Our Security

Physical Security

We use the AWS London and USA (East) locations, with more to be added periodically as required. All AWS datacenters feature:

• AWS employees only access
• 24 hour CCTV monitoring
• Intrusion detection
• Full access review and logging
• Fully redundant electrical power systems, with a backup power supply to remain operational 24 hours per day
• Automatic fire detection and suppression systems
• Leakage detection systems to detect the presence of water

 

The AWS datacenters we use are also fully compliant with the most common certifications and laws: ISO 9001, ISO 27001, ISO 27017, ISO 27701, ISO 27018, PCI DSS, SOC 1, SOC 2, SOC 3, HIPPA, HDS, FIPS, NIST, EU GDPR and UK Cyber Essentials Plus.

Software & Data Security

BackupLABS is secure by design and we operate a “zero knowledge” policy.

• Our platform can only access your data from an authorized access token that you (your account) provide from the app. These tokens are stored via the AWS Key Management Service.
• Your data is transferred over the internet from the app provider using 256-bit TLS encryption. Once the data arrives at AWS, they are stored at rest in separate S3 storage buckets using 256-bit AES GCM encryption. We have no access to any unencrypted data.
• For the payment system, we utilize Stripe and their API to handle all credit card transactions. We have no access to full credit card data and the system is fully PCI compliant.
• Finally, we use a dedicated and separate logging management system to monitor all changes and access to our platform.