Description of the security and privacy measures
- Data Transfer Security
Customers are identified by username (e-mail address) and a password. Authentication information is sent securely over SSL. All backup data is encrypted using government grade 256-bit AES before uploading to the Internet.
Data Content Security
Acronis software allows one to protect the entire archive itself from unauthorized access with a password upon its initial creation (especially useful and recommended when the archive is sent via mail through Initial Seeding or Large Scale Recovery process). In addition to the password, the archive's contents can be encrypted with the help of the worldwide accepted AES cryptographic algorithms:
- AES 128 – the backups will be encrypted by using the Advanced Encryption Standard (AES) algorithm with a 128-bit key
- AES 192 – the backups will be encrypted by using the AES algorithm with a 192-bit key
- AES 256 – the backups will be encrypted by using the AES algorithm with a 256-bit key
(!) Please note that recovering a lost password is not possible by any means.
Backup data is split between multiple servers similar to RAID with additional Reed–Solomon error correction.
- Onsite Monitoring and Security
Physical security is ensured via high fences, 24x7 security personnel, and video surveillance with 90-day archiving. Biometric hand-geometry scan and proximity key card are required for access.
- Redundant Power and Networks
Datacenters are equipped with UPS and backup diesel-generators and are designed to ensure constant power availability for up to 48 hours to sustain an undefined power outage. In addition, there are redundant HVAC, network and UPS.
- Fire Detection and Suppression
VESDA (Very Early Smoke Detection Apparatus) Air Sampling and Dual Zone Pre-Action (Dry Pipe). There is also temperature and humidity monitoring.
- Acronis privacy statement is available at http://www.acronis.com/company/privacy.html