Replica has been designed to protect enterprise data from theft, loss or destruction while ensuring that all versions of data are dynamically accessible. Replica achieves this by using a high performance, post-relational database for data storage. The use of a database creates many opportunities for Replica to introduce powerful new features which are unique to Replica. An example is Replica contextual searching which will be included in Replica’s next release, providing concept based searching of all data within an enterprise, similar to Google searches and limited to the data the user is authorized to see.
Security is a hot topic at the moment but security for servers has always been a hot topic. The security on many servers is very porous and Replica was designed to take account of this issue. The only way that Replica can do this is to assume that all of the servers on all of the networks on which Replica will run are compromised and visible to hackers around the world. By assuming that hackers will breach security and gain access to the Replica server we have designed Replica to ensure that this access is a complete waste of time.
In the current release Replica offers the most efficient and flexible security and disaster recovery tool on the planet, delivered with a host of other pragmatic benefits. Replica data is living data, completely secure and yet connectable both locally and remotely with unprecedented speed and efficiency. The Intersystems Cache database which is used by Replica to store data is unbelievably fast and efficient. The database is Common Criteria Certified which brings additional security to stored data.
Replica on Desktops and Servers
The Replica Client uses ODBC to move encrypted data to and from a database on a Replica Server. The client starts by taking a snapshot of the data selected by the user or administrator, compressing and encrypting this data and storing it in the Replica Database. The selected data can include all of the data on the desktop including system state, email files and open files, or it can be a subset of data determined either by a global filter set by the administrator or a computer specific filter set by the user.
During the snapshot the Replica Client checks each file to see if an identical file has already been stored in the database. If it has then a record is made showing that this machine has a copy of the file and its location in the file system. If the file has not yet been stored in the database then it is compressed, encrypted to 256 bit Rijndael standard and streamed to the database.
After the client’s file system has been captured by the snapshot process, the system enters maintenance mode. Each time Replica runs in maintenance mode, it interrogates the NTFS change journal on the drive and compiles a list of added, changed and deleted files and directories. When the system processes an edit it creates a small difference file, representing the changes made to the file during the edit. The difference file is stored within the database (compressed and encrypted) and represents a new version of the file. There is no limit to the number of file versions which can be stored.
The Replica database can be replicated to an offsite server or servers at a location of your choice for disaster recovery.
The Replica Client can be scheduled to run as often as every 15 minutes and has been designed to ensure that it will not interfere with user activities. It operates in the background as a Windows service and will always lower its CPU priority to any other process except idle. This further ensures that the system will not interfere with other software on the client.
The 256 bit encryption key is generated by the administrator and is further encrypted into the database. Extensive security precautions at both the client and the database combined with obfuscation of system code hides the key from hackers very effectively. The use of ODBC allows the server to run completely separately from the domain if preferred for added security.
The most important feature for any data protection and storage system is its ability to restore data and this is what most systems do very inefficiently. The Replica Client interface looks like Windows Explorer and shows the file system just as Explorer does, except that the file system displayed by Replica is constructed from the data residing within the database. Replica effectively moves a copy of the file system to the database and users can interact with this data just as they do through Windows Explorer.
To affect a restore on most systems, the user needs to contact the help desk and wait while the file is recovered, if indeed it can be recovered. With Replica, authorized users simply log on to the Replica Client interface and navigate to the file or directory they want to restore in the same way they already navigate through their file system using Explorer. The file can be restored with just one click and, importantly, it can be previewed prior to restoration. There is even an undo function in case the user inadvertently restores over a newer version of the file. The user can also select the version of the file they want to restore and can preview different versions to check which version they want.
Of course, Replica also offers the flexibility to run all restores through the help desk should the customer desire.
Replica AntiTheft
Replica AntiTheft is available on desktops and secure laptops at no extra charge. Replica Anti Theft technology allows users to secure data against theft. With more than half of data theft valued at over $100,000 being perpetrated internally, this requirement can be just as important on desktops as it is on laptops.
Directories which are nominated for secure processing are copied to the Replica database in the normal way. However, they are also deleted from the drive to US DOD specifications (DOD 5220).
Authorized users can “Check Out” their files using a simple, Windows based interface. This process retrieves a file from the Replica Database, decrypts it, places it on the disk and optionally opens it for use. When the user has finished with a file they simply “Check In” the file (a single button click in the user interface). This encrypts it and wipes it from the disk again. Replica identifies any changes, new files, edits or deletions and processes new versions etc as needed.
Replica Secure Laptop
A Replica Secure Laptop differs from a desktop deployment in that it has an onboard Replica Database as its primary storage medium rather than using a server on the LAN. Because laptops are often remote from the network, Replica stores data into an onboard database and then replicates that data to a nominated server whenever an internet or other connection is detected. The data is always encrypted, compressed and chunked before being transmitted, and so can be moved securely over port 80 without requiring a VPN to safeguard the data.
The use of an onboard database ensures that an absolute minimum of data is sent over the internet. For example, when a file has been edited and the system creates a difference file, it needs to retrieve the old version of the file to compare with the new version. The onboard database means that this retrieval is done locally rather than over the internet.
Replica Anti Theft technology removes data from the drive in such a way that it cannot be recovered using undelete utilities. If a laptop is stolen or lost, all of the confidential data on the laptop is secure and safe. The administrator can also set a “kill database” switch, causing the laptop’s onboard database to be destroyed the next time the laptop connects to the internet.
Replica continually moves data from the laptop to a Replica server when a connection is available, and this means that unlike other laptop security systems, Replica ensures that the data is also protected against loss.
Replica Collaboration
Replica provides collaboration through the use of virtual directories within the Replica database. These directories appear in the Replica Client interface as windows folders, just as they would in Windows Explorer. However they only exist within the Replica database and can only be accessed by authorized users via the Replica Client interface.
The purpose of Replica Collaboration is to share files securely across any sized region. Replica Collaboration directories have user based permissions for Read Only Access, Read Write Access, or Full Control including creating subdirectories. When a user accesses a file for a write action, other users will not be able to write to the file until it is released, at which time all users will see the most recent version of the file. This is a very powerful document management and file sharing system, including full audit trail.
© Copyright 2011 Replica Data Security. Design by Yeah.
|