As experts in data backups, security is at the core of what we do.

Request access to our trust center to start your security review

Infrastructure security

At ProBackup, we leverage robust infrastructure security measures to ensure your data is protected at all times

We store user data exclusively in AWS data centers in Dublin, Ireland, which are certified by industry standards such as ISO 27001, SOC 1 and SOC 2, and PCI Level 1, among others. AWS data centers feature advanced physical security measures, including 24/7 CCTV monitoring, intrusion detection, access logging, redundant power systems, fire suppression, and water leakage detection systems.

We enforce strict access control policies, requiring multi-factor authentication (MFA) for production databases and networks, restricting privileged access to authorized personnel only, and revoking access promptly upon termination. All data encryption keys and production systems are securely managed to minimize risk.

Our infrastructure undergoes continuous monitoring, with tools for intrusion detection, performance tracking, log management, and vulnerability assessments. Additionally, network segmentation, firewall protections, and regular system hardening ensure our infrastructure remains resilient against threats. More details on AWS security practices are available at AWS Compliance Programs

Organizational security

At ProBackup, our organizational security practices ensure a secure and compliant environment for managing your data.

We enforce strict asset disposal procedures, maintain a detailed inventory of production systems, and deploy up-to-date anti-malware technology.

All employees and contractors undergo background checks, sign confidentiality agreements, and adhere to our Code of Conduct, which is acknowledged at hire and strictly enforced. We conduct annual performance evaluations and implement a robust password policy. Mobile devices are managed centrally using Mobile Device Management (MDM) systems, while visitors to secure areas follow stringent sign-in and escort procedures. Employees complete security awareness training during onboarding and annually to stay informed of best practices.

Product security

At ProBackup, our product security practices are designed to protect your data at every stage.

At ProBackup, our product security practices are designed to protect your data at every stage. All sensitive customer data is encrypted at rest using AES-256 encryption, with cryptographic keys securely managed by AWS Key Management Service. Data transmission is safeguarded with SSL encryption on port 443, enforced by Strict Transport Security (HSTS) to ensure all connections use HTTPS.

We conduct annual control self-assessments and penetration testing, implementing remediation plans for identified vulnerabilities within defined SLAs. Our formal policies include robust vulnerability management and system monitoring procedures to proactively address potential risks and maintain the integrity of our systems.

Internal security procedures

At ProBackup, our internal security procedures ensure robust safeguards for data protection and incident management.

At ProBackup, our internal security procedures ensure robust safeguards for data protection and incident management. We maintain comprehensive Business Continuity and Disaster Recovery Plans to ensure operations during unforeseen events and hold cybersecurity insurance for financial protection. Access to production deployments is strictly limited to authorized personnel, and our formal systems development life cycle (SDLC) governs all changes to our systems.

We conduct regular access reviews and require documented approvals for access requests to maintain appropriate access controls. Our security policies are reviewed annually, and incident response policies are in place to handle and resolve security or privacy incidents efficiently. Vulnerability scans are performed quarterly, with critical findings promptly remediated. Additionally, users can report issues through our external-facing support system, and our whistleblower policy provides an anonymous channel for reporting concerns.

Data and privacy

At ProBackup, we are committed to safeguarding your data and ensuring transparency in how it is handled.

At ProBackup, we are committed to safeguarding your data and ensuring transparency in how it is handled. Our data retention and disposal procedures govern the secure storage and removal of customer data, including the permanent deletion of confidential information when you leave our service. We also follow a data classification policy to ensure sensitive data is secured and accessible only to authorized personnel. For more details, refer to our Privacy Policy.

ProBackup operates as both a data processor and a data controller, depending on the context. As a data processor, we handle personal data on behalf of our customers, who remain responsible for determining the purpose and means of processing. Customers can formalize this relationship by signing our Data Processing Addendum (DPA). As a data controller, we manage personal data about our customers and adhere to policies outlined on our website to ensure compliance with data protection regulations, including the GDPR.