Security

Security is Key: The Protection of Your Data is Our Highest Priority

Since the founding of Backup ONE, we have made it our mission to be transparent and open about the storage of your data and the associated security standards. Our customers have the right to know where their data is stored and what happens to it.

High Availability

Security in our Datacenters

As part of the Equinix infrastructure, our datacenters offer you a first-class solution for your data security and performance requirements. Switzerland as a data location therefore provides the optimal location for hosting our data

Certifications and Technical Excellence

The data centers excel through numerous certifications that confirm their position as market leaders in the data center sector: ISO 9001, ISO 22301, ISO 27001, ISO 45001, PCI DSS, SOC 1 Type II, SOC 2 Type II, and Cyber Essentials. These certifications are evidence of the datacenter's reliability, security, and sustainable management.

Sustainability and Environmental Awareness

In accordance with ISO 14001 and ISO 50001 standards, our primary data center, for example, exclusively uses renewable energy sources, particularly hydropower, which underlines our commitment to environmentally friendly operational practices. This ensures that we not only secure your data but also take careful care of our environment.

Technical Specifications

The technical infrastructure includes a distributed redundant UPS configuration, N+1 UPS redundancy, and N+1 cooling redundancy. With 10 x 2,250 kVA diesel generators and an additional 20% cooling reserve, we offer maximum operational continuity and failsafe operation.

Security at the Highest Level

The datacenters also provide maximum physical security with biometric readers and continuous video surveillance with 90-day storage. Security personnel are on-site around the clock to protect the integrity and security of your critical data assets.

Availability and Uptime

Our data centers are characterized by an industry-leading average uptime of over 99.9999%, highlighting our commitment to maximum reliability and performance. We provide businesses with a decisive advantage by ensuring that your services are always available and performing optimally. With all these capabilities and features, Backup ONE's datacenters are not just technical infrastructure, but a platform that helps you succeed in the digital world. Our goal is to enable you to realize a significant competitive advantage through our services.

The Backup ONE Swiss Cloud

The Backup ONE Swiss Cloud provides the foundation for our highly secure services. The operation is 100% under our custody, allowing us to monitor and control all elements of the system.

Your Data Vault

The Backup ONE Swiss Cloud

The visualized path of your data. They are encrypted and stored geo-redundantly via dedicated lines in Switzerland's most secure data centers.  

Data Encryption in Transit (or "in Flight")

How data is protected during transmission.

TLS 2048 Bit

All data is transmitted from the workload via a TLS 2048bit secured connection to ensure protection from unauthorized eyes, even if an attacker were able to intercept transmitted packets.

Data Encryption at Rest

How data is protected during storage, i.e., when it is not being actively used.

AES 256 Bit

Your data is stored encrypted on our cloud storage clusters. We don't know the key and have no way to recover it if lost. The encryption is performed using a certified AES 256 (Advanced Encryption Standard, 256 Bit) implementation. More about the security of AES including calculation examples can be found here.

100% Data Redundancy

All data is stored twice. And we mean it: Every byte is copied 1:1 in both our primary and secondary data centers. But that's not all - thanks to erasure coding, the encrypted data is additionally protected against hardware or software errors, ensuring that it can be recovered even if storage devices fail.

Data Protection in Use

How data is protected during use (called in use or in compute).

Process Monitoring and File Access Control

Your data is protected as follows while being processed by the CPU. The backup engine does not merely rely on the (RAM) memory separation of the respective operating system but monitors the processes running on the system itself thanks to the integrated antivirus and anti-ransomware module. Additionally, the backup agent monitors file access on the system and detects suspicious mass manipulations (such as those occurring during ransomware attacks). Suspicious processes are blocked, and you are immediately notified.

Ransomware Protection

Ransomware attempts to encrypt as many files as possible. Thanks to the monitoring of all protected folders and files, mass processing can be detected and blocked. If files have already been successfully encrypted, they can be restored directly from the backup set.

Backup Set Protection

Backup sets are continuously monitored, and it is ensured that they can only be processed by the backup software itself.

Security Policies

Which security policies are applied to all our services at Backup ONE.

100% Data Location Switzerland

All data and metadata are stored encrypted in Switzerland.

Zero-Knowledge-Policy

Our employees have no access to your data. Lost keys cannot be recovered and the affected backup data becomes useless.

24/7 Monitoring of Entire Infrastructure

The entire infrastructure is continuously monitored using state-of-the-art methods. Anomalies are immediately reported to the designated Security Officers, who classify the incident and initiate appropriate measures.

Least Privilege

All employees receive only the necessary permissions on all systems. The Least Privilege principle ensures that no unnecessary permissions are distributed and that the group of people who have access rights is constantly kept up to date.