Security and privacy are at the core of what we do!
We build features and architecture our systems in a security-first manner.
Top-notch datacenters
Our applications are running on secure infrastructure operated by AWS and located in Europe and USA.
Secure by design
SimpleBackups is built in a way that no backup data is ever stored or passed through our servers, which drastically reduces the risk of data breach.
User data restrictions
No database access is given to any employees or third-parties.
Backup encryption for all
All backups, on any plan can be fully encrypted using your own RSA keys, meaning you're the only one able to decrypt them.
Your account security
- Oauth 2 and 2-Factor Authentication
- You can use your Github or DigitalOcean OAuth 2 integration to log in to SimpleBackups and we also support 2FA.
- Manage teams and users permissions
- Manage who can access your resources, organise them by group and restrict level of access for each team member.
- What happens if my account on SimpleBackups is compromised?
- The beauty of SimpleBackups is that it allows us to answer all the following questions by a 'No'.
We tried other solutions in the past, and this was not the case, which is why we believe that our solution is the safest bet.- Storage secret can be viewed from my account? No.
- Servers SSH keys could be retrieved from my account? No.
- Servers SSH passwords could be viewed from my account? No.
- Backups on my offsite storage could be deleted by any means? No.
- Encrypted backups could be decrypted by anyone other than the private key owner? No.
- If SimpleBackups disappears one day, or if my account is deleted, will I not be able to retrieve my backups? No.
Your backups security
Your account, team settings, ...
- Encryption with your own RSA key
- Backup encryption is fully managed by your own RSA key meaning you're the only one able to read it. Not us. So don't lose your key!
- We log activity for all backup operations
- Any activity on your backup is logged and displayed on your backup view page.
- AES-256 encryption across the board
- All backup, server and storage related data is encrypted using AES-256. This means it's impossible to read the data without the encryption key in case of a data breach. Additionally:
- All backup jobs that run do not work outside the backup directory you set or the /tmp directory
- The scripts that run are thoroughly tested on our infrastructure continuously (we have automated test cases for all backup types, unit-tests, and minutely running backups for testing)
- The backup scripts run for all users all the time, including us as well, since SimpleBackups uses itself to maintain its own backups
- Store your backups on your storage
- You can bring your own storage and connect it to SimpleBackups. In this case the data is sent from your server to your storage, not passing by our servers at anytime.
Your storage security
- Leverage S3 permissions
- S3 permissions allows you to easily restrict access to only certain folders. We document this process for most providers and encourage you to use the least possible permissions.
- Dropbox & Google Drive Permissions
- When connecting to Dropbox or Google Drive, SimpleBackups access is restricted to its own folder only.
- Support for object-locked storage
- You have the option to connect an immutable storage with object-lock activated.
- Support for read-only storage
- You have the option to connect a read-only storage to ensure that data is never deleted by any means.
- SimpleStorage infrastructure & permissions
- SimpleStorage is hosted on AWS and is fully managed by us. A unique IAM will be created for each user having their own access to their own bucket space. This guarantees a fully secured storage environment.
Your servers security
- Data encryption
- All data you enter in SimpleBackups is encrypted using AES-256 encryption. This means it's impossible to read the data without the key in case of a data breach. We never store passwords/secrets in clear text.
- We don't need a root access!
- The SSH access provide only requires read access to the folders you need to back up, nothing more!
Compliance & Security Standards
European based company
- We're based in Belgium and we're a European based company. We follow the European Data Protection Regulation (GDPR) to ensure the protection of your data no matter where you are in the world.
ISO 27001 Certified
- SimpleBackups is ISO 27001 certified. This means that we have a framework of policies and procedures that includes all legal, physical and technical controls involved in our information risk management processes.
SSO and 2FA for all
- You can use your Github or DigitalOcean OAuth2 integration to login to SimpleBackups and we also support 2FA for all users.
No third-party data access
- We don't let any third-party access the data stored in SimpleBackups or access any of our servers
Automated tests
- All our releases are tested by our team of engineers and we make sure that all our releases are safe and secure. We also have automated tests for all our releases.
No access to your data
- No data of your backup is accessible by anyone from the team. We do not store any of these on our servers. We only have access to logs and meta data.
Activity Logs
- We log all activity performed by our team and by our systems. We can track what action was taken by who, at any moment. Same applies to the actions by your team members on your SimpleBackups account.
Secure by design
No backup data stored
Secure SSL connections
Backup encryption
Additional resources
Our articles and resources about security and privacy