Institutions back up critical customer account data each night in the Sheltered Harbor standard format, either managing their own vault or using a participating service provider. The data vault is encrypted, unchangeable, and completely separated from the institution’s infrastructure, including all backups.
Institutions prepare the business and technical processes and key decision arrangements to be activated in the case of a Sheltered Harbor event; where all other options to restore critical systems - including backups - have failed.
They also designate a restoration partner so that if the Sheltered Harbor Resiliency Plan is activated, the partner can restore critical customer data as quickly as possible.
Certification is a critical component of the Sheltered Harbor initiative. Participants adopt a robust set of prescribed safeguards and controls, which are independently audited for compliance with the Sheltered Harbor standard.
Upon completing the requirements for Data Vaulting, the institution will be awarded a Sheltered Harbor certification and an accompanying seal, communicating that their customer account data is protected.