FAQs

Are you required to have enough temporary storage available for your entire backup or is it done file by file?

We require that you have temp storage that is large enough for the size of your largest single file however, we recommend that the available space is roughly two times larger than your largest file.

Can you configure different retention policies for different backup sets? For instance I configure a backup set to backup a folder every day and retain 30 backups, and configure another backup set to backup the same folder once per month and retain 12 backups??

Yes, the client software supports multiple backup sets with multiple retention policies.

As a white label provider you are a third party to our clients. We’ve had clients ask us to retain their rights to their data. Are we able to do this and how do we go about this?

If required we can write a tri party agreement or some form of contractual agreement with the client and vendor that gives them the data rights that they require.

What physical security measures, processes, and monitoring capabilities do they have in place to prevent unauthorized access to its data centers and infrastructure?

Answer provided by IaaS provider:
Man-Trap access to main data room
Monitored and recorded video surveillance from multiple points inside and outside the facility
Video kept for 3-6 months
Motion sensors and intrusion detection sensors
Facility external walls are seismically monitored 24 hours a day
All hardware fully enclosed in steel caging
Any authorized customer visits are accompanied by designated SCC staff
Security systems are monitored 24×7 by both the on-site NOC and an off-site third party

What internal controls do they have in place to prevent unauthorized viewing, copying, or emailing of customer information?

AES 256/Private key encryption prevents us from ever having access to your data. As well, our privacy policy prohibits access. Any administrative function is logged and reviewed on a regular basis. Access to the storage space is severely limited.

What is their backup and disaster recovery strategy? How often are incremental redundancy backups made? How many copies of our data do they store and where? How far back do the copies go? How often and how do they test their backup and recovery infrastructure?

Our disaster recovery strategy is layered on our infrastructure provider’s capabilities. The infrastructure itself has five distinctly separate trunks into the location as well as three distinctly separate power grids, we also have backup battery and power generation as well. We also host a warm copy of our storage and operating systems via a secondary node in Oakville with the same provider. This gives us geographic diversity. Our mean time to recovery is approximately 4 hours. Backup is done on a daily basis incrementally, and weekly for a full system backup. Our retention policy is two weeks. We test our DR bi-yearly.

Do you store data in non-Canadian locations?

No. Moreover the data is never routed at the data centre level outside the borders of Canada.

What notice will you provide when changing data center locations or security practices?

Our customers would be provided with a minimum of 30 days’ notice on any change to our locations or security practices. We see no change in our provider in the near or foreseeable future.

Do you have an incident response plan? Do they include us in the incident response process?

We fall under the incident response plan of our infrastructure provider. If requested, we will include you in the reporting.