Disk Hero - Real Time Automated Online Data Backup



		Professionals Disk Hero data backup service helps professionals meet regulatory standards and maintain business continuity. Disk Hero understands the difficulty involved in complying with new and changing regulations and standards. In an effort to help the professionals using our service we have developed a resource center, dedicated to providing information regarding; 1) Regulatory Compliance, 2) Disaster Recovery Planning and 3) Vulnerability Assessment. These resources should not only help you better understand current regulatory and compliance issues, but should also help in developing a comprehensive contingency plan while recommending to clients the Disk Hero Service. A secure and REAL-TIME data backup system is an important aspect of regulatory compliance, disaster recovery and vulnerability assessment. Disk Hero provides an off-site data backup service.
Regulatory Compliance Sarbanes-Oxley Act Sarbanes-Oxley Act and Disk Hero Compliance Disk Hero supports your efforts towards Sarbanes-Oxley compliance. This reference reviews various aspects of the SOX Act and illustrates how Disk Hero helps institutions meet the requirements of various sections of the mandate. Sarbanes-Oxley Act - Community Forum This interactive community portal is designed to facilitate the exchange of information between those seeking to comply with the requirements of this important legislation. Sarbanes-Oxley Act/PCAOB Implementation Central An excellent resource that provides background, toll-free hotlines, guidance and tools. Gramm-Leach-Bliley Act Gramm-Leach-Bliley Act and Disk Hero Compliance As a result of the Safeguards Rule it is extremely important that financial institutions develop data backup policies. Learn how Disk Hero Data Backup can help your organization meet Gramm-Leach-Bliley requirements. Complying with the Safeguards Rule As part of its implementation of the GLB Act, the Federal Trade Commission (FTC) has issued the Safeguards Rule. Learn who must comply and how to comply. FTC Privacy Safeguards Rule, Application to CPAs Explains the specification for a comprehensive security program to ensure the security and confidentiality of customer information. Federal, State and Other Professional Regulations CPAs engaged in privacy advisory services and attestation must follow the pertinent, laws, rules, and standards. This resource provides an overview of developments on information privacy in the United States. Disaster Recovery and Contingency Planning The Importance of Disaster Recovery Plans If you do not have a plan or do have the idea that "it won't happen to you," consider the consequences. LINK = include both lines in the browser http://infotech.aicpa.org/Resources/System+Security+and+Reliability/Security/Disaster+Recovery /The+Importance+of+Disaster+Recovery+Plans.cfm Disaster recovery is a numbers game A computer contingency plan should have emergency, back-up, recovery, test and maintenance plans. Adequate computer contingency planning should help firms to quickly regain their capabilities to process information and get back in business. Vulnerability Assessment Common Vulnerabilities and Exposures Common Vulnerabilities and Exposures (CVE®) is a public repository of security vulnerabilities and exposures international in scope. This repository is free for public use. This is an effort to standardize the reporting of vulnerabilities and exposures. General Security Resources General IT Management & Planning Resources An excellent collection of resources that help organizations understand potential threats, principles and practices. Includes resources for assessing and establishing IT security. The Internet Security Alliance Case Studies of attacks on Small Businesses and a 12-step Program for Information Security
SECURITY: WHERE IS THE DATA STORED? Impenetrable Security Disk Hero's subscription service automatically backs up your desktop/laptop computer to the Disk Hero™ Data Center, using secure Internet connections. The process - from data transmission to storage to retrieval - meets the highest levels of security. Government-Level Protection Disk Hero uses the most powerful information defense available. The same encryption used to protect classified U.S. government documents in transit - 128-bit AES (Advanced Encryption Standard) - is used to encode and secure every file that Disk Hero™ handles. No other service offers this degree of protection. Files are stored encrypted Disk Hero encrypts your files at the data center. If someone were to intercept your data they would be unable to read any of it because of the encryption used, basically your files will show as a string of characters. press here to see an example of an encrypted file . Network Best Practices The Disk Hero™ Data Center is a secure facility with physical access limited to those with Disk Hero-provided clearance who maintain the systems. Any data received at our Data Center is immediately redundant because of the server configurations we use, as well as having full tape backups for third tier redundancy. If a power outage or disaster occurred our facility has full power self-sufficiency to remain operational. As a result, Disk Hero's founders have delivered better than 99.99% uptime over the past ten years. Firewall Best Practices Disk Hero's firewall policies do not permit any outside access to our Data Center servers, except through a designated port that accepts only the special protocol used by the Disk Hero application. This protocol has no general or macro capabilities; its only function is to allow the Disk Hero™ Agent (the software on the end-user computer) to perform authenticated, encrypted communication to its server counterpart (the data center). File Retention Best Practices To prevent unauthorized deletion of user data from Disk Hero™ servers, there are no commands that allow deletion in the client-server protocol. Operational control mechanisms prevent any unauthorized access to Connected Data Center servers. And, for every customer, we retain by default 5 versions of any file backed up to the Data Center so there is no need for days of backups for recovery if you did delete a file by accident Disk Hero has as many versions as you need. Compliance & Validation HIPAA - Our agent software meets the encryption requirements for HIPAA transactions and file transfers via 3rd party software used for SSL encryption and file transfers. To see more information about HIPAA press here. To see more information on Sarbanes-Oxley Act press here. Section 508 of the Rehabilitation Act of 1973 Compliance Statements for Disk Hero™ Software Products FIPS - Disk Hero is in the process of gaining FIPS 140-1 and 140-2 (Federal Information Processing Standard) validation from the National Institute of Standards and Technology's (NIST) Cryptographic Module Validation (CMV) Program.