Alan_Brown wrote:But unless you are really worried about making online backups more often than monthly, the problem is already solved. The Church already takes a full backup of your MLS data and stores it on their servers once per month. In the event of a catastrophic loss of data, you can contact local unit support and obtain the most recent backup, which should be only an average of two weeks old.
Before I knew if our backup was going to work I did contact SLC and their backup was a few weeks old, I don't remember how old. In the case of a fire, the paper files are more likely to be lost than the computer files, so there would be no way to recover even one day's worth of lost data in that situation. Any missing financial data is too much in my opinion.
Alan_Brown wrote:The policy is simple, and there's no exception for encryption. So it seems to me that from a policy perspective, the idea of using a third-party backup service is not going to fly.
I understand the policy is simple, but I guess I was more of suggesting an update to the policy. We were very blessed that our backup was good and up to date, but it easily could have gone the other way, which would have been a major loss.
From a technical point of view, since many Church buildings now use broadband internet
to transmit MLS data, that means that MLS data is stored on any number of computers not owned by the church
during that process. Any time information is transmitted over the internet it bounces through a number of computers (take a look at a trace route). When information goes through a computer, it is actually stored on the computer for a moment until it is confirmed transmitted (a requirement of the TCP/IP protocol), and then it typically deletes the information. I say typically because if any of those computers along the way is compromised (maliciously, intentionally or on accident), than it could store the data indefinitely, or route a copy to another server, and there would be no way of knowing for Church headquarters or the unit transmitting their data. That is the reason your bank and other web sites use SSL
, because they know the data is on other machines during transmission.
So I would hope that the MLS software deals with the issue of transmitting data over the internet with encryption. A good encryption routine (like 128-Bit AES and well maintained keys) is the only way to secure the data in this case (well at least until they develop the quantum data transmission that is able of determining if a copy of the information was made during transmission, but that is a few decades away at least).
So what I am suggesting is actually (from a technical and security point of view) no different than transmitting MLS data over the internet. Now I am not suggesting we stop using broadband, nor am I saying online backup is approved under the policy. Just pointing out that this is a solved problem
thanks to encryption, and a common practice for MLS data.
Things have changed with the introduction of broadband access in individual unit buildings, so this is now an option that didn't need to be discussed before.
Thanks for your response and consideration!