Cloudback Docs
HomePricingBlogContactSign In
  • Getting Started
    • What is Cloudback?
    • Installation Guide
    • First Backup Walkthrough
  • Managing Backups
    • Automated Daily Backups
    • Metadata Backups
    • One-Click Manual Backups
    • Setting Backup Schedules
    • Manage Backup Storage
    • Backup Retention Policy
    • Password-Protected Backups
    • Account Settings
    • Bulk Operations
    • Data Deduplication
    • Email Notifications
    • Instant Notifications
    • Archive Name Pattern
  • Data Restoration
    • Download Backups
    • Restore to GitHub
  • Automation
    • Terraform Provider
    • Operations API
  • Dashboard
    • Dashboard Overview
    • Card view
    • Table view
    • Repository Details
    • Backup Details and Metadata
    • Backup Status Badge
  • Storage Configuration
    • Cloudback Managed Storages
    • Customer Managed Storages
    • Replicating Backups
  • Supported Storages
    • Alibaba Cloud Object Storage Service
    • Amazon S3 Bucket via Access Key
    • Amazon S3 Bucket via Access Point
    • Amazon S3 Glacier
    • Amazon S3 Object Tagging
    • Google Cloud Storage Bucket
    • Microsoft Azure Blob Container
    • Microsoft OneDrive Business
    • Microsoft OneDrive Personal
    • OpenStack Swift
    • Wasabi Customer Managed Storage
  • Account and Billing Management
    • Payment Methods
    • GitHub Organizations
    • Invoiced Customers
  • Troubleshooting and Support
    • Known Issues
    • Contact us
  • Security Features
    • Access Review: Vanta Integration
    • Immutability: Amazon S3 Object Lock
    • Encryption: Password-Protected Archives
    • Traceability: Audit Log
  • Legal
    • Terms of Service
    • Privacy Policy
Powered by GitBook
LogoLogo

Learn more

  • Integrations
  • Blog

Explore

  • Roadmap
  • Changelog

Support

  • Contact Us
  • Status

Legal

  • Terms of Service
  • Privacy Policy

© 2025 Cloudback

On this page
  • Technical Security Overview
  • Security Implications
  • Learn more

Was this helpful?

  1. Security Features

Encryption: Password-Protected Archives

Learn how Cloudback secures GitHub backups with AES-256 encryption and password protection, ensuring data confidentiality and preventing unauthorized access.

Cloudback secures every backup using a robust encryption model. The archive is built on ZIP File Version 5.2 combined with AES-256 encryption, ensuring that your data remains confidential and protected against unauthorized access.

Technical Security Overview

  • Encryption Standards: AES-256 is widely regarded as one of the strongest encryption methods available. However, note that many built-in ZIP utilities (e.g., Microsoft Windows Compressed Folders) do not support AES encryption. For optimal compatibility, we recommend third-party tools such as 7-Zip.

  • Double-Archive Method: To protect filenames, Cloudback embeds one ZIP archive inside another. This is done to encrypt filenames inside an archive. Filename encryption is introduced in ZIP File Format Specification 6.2. We decided to keep version 5.2 for better compatibility.

Security Implications

  • Tool Compatibility: If your preferred archiver does not support AES-256, you may face difficulties accessing your backups. We advise testing your tools and, if necessary, switching to a recommended solution like 7-Zip.

  • Configuration Impact: While you can adjust encryption settings for customer managed storages, disabling encryption can significantly reduce the security of your backups. Cloudback-managed storages enforce password protection to maximize data safety.

For detailed instructions on how to manage encryption settings, please refer to our Password-Protected Backups page.

Learn more

  • Customer Managed Storages

  • Restore to GitHub

  • Data Deduplication

PreviousImmutability: Amazon S3 Object LockNextTraceability: Audit Log

Last updated 4 days ago

Was this helpful?