Financial services organizations have extra challenges to face when it comes to data protection. Do you need to comply with FINRA, Sarbanes Oxley or SEC regulations? If you must backup your data to achieve regulatory compliance then you need a premier provider of data backup and recovery services that understands your unique requirements and will be there for you when you need them. This presentation will cover the 5 components your backup solution must provide in order to meet regulatory compliance mandates.

1. The 5 Components of
Compliant Backups
for Financial Services
Firms
www.bumi.com

2. Component #1: Security & Encryption
www.bumi.com

3. Component #1: Security & Encryption
Does the provider have the following:
1.Military grade AES encryption technology up
to 256 bit. FIPS 140-2 certification.
2.LAN security policies that allows data to only
be accessed by those with administrative
rights.
3.User authentication and role-based access
www.bumi.com

4. Component #1: Security & Encryption
In addition, you should ask:
1.Is the data both transmitted and stored in
encrypted and compressed format?
2.Is there a Client/Server authentication
protocol to ensure that no one can restore
your data to alternate hardware without
authorization?
www.bumi.com

5. Component #2: Tamper-Proof Storage
www.bumi.com

6. Component #2: Tamper-Proof Storage
Is the data stored in a tamper-proof,
non-erasable and encrypted format?
WORM (Write Once, Read Many) devices used
to be the standard. But as optical media
became too expensive, the rules were changed
to allow software solutions that encrypt the
data and keep it from being tampered with.
www.bumi.com

7. Component #3: Audit Trail
www.bumi.com

8. Component #3: Audit Trail
Does the solution provide:
1.
An audit trail of all backups and restores?
2.
What about destruction certificates of
deleted data?
3.
Serialized originals and, if applicable,
duplicate units of storage media with a
time-date record?
www.bumi.com

9. Component #4: Archive and Retention Rules
www.bumi.com

10. Component #4: Archive and Retention Rules
There’s this magical #7 out there…
Everyone thinks they need to keep their data
for 7 years.
The truth is that the rules vary, so it’s
important to have highly customizable archive
and retention rules configured based on
specific business needs.
www.bumi.com

11. Component #5: 24/7 Availability
www.bumi.com

12. Component #5: 24/7 Availability
Be sure the solution provides 24x7
availability of encrypted data for
examination by representatives of
regulatory bodies and for emergency
restores.
www.bumi.com

13. BUMI Background
• BUMI is a premium provider specializing in online
data backup and recovery services
• Focused on professional services market
• Privately owned and self-funded (debt free and
profitable)
• Founded in 2002
• Headquartered in New York City with two leased
SSAE-16 Type I & II data centers located in Canada
www.bumi.com

14. For more information, visit:
http://bumi.com/customers/financial-services/
sales@bumi.com
212.599.7800
90 Broad Street, FL 6
New York, NY 10004
www.bumi.com