Skip navigation

Why 39,000 businesses trust us.

We eat, sleep, and breathe data security. Because your trust and our livelihood depend on it.


Our customers demand us to be obsessive about data security. Their trust and our livelihood depend on it. The strongest encryption of your data, both in transit and at rest, should be just the start of your expectations of our service. 

You also expect that you’re in compliance with government regulations, that your data is safe no matter which storage location you choose, and that your software provider follows the strictest security policies in its own house.

We’ve been meeting those customer expectations since 2001. That’s why more than 39,000 businesses trust us with their data. Our customers include seven of the world’s 10 largest technology companies and government agencies held to the highest standards of information privacy and security.

A Code42 guiding principle
Security is a guiding principle here at Code42, spanning personnel, hardware, software, policies and controls, physical security of our facilities and data centers, and verification by independent auditors. As a Code42 customer, here’s what you can expect us to do:


  • Maintain end-to-end ownership of cloud stack software, server, storage, network, monitoring, and security components.
  • Rigorously and routinely quality test platform and product code.
  • Allow encryption keys to remain with you on premise, in public, private, and hybrid cloud deployments.
  • Encrypt data at the source using AES 256-bit encryption, and keep it encrypted in transit and at rest.
  • Ensure backup files are tamper-proof; decryption occurs only via authorized customer access.
  • Security Overview

    Security, Trust and Compliance

    Read Now
  • Tech Specs

    CrashPlan Technical Specifications – Security

    Read Now

Compliance simplified.

Whether you’re protecting the data of patients, cardholders, or everyday citizens, you expect it to be easy and cost effective to comply with ever-changing requirements. 

Compliance regulations abound across industries and geographies. Our platform helps you comply with regulations governing where and how your data is stored, who can access it, and who can decrypt it.

All our deployment options provide:

  • Customer choice of where data and encryption keys are stored
  • Centralized policy management
  • Enterprise-wide administration with complete visibility of data and users
  • Tamper-proof audit trails
  • Compliance with data-export laws
  • Decryption strictly via authenticated customer credentials
  • Permanent data destruction when account is deactivated
  • Single-click Compliance Settings to automatically restrict data access based on your regulations
Read about CrashPlan and HIPAA Compliance


You know the best place to store your data and encryption keys. We make sure every SaaS option keeps them safe.

Every organization has unique requirements for data security, compliance, privacy, and performance.

82% of Code42 business customers elect on-premises encryption key storage, though their data is stored in private, public, or hybrid clouds.

Go private or public. Or both.

Embrace a SaaS platform without compromising data security. You are in control of your encryption keys and where data is stored, so you can meet even the most rigorous security and privacy requirements.

Public cloud

The Code42 public cloud is ideal for organizations that want an on-demand and globally available cloud for endpoint data protection. There’s no sacrificing security for convenience, because you keep the encryption keys.

  • Option of unlimited storage that won’t cap your users
  • Keep the encryption keys
  • Global data centers for fast access
  • End-to-end AES 256-bit encryption
  • Quick to deploy and scale
  • Low upfront cost
  • AWS option for encryption key storage

Private deployments

A private deployment meets the most stringent data security and compliance requirements with purpose-built appliances and software that are quick to deploy and scale to hundreds of thousands of users. The result: a private Code42 deployment in your own data center. Our Customer Champions monitor and manage the deployment 24/7, so your team is free to focus on more strategic projects.

  • Proven Code42 deployment in your data center
  • Purpose-built appliances shipped to your door
  • End-to-end AES 256-bit encryption
  • 24/7 proactive monitoring and support
  • Fast deployment with on-demand scalability
  • AWS option for encryption key storage

Hybrid deployments

A Code42 hybrid deployment gives you the best of both public cloud and private deployments. You get the security of the private deployment coupled with the capacity and elasticity of the Code42 public cloud. You also have complete control over which users’ data is stored where. Through a single administration console, you can see and control all endpoint data across both destinations.

  • Keep the encryption keys
  • Option of unlimited cloud storage
  • Support data security and compliance requirements
  • Global data centers for fast access
  • End-to-end AES 256-bit encryption
  • One admin console manages all destinations
  • AWS option for encryption key storage

Select the options that are right for your business:

  • Choose your cloud, keep your key
  • Choose from a range of topologies deployed site-by-site
  • Choose from private, hybrid, or private deployment options
  • Choose where to store encryption keys in any deployment
  • Leverage an existing deployment or a new Amazon Web Services (AWS) deployment for encryption key storage
Learn more about cloud deployment options
Choose Your Cloud, Keep the Keys

Choose Your Cloud, Keep the Keys


Unlike backup and storage software vendors that store customer data in third-party cloud platforms, Code42 is vertically integrated, from client-software and server platform development, through cloud operations and customer service.

Code42 follows the Software Development Life Cycle (SDLC) framework to guide the product development lifecycle

  • Best Practices

    Code42 security personnel are responsible for self-administered and third-party penetration tests of our cloud data centers, and annual secure-coding practices and reviews.

  • No Third-Party Components

    Code42 maintains operational ownership and monitoring of all systems. Software, storage, network monitoring, and security components are developed and maintained in-house at our U.S. headquarters.

  • Development

    Our development teams follow Open Web Application Security Project standards and conduct code reviews focused on secure transmission and storage of data, initial mapping and analysis of an application’s attack surface and identification of security vulnerabilities.

  • Engineering

    Our cloud engineering personnel maintain operational ownership and monitoring of network, systems, applications and security at our global data centers, including system health, secure data transmission, protection from denial of service, physical access and network and system vulnerabilities.