12. Component #5: 24/7 Availability
Be sure the solution provides 24x7
availability of encrypted data for
examination by representatives of
regulatory bodies and for emergency
restores.
www.bumi.com
13. BUMI Background
• BUMI is a premium provider specializing in online
data backup and recovery services
• Focused on professional services market
• Privately owned and self-funded (debt free and
profitable)
• Founded in 2002
• Headquartered in New York City with two leased
SSAE-16 Type I & II data centers located in Canada
www.bumi.com
14. For more information, visit:
http://bumi.com/customers/financial-services/
sales@bumi.com
212.599.7800
90 Broad Street, FL 6
New York, NY 10004
www.bumi.com
Hinweis der Redaktion
KendraA common compliance mandate (one we’ve seen with HIPAA and SEC 174a) requires organizations to store a copy of their information with at least one offsite third party.Before embarking on this type of relationship with a third-party backup provider, there are several crucial components you must under consideration to avoid headache and ensure a smooth execution and optimal performance in the long-run.
Does the solution provide an audit trail of all backups and restores?What about destruction certificates of deleted data?Serialized originals and, if applicable, duplicate units of storage media with a time-date record?
There’s this magical # out there: 7Everyone thinks they need to keep their data for 7 years.The truth is that the rules vary, so it’s important to have highly customizable archive and retention rules configured based on specific business needs.It’s important to retain data for the specified amount of time, and you don’t want to get caught keeping data too long.
There’s this magical # out there: 7Everyone thinks they need to keep their data for 7 years.The truth is that the rules vary, so it’s important to have highly customizable archive and retention rules configured based on specific business needs.It’s important to retain data for the specified amount of time, and you don’t want to get caught keeping data too long.
24x7 availability of encrypted data for examination by representatives of regulatory bodies and for emergency restores.