Cloudback Docs
HomePricingBlogContactSign In
  • Getting Started
    • What is Cloudback?
    • Installation Guide
    • First Backup Walkthrough
  • Managing Backups
    • Automated Daily Backups
    • Metadata Backups
    • One-Click Manual Backups
    • Setting Backup Schedules
    • Manage Backup Storage
    • Backup Retention Policy
    • Password-Protected Backups
    • Account Settings
    • Bulk Operations
    • Data Deduplication
    • Email Notifications
    • Instant Notifications
    • Archive Name Pattern
  • Data Restoration
    • Download Backups
    • Restore to GitHub
  • Automation
    • Terraform Provider
    • Operations API
  • Dashboard
    • Dashboard Overview
    • Card view
    • Table view
    • Repository Details
    • Backup Details and Metadata
    • Backup Status Badge
  • Storage Configuration
    • Cloudback Managed Storages
    • Customer Managed Storages
    • Replicating Backups
  • Supported Storages
    • Alibaba Cloud Object Storage Service
    • Amazon S3 Bucket via Access Key
    • Amazon S3 Bucket via Access Point
    • Amazon S3 Glacier
    • Amazon S3 Object Tagging
    • Google Cloud Storage Bucket
    • Microsoft Azure Blob Container
    • Microsoft OneDrive Business
    • Microsoft OneDrive Personal
    • OpenStack Swift
    • Wasabi Customer Managed Storage
  • Account and Billing Management
    • Payment Methods
    • GitHub Organizations
    • Invoiced Customers
  • Troubleshooting and Support
    • Known Issues
    • Contact us
  • Security Features
    • Access Review: Vanta Integration
    • Immutability: Amazon S3 Object Lock
    • Encryption: Password-Protected Archives
    • Traceability: Audit Log
  • Legal
    • Terms of Service
    • Privacy Policy
Powered by GitBook
LogoLogo

Learn more

  • Integrations
  • Blog

Explore

  • Roadmap
  • Changelog

Support

  • Contact Us
  • Status

Legal

  • Terms of Service
  • Privacy Policy

© 2025 Cloudback

On this page
  • Technical Security Overview
  • Security Implications
  • Learn more

Was this helpful?

  1. Security Features

Encryption: Password-Protected Archives

PreviousImmutability: Amazon S3 Object LockNextTraceability: Audit Log

Last updated 2 months ago

Was this helpful?

Cloudback secures every backup using a robust encryption model. The archive is built on combined with encryption, ensuring that your data remains confidential and protected against unauthorized access.

Technical Security Overview

  • Encryption Standards: AES-256 is widely regarded as one of the strongest encryption methods available. However, note that many built-in ZIP utilities (e.g., Microsoft Windows Compressed Folders) do not support AES encryption. For optimal compatibility, we recommend third-party tools such as .

  • Double-Archive Method: To protect filenames, Cloudback embeds one ZIP archive inside another. This is done to encrypt filenames inside an archive. Filename encryption is introduced in . We decided to keep version 5.2 for better compatibility.

Security Implications

  • Tool Compatibility: If your preferred archiver does not support AES-256, you may face difficulties accessing your backups. We advise testing your tools and, if necessary, switching to a recommended solution like 7-Zip.

  • Configuration Impact: While you can adjust encryption settings for customer managed storages, disabling encryption can significantly reduce the security of your backups. Cloudback-managed storages enforce password protection to maximize data safety.

For detailed instructions on how to manage encryption settings, please refer to our page.

Learn more

ZIP File Version 5.2
AES-256
7-Zip
ZIP File Format Specification 6.2
Password-Protected Backups
Customer Managed Storages
Restore to GitHub
Data Deduplication