SkyKick takes the security and privacy of sensitive business information seriously. It protects data in its Cloud Backup application, both at rest and in transit.
Access to data
SkyKick maintains a strict access policy and a set of industry-standard mechanisms for ensuring the privacy and security of backed up customer data.
• SkyKick Cloud Backup only restores data to the original mailbox or site to prevent a non-owner of the mailbox or site from accessing its data.
• AES-256 encryption backed by RSA 2048-bit public private key certificates managed via the Windows/Azure infrastructure for both credential management and user content.
• Certificates are separated by both environment (production/testing) and value type (credential/content).
Security – Data at Rest
To ensure the highest level of physical and virtual security, SkyKick Cloud Backup is managed on Microsoft Windows Azure for 100% of production server resources. These are all protected by those facilities’ physical and virtual security.
• Because your data never leaves the Azure environment you maintain all the inherent security of Azure. The data is encrypted at 128-bit during transit and 256-bit at rest within the Azure environment.
• Each element of sensitive user information that will be required to be known by a SkyKick system for Cloud Backup is stored in SkyKick’s online system under AES-256 bit symmetric key encryption. The per-datum symmetric AES keys are themselves encrypted using a variable set of RSA 2048 bit public keys. The corresponding private keys are retained in Windows Azure certificate management stores and are available only to the systems that require them.
Security – Data Transfer
• All data, including those sent to/from Exchange or SharePoint Online and transmitted across SkyKick’s backend network boundaries, are transmitted via TLS enabled protocols.