The Internet is a dangerous place. There’s a new story on Ars Technica about a corporate or government hack almost everyday. So for those interested in how an enterprise-grade secure cloud backup solution handles data encryption, here is some background on a few of the security protocols used to protect customer data here at Zetta:
Secure Sockets Layer (SSL) / Transport Layer Security (TLS)
SSL is an Internet security protocol developed by Netscape in the late ’90s that is incorporated in browsers and web servers. The protocol uses the RSA public-key/private-key encryption system and digital certificates to establish a secure connection between the client and server over which data can be transmitted.
SSL has recently evolved into the TLS protocol, but both protocols are still in use. When you see a website that starts with https instead of http, it requires an SSL/TLS connection. Both protocols are IETF standards. While the SSL Working Group is no longer active, the TLS Working Group is, and has issued a number of documents on the protocol since the start of the year. SSL/TSL differs from a complementary IETF protocol Secure HTTP (S-HTTP) in that S-HTTP is designed for sending single messages, while SSL/TSL creates a secure connection over which any amount of data can be sent.