If information is the currency of the digital economy, then those that seek to do business on the Internet need to pay close attention to how well their confidential business or personal information is protected on the Internet. We know that the information – the documents, files or images – that you store off-site with us is important to you. That you care who has access to that information and whether that information will be there tomorrow, or 10 years from now. You won’t find our site loaded with banner ads or affiliate links because we are focused on one service – providing secure, long-term storage of important e-documents and files. We take that responsibility seriously.

Take a minute or two to ask your online storage provider a few questions about their operations. For instance:

1. Who is housing your files and where are the servers located?

Are your confidential files sitting on a server in a small office in some strip mall in California? Is their business model really an advertising business or is it a reliable storage provider? What is the likelihood that your provider will be in business a year or two years from now? And if they do go out of business, what is the procedure for insuring that you can remove your stored files before the servers are turned off?

With PrivateVault™, your files reside on servers behind the same highly secure facility that supports a bank's online operations.

2. Is your provider regulated or monitored by a respected outside authority?

Because PrivateVault data center operations and risk management procedures are reviewed by a federal regulatory agency, we must meet and maintain stringent standards and requirements which leads to consistent security, safety and soundness of our data storage methods.

3. Are multiple levels of access security provided?

As a PrivateVault owner, you are offered two levels of access security. With each increasing level, it becomes less likely that someone could possess all the pieces of information required to gain access to your secure Vault.

4. Are your uploads and downloads protected by encryption?

PrivateVault is built on industry standard, 128-bit Secure Socket Layer (SSL) encryption for transmission to and from your PC. “128-bit” denotes that there are literally 300 billion trillion possible combinations (a 3 followed by 26 zeroes) to fit the “lock” protecting a file during transmission. This is standard security technology that comes embedded in today’s off-the-shelf browsers. Nothing special, but unlike many online storage providers, we took the time to implement this technology in our service. Plus, your data is stored encrypted on the server. Only you, the Vault owner, has the decrypt key.

5. How are data servers physically protected?

The protection of your PrivateVault data also includes security in the “physical” world. Brick-and-mortar organizations use high-wire fences, big cement walls, locks, burglar alarms and security guards to protect facilities from theft and misuse. The PrivateVault service accomplishes its security objectives by utilizing strict physical access policies that cover access to our data center building and our server rooms. We augment those practices with 24x7 video surveillance. We follow strict firewall procedures to reduce the opportunities of unwanted intruders.

Two Levels of Security

The two levels of access authentication offered to PrivateVault customers are:

1. User I.D. and Password (what you know) – This is the standard for security protection on the Internet and is PrivateVault’s base level of security. For most service providers on the Internet, this is their only authentication protection.

2. Digital Certificate (what you have) – Just as a security access card is needed to gain access to certain buildings or rooms in the physical world, a digital certificate serves the same purpose in the electronic world. When a digital certificate is issued to you, a copy of a uniquely generated number, based on your certificate, is stored in our system. Every time you login, our system asks your browser for your certificate. If your system does not posses the certificate that was issued to you, then your system can not produce the unique “identifier” and that session will be terminated. And, like access cards, certificates are mobile and can move around with their “owner.”

ALERT: Important Note on Security Options
If you would like the increased security of a digital certificate in addition to your user I.D. and password, you will need to choose digital certificate service when you sign up for PrivateVault. (In a future release, you will be able to upgrade from the password-only service to digital certificate service.)

PrivateVault uses TrustMint™ digital certificates from Digital Signature Trust Co., the industry leader in digital certificate technology. For more information about Digital Signature Trust and its services, visit Digsigtrust.com.

Below is a diagram illustrating how the digital certificate process works: