Our top concern is protecting our users’ source code and Intellectual Property. Furthermore, we have made every effort to ensure the data protection is as seamless as possible. Let’s take a look at how GitProtect provides the best security measures for your organization.
We do not provide you only a backup solution. With our secure and safe technology, we guarantee you peace of mind in every situation.
Backup encryption: your data is encrypted - simply choose your encryption level and make sure nobody can decrypt your confidential information.
In-flight encryption: we encrypt your data in-flight before it even leaves your physical machine so it’s protected either during backup execution or at rest in the repository.
Zero-knowledge encryption: your device does not have any information about the encryption key - it receives it only when performing a backup. We don’t know what’s inside and nor will any intruder.
No single point of failure: our solution simply enables the communication between the device and storage and does not take part in the backup process. You can lose access or configuration but as long as you have your encryption key you can restore the data.
Secure Password Manager: store and manage all your passwords (internal and external) in one, secure place. You don’t have to remember or write them down - if you need to use it, just choose from the list.
GitProtect.io powered by Xopero ONE uses Advanced Encryption Standard (AES) algorithm to encrypt data. AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. AES is considered unbreakable and is widely used by many governments and organizations.
Within GitProtect.io the user must provide a string of characters on the basis of which the encryption key will be built. This string is later saved in Secure Password Manager.
Low - forces the AES algorithm to work in OFB (OUTPUT FEEDBACK) mode with an encryption key of 128 bits.
Medium - as in the case of 'Low' encryption strength, the AES algorithm is run in OFB mode, but the key used is the encryptor is twice as long - it consists of 256 bits.
High - with this option selected, AES will work in CBC (CIPHER-BLOCK CHAINING) mode, and the encryption key is 256 bits long.
GitProtect.io powered by Xopero ONE only relies on secure and compliant data center providers. Our customers’ data are stored in USA-based or EU-based best-in-class data centers, compliant with stringent security guidelines which offer 24x7 tech and network support. Independent third-party auditors certify that systems and processes comply with all the latest industry standards. Standards and certifications include:
ISO 27001 is the international security standard used to benchmark the protection of sensitive data. It encompassed organizational security policies, personnel security, physical and environmental security, systems and network security, and business continuity management
EN 50600 is the first European-wide, transnational standard that provides comprehensive specifications for the planning, construction, and operation of a data center with a holistic approach.
EN 1047-2 standard describes an extensive test method for external fire exposure. It determines the protection of temperature- and moisture-sensitive data carriers and hardware systems in data rooms as well as containers.
SOC 2 Type II our solution simply enables the communication between the device and storage and does not take part in the backup process. You can lose access or configuration but as long as you have your encryption key you can restore the data.
SOC 3 is a public report of internal controls over security, availability, processing integrity, and confidentiality.
FISMA compliance is data security guidelines set by FISMA and the National Institute of Standards and Technology (NIST). NIST is responsible for maintaining and updating the compliance documents as directed by FISMA.
DOD standard refers to compliance with all guidelines and regulations established by the American Department of Defense (DOD).
DCID is compliance with the Director of Central Intelligence Directive refers to security practices used to protect highly classified intelligence information systems
HIPAA compliance refers to a series of regulatory standards that outline the lawful use and disclosure of protected health information (PHI).
Other certifications PCI-DSS Level 1and PCI DSS compliant, ISO 50001, LEED Gold Certified, SSAE 16 compliant.
Our data center providers meet the highest standards of physical security to restrict unauthorized physical access and protect the safety of our customer data. Only authorized personnel have access to the data centers, based on 2-factor authentication (biometric/card), 24/7 monitoring by surveillance cameras, and strict access management - pre-authorized visitors only.
The protection of personal data is very important to us - both in terms of data protection of our clients (as an administrator) and data stored by customers as part of backups (as a processor).
To provide our clients with the highest level of protection, we have implemented a number of tools to protect personal data, fully compliant with the high requirements of Regulation (Eu) 2016/679 Of The European Parliament And Of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC General Data Protection Regulation (GDPR).Learn more