EMC® Retrospect® for Windows

Data Security

Retrospect Keeps Sensitive Digital Data Secure

Are you capturing sensitive customer information such as social security numbers, bank records, or medical history? Do you store electronic information for any California resident? Do you process credit card transactions in your business?

If you back up this kind of information on media that is not strongly encrypted, you could face damaging public disclosure, civil action, or even criminal penalties if the backups are lost, stolen, or accessed by others. To prevent unauthorized access to your backup data and avoid costly repercussions, use EMC Retrospect 7.5 for Windows.

Retrospect's AES Encryption Fulfills Security and Compliance Needs

EMC Retrospect for Windows is the first backup and recovery software to receive government certification for 128-bit and 256-bit AES data encryption on backup media. (AES is the advanced encryption standard adopted by the U.S. and Canadian governments.) Retrospect's built-in AES encryption provides the strongest level of security for data backups, enabling small and medium businesses (SMBs) and distributed enterprise environments to meet compliance requirements and prevent unauthorized access to information.

Who Needs AES Encryption?

AES encryption helps ensures compliance with an increasing number of regulations that are being implemented by state and federal agencies and industry associations, including the Health Insurance Portability and Accountability Act (HIPAA), California Senate Bill 1386, and the Payment Card Industry (PCI) Data Security Standard. In response to growing concerns about identify theft, these regulations are far-reaching and come with stiff penalties for non-compliance.

Recently publicized events highlighting data loss and confidentiality breaches at several companies in the United States further demonstrate the importance of AES data encryption. After discovering that unencrypted backup tapes were missing from offsite storage locations or were lost while in transit, these companies were required to publicly disclose that confidential customer data was exposed to potential access and misuse.

The need for AES encryption of backup data is not limited to large businesses, organizations, and government agencies that store personal information. The regulations noted above—and the cost for non-compliance—apply to SMBs as well. Many entities are beginning to also require partners, contractors, and other business associates to ensure backup data is secure.

Retrospect is FIPS Certified for AES Encryption by U.S. and Canadian Governments

Companies that want to protect confidential data and meet compliance goals are increasingly turning to the U.S. government's National Institute of Standards and Technology (NIST). NIST created the Federal Information Processing Standards (FIPS) Publications 197 specification as the standard for testing AES encryption technology. FIPS 197 has also been adopted by the Communications Security Establishment of the Government of Canada (CSE) as the encryption standard for protecting electronic information.

In July 2005, NIST awarded FIPS Pub 197 certification to Retrospect for Windows for meeting AES encryption specifications. Retrospect is the first backup and recovery software to receive FIPS 197 certification. To view the official list of FIPS-certified software, hardware, and firmware products, visit the National Institute of Standards and Technology (NIST) Web site at http://cs-www.ncsl.nist.gov/cryptval/aes/aesval.html.