I have a financial broker that needs offsite backups, but as a financial institution they have more sensitive information then I am used to dealing with out side the confines of the government and I am not sure what needs to be done (legal speaking) to protect the data.  I would like to slap some cheep server in a cheep colo with an encrypted drive and just pump automated backups over an ssh tunnel using rsync (Like I do for my companies backups) but I do not know if there are any specific security (Physical and encryption) rules that I need to meet.  Rite now my companies back up server rotates through the homes of the key players, but I don’t think that is a good idea for a machine that holds non-public information.

 

I know there are a few of you who work (or worked) for other, larger, financial institutions.  How did you handle offsite backups?

 

It’s late and been a long day so if this message does not make sense let me know ;)

 

Bryan O'Neal
Cornerstone Homes & Development, Inc.
4220 E. McDowell Rd Ste. #108
Mesa, AZ 85215
(480) 505-1900