GitLab Backup

App providers themselves will always backup their internal systems, but do so from an operational point of view. They never provide individual backups/restore solutions for their actual customers, and operate as a “shared responsibility model“. This means that they try to ensure their network and servers are available, but the actual data is your responsibility.

At best, they provide very simplistic, limited 7-30 day retention that can be easily broken by a rogue employee or hacker performing a permanent delete.

Risks such as accidental deletion (very common), rogue employees, hackers and ransomware are very real threats for data stored on cloud systems. In addition, organisations are frequently being asked to show they backup critical SaaS app data for legal, compliance and cyber insurance purposes.

Go to your app providers website and look for their Terms of Use. In there you often find a paragraph stating that there is no individual backup of your data, and you are responsible to do so on a regular basis.

For example:

Jira: “To avoid data loss, we recommend making regular backups”

Microsoft 365: “We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”

Xero: “Data loss is an unavoidable risk when using any technology. You’re responsible for maintaining copies of your data entered into our services. No compensation: Whatever the cause of any downtime, access issues or data loss, your only recourse is to discontinue using our services.”

Other providers don’t mention backup at all, they simply state that they have no liability for any data loss for whatever reason and will only refund you one month’s subscription.

Company data is now moving “to the cloud” when in reality this is just someone else’s server. Insurance companies and regulatory bodies are increasingly realising that critical data is held on these popular app providers. If you are in the financial, insurance of healthcare sectors you will almost certainly have to prove you have backups of all your data. HIPPA regulation for example, states that you need to demonstrate restore and recoverability. Insurance companies will also refuse certain levels of cover if you cannot show that you have protected your data.

Yes, unfortunately it does happen and incidents are expected to increase in the future.

For example, in 2019 Git repositories (GitHub, GitLab and Bitbucket) were targeted and customer source code repositories were wiped and replaced with a ransom demand.

In 2020 GitHub users were targeted in a phishing campaign to acquire passwords and bypass 2FA. A similar attack took place in April 2022 and users had their private repositories accessed.

In 2022 Atlassian (the owners of Trello and Jira) managed to execute a maintenance script which resulted in 1000s of Jira users unable to access their data for many weeks. It took weeks to get back to normal and some customers lost data.

Once you sign up to our platform you are asked to choose an app you wish to protect. You can then authenticate using your app credentials to allow us permission to backup your data. Your data is then automatically backed up daily to our secure servers where the data remains encrypted, ready to restore if required.

We use Amazon Web Services (AWS) to store your data and use their UK (London) and USA (Northern Virginia) datacenters. We will be adding new datacenters periodically depending on customer requirements.

Yes of course. Our annual plans are typically 20% cheaper than our monthly plans.

Yes, we use Amazon Web Services (AWS) to power our backup platform. All customer data is encrypted using AES 256bit encryption during transfer and at rest on the storage nodes. We have no unencrypted access to customer data whatsoever.

The datacenter is ISO 27001 and 9001 compliant. They are also SOC 1 and SOC 2 certified. In addition, we are also GDPR and HIPPA compliant. Further security details can be found on our security page.

Yes you can. But you would need to create your own script, learn the app API and pay attention to API changes that may break your script. You will also need to find a secure location to store the backups, ensure the data is encrypted and regularly test it. Restoration is often impossible or very time consuming via a script.

In reality you are too busy running a business to do any of this, and BackupLABS is here to help.

Yes, of course. See our Contact Us page for our telephone number, physical address and contact form.

Put simply, if you are not completely happy with our service and would like a refund, let us know and we happily refund you.