In one of our recent F12 blog’s, we explain what CyberSecure Canada is and the value this certification brings to SMB market (https://f12.net/resources/blog/what-is-cybersecure-canada/). Among the 13 security controls used within the CyberSecure Canada framework, number seven speaks to data protection, specifically data encryption and backups.
Often when the topic of data encryption and backups is discussed, the term “data at rest” is spoken about. Data at rest simply means data stored on storage medium, either within your physical location and/or in the cloud (such as F12’s Cloud). Data encryption at rest is a better way of phrasing the topic as encryption should be considered mandatory with respect to customer privacy, compliance, and data sovereignty concerns.
The second part to the data encryption and backup is the backup piece. People usually think of the initial backup from their production systems, but this control considers all data in storage and backup environments, including copies of backups that are stored offsite and for archival purposes. Encryption of those backups are done not only at the storage level but also within the backup products used. Whether you have a server or an end point with us, ensuring we can recover your data is paramount along with ensuring it is encrypted while awaiting recovery at some point.
For organizations looking to leverage an IT company whether that company is an MSP or CSP, guidance to customers can be found in our own Canadian branded Cyber Security framework - ITSP.50.106. This specific publication addresses cloud services offered by MSPs and CSPs alike (https://www.cyber.gc.ca/en/guidance/guidance-cloud-service-cryptography-itsp50106). F12 considers compliance to this standard to be a key competitive advantage as cyber security continues to be forefront on customer’s minds.
F12 provides cloud services within its own data centers as well as encompasses an ecosystem of partner’s who share our passion for keeping our customer’s data safe. Along with achieving CyberSecure Canada certification this year (and Cyber Essentials Plus for several years), F12 considers your data so important that we also maintain our SOC 2 (Type II) designation to ensure external validation of our controls and ensuring your data is safe with us. Please visit us on our F12 blog and let us keep the conversation going.
Adam is the Director of Cloud Services and Security at F12.net. He is a 30-year veteran in the IT industry, working with ISPs, MSPs and CSPs to help create cyber security awareness and safeguard customer’s data interests.