Mover 服务迁移安全性Mover services migration security

Mover 服务由高可用性基础结构组成,主要用于在云存储提供商之间移动文件。Mover services consist of a highly available infrastructure with the primary purpose of moving files between cloud storage providers. 我们了解安全性和可靠性对客户的重要性,并为每位客户提供量身定制的服务级别。We understand the importance of security and reliability to our customers, and provide a level of service tailored for each customer. 我们致力于不断改进,此处演示的做法应被视为实施的最低标准。We are dedicated to continually improving, and the practices presented here should be considered the minimum standard of our implementation.

安全的存储与传输Secure storage & transfers

通过 Mover 传输的文件使用 AES-256 标准加密。The files transmitted through Mover are encrypted using the AES-256 standard. 我们收到你的文件后会立即进行加密。Your files are encrypted as soon as we receive them. 我们管理加密密钥。We manage the encryption keys.

Mover 使用 Microsoft Azure 作为服务器基础结构。Mover uses Microsoft Azure for our server infrastructure. 可在 Microsoft Azure 网站查找有关 Microsoft 安全性的详细信息。You can find more information about Microsoft's security at the Microsoft Azure website.

你的文件通过安全通道(使用 TLS 1.2(传输层安全性)加密,安全 Internet 网络连接的标准)在所选服务与我们的服务器之间发送。Your files are sent between the services you choose and our servers over a secure channel using TLS 1.2 (Transport Layer Security) encryption, the standard for secure Internet network connections.

访问权限Access

我们努力保护你的信息免受未经授权的访问。We work hard to protect your information from unauthorized access. 禁止 Microsoft 员工查看通过 Mover 传输的文件内容。Microsoft employees are prohibited from viewing the content of files you transmit through Mover. Microsoft 员工只能读取文件元数据(例如文件名和路径),以便支持迁移。Only file metadata such as file names and paths are readable by Microsoft employees in order to support your migrations.

四个主要领域的安全性Security in four primary areas

我们的安全性体现在四个主要领域:Security for us comes in four primary areas:

服务的授权Authorization of service

在与云存储提供商或其他服务进行身份验证的过程中,我们需要收集并存储身份验证数据,以便以后使用。During the process of authentication with a cloud storage provider or other service, we require the collection of authentication data to be retrieved and stored for later use. 有两种主要方法用于收集此数据:OAuth 和直接密码或密钥集合。There are two primary methods that are used to collect this data, OAuth and Direct password or key collection.

OAuthOAuth

OAuth (Open Authorization) 是一种 Web 标准,提供最终用户无需共享凭据即可授权第三方访问其服务器资源的过程。OAuth (Open Authorization) is a web standard which provides a process for end users to authorize third-party access to their server resources without sharing credentials. 可在以下位置找到更多信息:More information can be found at:

虽然确切的加密方法因浏览器而异,但 Mover 要求在 Mover 和用户初始授权之间进行强 TLS 加密。Although the exact encryption method varies browser by browser, Mover requires strong TLS encryption between Mover and the user for the initial authorization. 所有 OAuth 令牌交换均使用 TLS 1.2 连接到授权服务器。All our OAuth token exchanges use TLS 1.2 to connect to the authorizing server. OAuth 将允许用户通过撤消令牌来随时拒绝 Mover 访问第三方服务。OAuth will allow the user to deny Mover access to the third-party service at any time by revoking our token.

直接密码或密钥集合Direct password or key collection

所有密码或密钥的收集都是通过 Web 界面在安全的 TLS 连接上使用强加密(通常为 256 位 AES 或更强加密)进行的。All password or key collection occurs through our web interface over a secure TLS connection utilizing strong ciphers, generally 256-bit AES or stronger.

用户授权信息的存储Storage of user authorization information

为了能够持续访问用户的服务,我们需要存储授权凭据。For us to have continual access to the user’s service, we need to store authorization credentials. 对于 OAuth 或类似 OAuth 的服务(例如 Box),我们将存储允许访问的授权令牌。For OAuth or OAuth-like services such as Box, we store an authorization token which grants us access.

如果有直接密码或密钥(例如 Amazon S3),则需要存储直接授权凭据。If there is a direct password or key, such as Amazon S3, we need to store direct authorization credentials.

这些凭据是访问客户文件的关键,我们特别注意正确保护凭据。These credentials are the key to accessing the customer’s files, and we take special care to secure credentials properly. 所有令牌和密码都使用 AES-256 加密,并使用全局和用户特定的加密密钥封装。All tokens and passwords are encrypted using AES-256, wrapped with both global and user-specific encryption keys. 然后,这些数据将存储在不允许外部访问的内部数据库服务器中。This data is then stored in our internal database servers with no outside access.

基础结构的安全性Security of infrastructure

我们的基础架构受到保护,不受外部攻击。Our infrastructure is secured from external attacks. 以下几类服务器已仔细地实施安全策略。The following classes of servers have carefully implemented security policies.

RunnersRunners

Runners 是我们移动文件的服务器。Runners are our servers that move files. 由于我们的服务依赖于出站连接,我们的安全策略非常简单和安全。Because our services rely on outbound connections, our security policy is straightforward and secure. 不允许外部访问这些服务器。There is no outside access allowed to these servers. 所有出站通信都通过点防火墙推送,模糊化后面的基础结构。All outbound traffic is pushed through a point firewall, obfuscating the infrastructure behind.

对于维护,允许通过两个阶段的过程进行 SSH 访问。For maintenance, SSH access is allowed through a two stage process. 仅可通过双重身份验证和 SSH 密钥访问管理网络,然后只能通过 SSH 密钥对各个服务器进行 SSH 访问。Access to the management network is only possible with two factor authentication and SSH keys, then from there SSH access to the individual servers only via SSH keys. 为了进一步提高安全性,只允许特定允许列表的 IP 地址进行入站 SSH。To further increase security, inbound SSH is only allowed from specific white-listed IP addresses.

API 服务器API servers

我们的 API 服务器(适用于公共 API 和内部 API)具有面向公众的界面。Our API servers, both for our public API and internal API, have a public facing interface. 主要区别是,我们的 API 服务器需要完全开放的面向公众之 Web 界面。The main difference is that our API servers require a public-facing web interface that is completely open. 此界面仅允许 TLS Web 流量。Only TLS web traffic is allowed into this interface. 对于我们的公共API,仅允许基于身份验证会话的流量。For our public API, only authenticated session based traffic is allowed. 对于我们的内部应用程序 API,所有访问都通过我们管理的 API 密钥得到保护。For our internal application API, all access is secured through our managed API keys.

Web 界面Web interface

拥有 Web 界面的所有 Mover 应用程序都使用 TLS 强加密进行保护。All applications by Mover that have a web interface are secured using TLS strong ciphers. 用户输入(包括用户名和密码)通过此加密的 TLS 连接(以网站范围的 2048 位 TLS 证书标识)安全地传递到后端,。User input, including username and passwords, are passed securely to the backend over this encrypted TLS connection, identified by our site-wide 2048-bit TLS certificate.

用户数据流经系统的方式User data as it flows through us

在传输过程中,所有文件都将下载到 Runner 服务器(位于 Microsoft Azure ),然后通过 Microsoft 365 迁移 API 进行处理。During the process of a transfer, all files are downloaded to our Runner servers, located in Microsoft Azure, then processed through to Microsoft 365 Migration APIs. 每个步骤都依赖 TLS 加密协议。Each step relies on TLS cryptographic protocols.

在中介过程中,Mover 会将文件的副本临时保留在加密的文件系统上,然后再将其上传到 Microsoft 365。During mediation process, Mover temporarily maintains a copy of your file on an encrypted file system before it uploads it to Microsoft 365. 一旦文件上传得到验证,我们立即从缓存中删除该文件。As soon as the upload of the file has been verified, we immediately remove the file from our cache. 我们从不保留你的数据的副本。We never keep a copy of your data. 我们仅为数据传输提供便利,对保留你的数据毫无兴趣,也不会从中受益。We facilitate the transfer of your data and we have no interest in, or benefit from, retaining your data.