Code42 regards data security as the most important component of CrashPlan backup services. Data security and privacy concerns are addressed by employing a multi-layered security model that includes transmission security, account security (access), password security, encryption security and secure messaging. On the application side, CrashPlan runs within the confines of a secure Java virtual machine using industry standard cryptographic algorithms.
Your first line of defense is a password protected user interface; you can require that CrashPlan prompt you for a password every time the application is launched to prevent unauthorized access to your archived data and backup settings. The account password is never stored or transmitted in plain text.
The second line of defense appears before your data ever leaves your machine. Backup data is encrypted with 448-bit encryption. Backup transmission is then scrambled using 128-bit encryption. Keys are created using a secure random number generator and are escrowed with your archive at each destination so you can restore your files should you lose your computer. Archive encryption keys can be secured with your account password or a private password. For the ultimate level of protection, you can replace the CrashPlan-generated key with your own data key.
Secure Cloud Storage
In addition to the security measures built into CrashPlan software, backing up online to CrashPlan Central—our cloud destination—offers the added protection of our state-of-the-art data storage facility. Your backup is stored in one of our data centers located throughout the US and around the world. All our data centers comply with data storage industry standards for physical access security and are monitored 24/7.
In addition, power redundancy, climate controls and fire suppression systems guarantee very high availability and resistance to failure. The facilities themselves protect CrashPlan's infrastructure from physical harm.