Lorex, a FLIR Systems subsidiary, distributes video security systems online and at brick-and-mortar locations. The Markham, Ontario-based company serves small business and consumer markets mainly in North America and Europe. Its video surveillance systems and equipment include connected visible light video cameras, illuminated infrared cameras, DVRs / NVRs, video monitors, and baby monitors. Lorex’s financial reporting and operations rely on IT to run a geographically distributed business with a mobile workforce.
As part of a publicly traded company, Lorex has many regulatory obligations, including the need for Payment Card Industry Data Security Standard (PCI-DSS) compliance and Bill 198 governance. Bill 198 requires publicly-held companies to implement and evaluate internal controls and disclosure procedures over financial reporting. This Canadian legislation is intentionally like Sarbanes-Oxley (SOX), including the requirement that companies adopt internal controls over financial reporting, demonstrate their effectiveness, and disclose the strengths and weaknesses of these controls on a regular basis.
Although Bill 198 does not directly address information technology, it has significant IT and information security implications for how organizations safeguard their data. The reporting requirements of Bill 198 also require that organizations have strong data forensic capabilities.
Bill 198 and the need for PCI-DSS compliance impacts IT in several ways. For Lorex, a key requirement is control and protection of business data, wherever it resides. The company has a highly mobile and distributed workforce, including employees across retail locations and offices, as well as executives who handle customer information and business data on laptops.
Lorex required an effective and reliable method of securely backing up data from each device frequently and consistently. It also needed the ability to completely wipe data from any device if necessary – if a laptop is stolen or lost, for example.
Threats to Lorex’s data include human error, ransomware and other forms of malicious cyber activity. Employees travel all over the world making it difficult for the company to push security polices to devices. At times, there can be different versions of data on different machines that need to be backed up and managed. Some of their data needs to be replicated on other devices in as little time as 10 minutes. Finally, Lorex wanted the backup solution it deployed to store its business information in Canada.
To make sure it could back up every endpoint securely and with certainty, Lorex turned to BackupSilo, a Supra ITS company, for its Endpoint Data Protection. BackupSilo’s Endpoint Data Protection is powered by Datacastle, and backed by Supra ITS’ world-class, Tier 3 data centres located in Canada.
Lorex’s mission-critical data resides on many device types including desktops, laptops, tablets and smartphones. All of it is backed up using BackupSilo’s Endpoint Data Protection service which meets the company’s disaster recovery plan needs and compliance obligations as a public company – including PCI-DSS and Bill 198. All data backed up through the solution, regardless of location, device or user, is encrypted in transit and at rest, and is stored in Canada.
BackupSilo’s Endpoint Data Protection optimizes network performance by leveraging Datacastle’s global deduplication capabilities to reduce storage space and maximize system performance. It addresses Lorex’s challenge of having different versions of data scattered throughout is mobile workforce. Using its Data DNA process, the system builds a map for each file/version that is unique to the device and creates its own encryption key. It then checks to see if Data DNA block is already in the vault for upload, and unique encrypted blocks are backed up at the next scheduled online backup.
BackupSilo’s Endpoint Data Protection is perfectly-suited for a distributed organization such as Lorex and gives the company a high degree of flexibility and scalability. The patented enterprise-grade solution is specifically designed for mobile workforces to mitigate data loss and breaches. In addition, Endpoint Data Protection maximizes network and end-user performance through intelligent real-time management of bandwidth.
By using BackupSilo’s Endpoint Data Protection, Lorex can back up all devices throughout its distributed workforce. This not only includes laptops and desktops, but also Apple iOS and Android devices as part of its secure cloud backup and disaster recovery plan using Datacastle’s RED mobile technology.
The Datacastle Data DNA feature has increased storage efficiency because the Lorex global client-side deduplication only moves unique data to the vault. Any data that is backed up, including metadata, is AES 256-bit encrypted so there are no single-key vulnerability issues. This is critical in helping Lorex meet its various compliance requirements.
Not only does BackupSilo’s Endpoint Data Protection secure data by backing it up, it also safeguards it by remotely destroying it if necessary. The solution lets Lorex completely wipe data from any device that is lost or stolen, regardless of the location.
Thanks to BackupSilo, Lorex has been able to eliminate the complexity and time required to track all of its endpoints. Lorex can rest assured that all its laptops, desktops and other mobile devices around the world are securely and accurately backed up as part of its a secure cloud backup strategy and disaster recovery plan.