- Information security program
Acronis maintains a comprehensive information security and compliance program that includes administrative, physical, and technical controls based on ongoing risk assessment. Our information security policies and processes are based on broadly accepted international security standards, such as ISO 27001 and NIST.
- Access control
Acronis has implemented an enterprise-wide access control policy to restrict access to information resources and data in accordance with official duties. Access provisioning is based on the «Need to Know» and «Least Privileges» principles.
Internal access control procedures detect and prevent unauthorized access to Acronis systems and information resources. When providing access, Acronis uses centralized access control systems with secure mechanisms and authentication protocols (LDAP, Kerberos, SSH certificates), unique user IDs, strong passwords, two-factor authentication mechanisms, and limited control access lists to minimize the likelihood of unauthorized access.
- Infrastructure security and availability
High-availability and redundant infrastructure are designed to minimize associated risks and eliminate single points of failure. To ensure network security and minimize the risks of external penetration, Acronis uses a web application firewall (WAF) which include instant protection against SQL injection, cross-site scripting, unauthorized resource access, remote file inclusion, and other OWASP (Open Web Application Security) threats.
Acronis datacenters are equipped with UPS and backup diesel-generators and are designed to ensure constant power availability for up to 48 hours to sustain an undefined power outage. In addition, there are redundant HVAC, network and UPS. VESDA (Very Early Smoke Detection Apparatus) Air Sampling and Dual Zone Pre-Action (Dry Pipe). There is also temperature and humidity monitoring.
- Data security
The Acronis network is multi-layered and zone-based. The managed network equipment separates and isolates internal, external and customers’ environments, and provides routing and filtering of network protocols and packets.
Acronis provides real-time encryption for all data transferred among customers and data centers. This real-time encryption provides the best protection for network interaction and prevents unauthorized access to the transmitted data.
Acronis uses HTTPS (TLS) secure data transfer protocols with crypto-strong encryption algorithms and provides security of cryptographic key exchange (Diffie-Hellman) to protect the transmitted data and reduce the risks of compromised key information.
Acronis software allows one to protect content of Acronis Cloud by government grade encryption algorithm AES-256. However, for Acronis Backup products encryption is carried out by user demand, while Acronis file access, sync, and share solution (Acronis Files Cloud) always encrypts user data by default. (!)Please note that recovering a lost password is not possible by any means.
Acronis stores customer data employing its own software-defined storage solution, Acronis Storage with Acronis CloudRAID technology. Acronis Storage delivers fast, universal, protected, efficient, and proven storage that unites block, file, and object workloads.
- Physical security
Physical security is ensured via high fences, 24x7 security personnel, and video surveillance with 90-day archiving. Biometric hand-geometry scan and proximity key card are required for access.
Acronis privacy statement is available at http://www.acronis.com/company/privacy.html