, security by design

We protect your DevOps ecosystem against data loss & cyber threats and securely manage your organization's data to keep it private.


SOC2 Type II






AES 256 encryption
with your key

Trusted by the world’s leading organizations


SOC 2 Type II, ISO27K, GDPR… but above all DNA - that's what security means for us. Check our security practices and features that will facilitate your own regulations, certification processes, and procedures.

Multi-level security mechanisms


Product security features


Storage & infrastructure security



1. Product security features

We do not provide you only a DevOps backup solution. With our secure and safe technology, we guarantee you peace of mind in every situation.

In-flight & at rest encryption: we encrypt your data in-flight before it even leaves your physical machine, so it’s protected either during backup execution or at rest in the repository.

SAML integration: authenticate users through your Identity Provider with SAML standard to have full control over access and security and meet your procedures. Use your Azure Active Directory, Okta, CyberArk, Oauth, OneLogin, and more IdP’s we support.

SOC2 Type II compliance: Your guarantee that we have implemented appropriate security measures and controls in terms of data security, availability, processing integrity, confidentiality, and privacy. Thus, we not only manage your data in compliance with top security standards but facilitate your own journey to certifications.

ISO 27001 compliance: GitProtect is the only one DevOps backup with an ISO27K certificate. It assures you that our organization follows a comprehensive framework to maintain and develop a secure Information Security Management System and is prepared to react appropriately in the event of threats.

Ransomware protection: immutable storage, non-executable data format, replication, compression, considered unbreakable encryption, and more. Our one-of-a-kind Ransomware Protection technologies provide multiple layers of immutability, limiting both the negative effects of ransomware and the potential spread of threats in storage.

Encryption strength powered by Xopero ONE uses Advanced Encryption Standard (AES) algorithm to encrypt data. AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. AES is considered unbreakable and is widely used by many governments and organizations.

Within the user must provide a string of characters on the basis of which the encryption key will be built. This string is later saved in Secure Password Manager.

Available encryption settings:

Low - Forces the AES algorithm to work in OFB (OUTPUT FEEDBACK) mode with an encryption key of 128 bits.

Medium - as in the case of 'Low' encryption strength, the AES algorithm is run in OFB mode, but the key used is the encryptor is twice as long - it consists of 256 bits.

High - with this option selected, AES will work in CBC (CIPHER-BLOCK CHAINING) mode, and the encryption key is 256 bits long.

2. Storage & infrastructure security powered by Xopero ONE only relies on secure and compliant data center providers. Our customers’ data are stored in USA-based or EU-based best-in-class data centers, compliant with stringent security guidelines which offer 24x7 tech and network support. Independent third-party auditors certify that systems and processes comply with all the latest industry standards. Standards and certifications include:

ISO 27001 is the international security standard used to benchmark the protection of sensitive data. It encompassed organizational security policies, personnel security, physical and environmental security, systems and network security, and business continuity management.

EN 50600 is the first European-wide, a transnational standard that provides comprehensive specifications for the planning, construction, and operation of a data center with a holistic approach.

EN 1047-2 standard describes an extensive test method for external fire exposure. It determines the protection of temperature- and moisture-sensitive data carriers and hardware systems in data rooms as well as containers.

SOC 2 Type II report is an internal controls report capturing how a company safeguards customer data and how well those controls are operating.

SOC 3 is a public report of internal controls over security, availability, processing integrity, and confidentiality.

FISMA compliance is data security guidelines set by FISMA andNational Institute of Standards and Technology (NIST). NIST is responsible for maintaining and updating the compliance documents as directed by FISMA.

DOD standard refers to the compliance with all guidelines and regulations established by the American Department of Defense (DOD).

DCID is a compliance with the Director of Central Intelligence Directive and it refers to security practices used to protect highly classified intelligence information systems.

HIPAA compliance refers to a series of regulatory standards that outline the lawful use and disclosure of protected health information (PHI).

Other certifications: PCI-DSS Level 1and PCI DSS compliant, ISO 50001, LEED Gold Certified, SSAE 16 compliant.

iso aicpa soc hipaa fisma pci

Data centers security

Our data center providers meet the highest standards of physical security to restrict unauthorized physical access and protect the safety of our customer data. Only authorized personnel have access to the data centers, based on 2FA, 24/7 monitoring by surveillance cameras, and strict access management - pre-authorized visitors only.

Focus security measures

  • External Perimeter fence with 24x7 CCTV monitoring and guard patrols,
  • Footage stored for 30 days,
  • Man traps to data hall,
  • 2 factor authentication (biometric/ card),
  • Pre-authorized visitors only,
  • Visitor logs are kept for one year

Fire protection and suppression

  • 24×7 decentralized monitoring of M&E plant room&redundant systems,
  • Gaseous fire suppression and dry-pipe pre-action sprinklers,
  • Very Early Smoke Detection Apparatus (VESDA),
  • Sub-raised floor water detection system installed around CRAC units and along the perimeter of the room,
  • FM200 fire suppression,
  • Doors and partitions are minimally 2-hours rated

3. by Xopero ONE and the GDPR

The protection of personal data is very important to us - both in terms of data protection of our clients (as an administrator) and data stored by customers as part of backups (as a processor).

To provide our clients with the highest level of protection, we have implemented a number of tools to protect personal data, fully compliant with the high requirements of Regulation (Eu) 2016/679 Of The European Parliament And Of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC General Data Protection Regulation (GDPR).

Learn more