Encryption: Password-Protected Archives

Every backup is stored as a ZIP archive that is automatically encrypted with a unique, system-generated password. This ensures that your backup data remains confidential and tamper-proof.

Encryption Standards

The archive is built using ZIP File Version 5.2 combined with AES-256 encryption—one of the strongest encryption methods available.

Note: Many built-in ZIP utilities (e.g., Microsoft Windows Compressed Folders) do not support AES encryption. For optimal compatibility, we recommend third-party tools such as 7-Zip.

Double-Archive Method

To protect filenames, Cloudback embeds one ZIP archive inside another. Filename encryption is introduced in ZIP File Format Specification 6.2. We use version 5.2 for better compatibility while still protecting your filenames.

Managing Encryption Settings

For customer managed storages, you have the option to disable archive encryption:

• Disabling Encryption: Edit your customer managed storage settings and select ZIP archive without password protection.

  WARNING: Disabling encryption requires that you implement alternative measures to secure your data.

• Enabling Encryption: To ensure maximum security, choose Password-protected ZIP archive.

Cloudback-managed storages always enforce password protection to maximize data safety.

Archive Sample & Password

You can download a sample archive to test your extraction tools:

• Download: bee12062e5d741b1baf334088c2c980d.zip

• Password: c8f42392e86e4f7fbe8b4adf7ec65694

Learn more

• Customer Managed Storages

• Restoring a Repository

• Data Deduplication