Overview
inSync incorporates the highest-grade standards available for unmatched security of endpoint data. The security features cover data security, access control, and for the cloud, data center infrastructure & network security and third party audit of policies and procedures.
End-to-End Data Security
- 256-bit SSL encryption for data in transit
- 256-bit AES encryption for data in storage
- Access control integration with AD
- Use of secure HTTPS for server console and LDAPS for directory access
Cloud Security You Can Trust
- SAS-70 certified Amazon AWS-powered cloud infrastructure
- Unique encryption key management for each customer
- Unique authentication and access control for each customer
- Complete compartmentalization of each customer data
- Single sign-on through SAML
Industry-First Two-Factor Encryption
inSync uses a unique distributed encryption key management system similar to how a bank locker system works. No one including Druva can gain access to a customer’s encrypted data except the customer that has access credentials. Unlike competitive solutions that deploy a single encryption key across all customers, inSync’s distributed encryption key management system offers superior security of enterprise data.
Industry Standard Compliance and Certification
inSync Cloud is hosted on Amazon’s AWS, which has achieved compliance with SAS 70 Type II, PCI DSS Level 1 and ISO 27001 covering its infrastructure, data centers, and services including EC2 and S3. In addition, Druva is nearing completion of its own ISAE 3402 Type I certification by an external party.
Single Sign-On
inSync offers single sign-on capabilities through Security Assertion Markup Language (SAML), an XML-based open standard for exchanging authentication and authorization data between security domains. This permits users to securely log into inSync over the Web using their credentials on external identity services, including a company’s Microsoft Active Directory.