Secure SaaS Backup
Stringently Compliant
ISO 27001 AND HIPAA COMPLIANT
CloudAlly is ISO 27001 certified which is an internationally recognized accreditation for information security management. We are also HIPAA compliant and can provide a BAA Agreement on request.
The certificate is available upon request from your partner account manager.
GDPR COMPLIANT
CloudAlly is GDPR compliant.
CLOUD SECURITY ALLIANCE (CSA)
CloudAlly participates in the Cloud Security Alliance STAR (Security, Trust and Assurance Registry) program using CSA’s Cloud Controls Matrix (CCM). CCM is a framework of cloud-specific security controls ensuring that participating organisations adhere to leading industry standards, best practices and regulations.
DATA CENTERS IN NA, EU, U.K. OR APAC
Adhere to local regulatory requirements with your choice of data centers spread across Canada, Germany, Ireland, Sydney, U.S., and the U.K, and 10 locations in total. Or backup to your own storage with Bring Your Own Storage support (BYOS)
Best-in-class Application Security
Reliable Amazon Hosting
CloudAlly is hosted on Amazon Web Services (AWS), which means that we’ve built CloudAlly on a foundation of reliable security right from the beginning.
Secure MFA/2FA Authentication and Okta Integration
Our solutions implement application security best practices, such as multi-factor authentication (MFA), Two Factor Authentication (2FA), robust password protection, password and access key rotation, and vulnerability and patch management. We also support Okta integration.
Certified by Microsoft, Salesforce.com, Google and AWS
Our website has a Secure Security Authorization (HTPS) Certificate issued by GoDaddy. We’re certified Microsoft Platform Ready and have been tested and verified secure by Amazon Web Services, Salesforce.com, and G Suite.
Intrusion Detection
Virtual private cloud, identity and access management, stateful and stateless firewalls, application-level firewalls, and intrusion detection further strengthen the security of our solutions.
Rigorous Data Protection
Data Encryption in-transit and at rest
All data is stored in Amazon S3 storage and encrypted using advanced AES-256 bit encryption algorithms. Transmitted data is encrypted and secured using SSL (HTTPS) enabled servers.
Our servers are strongly secured, hardened and include the latest security patches. All end-user sessions and interactions with the CloudAlly backup solution use SSL/HTTPS.
Encryption Key Management
CloudAlly uses a unique encryption key for each customer, and the keys are securely stored. Use of a unique S3 folder for each customer ensures data isolation. Additionally, every backup task has its own initial vector, which is stored securely and separately from the user key. This technique helps CloudAlly to encapsulate the users’ data. Immutable Storage – our Object-Lock capability further minimizes the possibility of accidental or malicious loss of data.
OAuth Permissioning
CloudAlly uses industry standard OAuth for permission based access when possible, eliminating the need to enter or store user credentials on the CloudAlly system. The OAuth “token” limits access to exactly what CloudAlly needs to do and doesn’t provide general access to your account. You can revoke authorization at any time. If OAuth is not available for a specific service then credentials are stored using advanced
AES-256 bit encryption algorithms.
Customer has Full Control of Data
Admin-controlled backups
Customer backup data is not accessible directly, it can only be accessed using the CloudAlly platform. CloudAlly backups can only be activated, deactivated or restored by the customer’s Data Administrator.
Internal CloudAlly staff do not have access to customer data, and only a limited number of core team members have access to production keys based on a “need to know” policy for problem resolution, and all access is logged in the audit log.
Data Privacy by Design
CloudAlly archives can optionally be stored in Amazon data centers in Canada, Germany, Ireland, Sydney, U.S., and the U.K as needed for compliance with data privacy directives. Or Bring Your Own Storage (BYOS)
No Data Retention after Deletion
All backup data is retained as long as you maintain your CloudAlly subscription. If you choose to cancel your subscription, your data will be deleted from the CloudAlly archives within 5 Days. If you deactivate an individual user backup or database table/domain, that data will be deleted within 24 hours so we recommend downloading the data prior to deactivation if you want to retain the backed up data for local archiving.
Payment Processing
Payment processing, including credit card information, is hosted by our payment processor which is fully PCI compliant. No payment information is handled or stored on the CloudAlly system.
Questions?
