inSync incorporates the highest-grade standards available for unmatched security of endpoint data. The security features cover data security, access control, and for the cloud, data center infrastructure & network security and third party audit of policies and procedures.
End-to-End Data Security
inSync secures endpoint data all the way from the device to the server by adopting the highest-grade security technologies.
- 256-bit SSL encryption for data in transit
- 256-bit AES encryption for data in storage
- Strict authentication and access control with AD
- Secure HTTPS and LDAPS protocols for access
Cloud Security You Can Trust
inSync Cloud offers the industry-best security to protect critical corporate data on the cloud.
- SAS-70 certified Amazon AWS-powered infrastructure
- Unique encryption key management
- Strict password and access control
- Complete compartmentalization of customer data
Industry-First Two-Factor Encryption
Unlike competitive solutions that deploy a single encryption key across all customers, inSync uses a unique two-factor encryption management, which is similar to how a bank locker system works.
- Unique encryption key generated per customer and is further encrypted using admin credentials
- Data is decrypted only during a customer session by using their unique credentials
- Because of secure 2-factor encryption, Druva cannot have access to any customer data
Industry Standard Compliance and Certification
inSync Cloud is hosted on Amazon’s AWS, which has achieved compliance with SAS 70 Type II, PCI DSS Level 1 and ISO 27001 covering its infrastructure, data centers, and services. In addition, Druva has completed its own ISAE 3000 Type II certification by an external party.
- End to end certification of cloud infrastructure, operations and controls.
- SAS 70 certification of cloud infrastructure
- ISAE 3000 certification of Druva’s cloud controls
inSync offers single sign-on capabilities through Security Assertion Markup Language (SAML), an XML-based open standard for exchanging authentication and authorization data between security domains. SAML permits users to securely log into inSync using their credentials on external identity services such as Microsoft Active Directory.
- SAML integration with ADFS
- SAML integration to other 3rd party ID providers
- Mobile app access with SAML