Cloud Storage and Online Backup Service for Protected Health Information
eazyBackup is a privacy-focused Canadian ePHI-compliant cloud storage provider. On request, eazyBackup will provide a signed information manager agreement for its users.
We provide built-in end-to-end encryption that cannot be disabled
Only you can access your data. We can’t access your data and no one else can either
Canadian data residency comply with Canadian data privacy laws such as PHIPA, PIPA, HIA etc.
Data Residency
eazyBackup provides cloud storage services from our data center in Ottawa, ON, ensuring that your data remains within Canadian borders.
Access to the data hall is governed by strict security policies. Access is controlled with biometric scanners in conjunction with key-card access, ensuring only authorized personnel can enter. Physical entry is electronically secured and continuously monitored to guarantee the highest level of security for your data.
Controlled Goods Program (CGP) Registered
Additionally, our security policies and procedures are routinely reviewed by the Controlled Goods Program (CGP). The CGP requires us to follow specific protocols ensuring that our employees meet strict security criteria and adhere to rigorous access controls. In addition to staff protocols, the CGP also ensures that our data is stored securely and that our cabinets and data center meet specific security requirements.
Data Encryption
Our cloud backup software always encrypts all user data before sending or storing it, using strong AES-256-CTR with Poly1305 in AEAD mode with high-entropy random keys. The user’s password is used to derive two 192-bit keys via PBKDF2-SHA512, with hard-coded parameters for repeatable output.
Data Encryption – Understanding Our AES-256 Encryption & Key Management
Your data at rest:
When the eazyBackup software creates your Storage Vault for the first time, it generates two high-entropy random keys (the 256-bit “A” and 128-bit “E” keys). All user data in the Storage Vault is stored encrypted with the A-key using AES-256 in CTR mode, and authenticated using Poly1305 in AEAD (encrypt-then-MAC) mode. The only party with the decryption key is your company/the backup user. This ensures total privacy of the customer data.
Last updated