Security, Trust + Compliance
Data Protection in the Modern Enterprise
We don’t ask our customers to give us their blind trust. Instead, we engineer a variety of highly secure cloud solutions to give choices in how you limit risk, stay in compliance and improve business continuity. It’s why more than 37,000 businesses trust Code42, including top global brands and government agencies held to the highest standard of information privacy.
Security is the most important principle at Code42, spanning personnel, hardware, software, policies and controls, physical security of our data centers, and verification by independent auditors.
- Code42 has end-to-end ownership of cloud stack software, server, storage, network, monitoring and security components
- Platform and product code is built and rigorously quality tested at our U.S. headquarters
- Encryption keys can remain on-premises in public, private and hybrid cloud deployments
- Data is encrypted at the source using AES 256-bit encryption, and remains encrypted in-transit and at rest
- Backup files are tamper proof; decryption occurs only via authorized customer access
Code42 solutions enable enterprise IT to deploy and enforce security policies and compliance requirements governing where data is stored and who can access and decrypt it.
Code42’s on-premises data storage, public cloud storage, or a combination of private and public clouds provide:
- Command of where data and encryption keys are stored
- Centralized policy management
- Enterprise-wide administration with complete visibility of data and users
- Tamper-proof audit trails
- Compliance with data-export laws
- Decryption strictly via authenticated customer credentials
- Permanent data destruction when account is deactivated
Code42’s deployment destination flexibility empowers you to decide where to store data and keys based on your unique requirements for data security, compliance, privacy and performance. As an example, 82% of Code42 business customers elect on-premises encryption key storage, though their data is stored in private, public or hybrid clouds.
- Choose from a range of topologies deployed site-by-site
- Choose private, public or hybrid cloud storage
- Choose where to store encryption keys in any deployment
Unlike backup and storage software vendors that store customer data in third-party cloud platforms, Code42 is vertically integrated, from client-software and server platform development, through cloud operations and customer service.
Code42 security personnel are responsible for self-administered and third-party penetration tests of our cloud data centers, and annual secure-coding practices and reviews.
No Third-Party Components
Code42 maintains operational ownership and monitoring of all systems. Software, storage, network monitoring, and security components are developed and maintained in-house at our U.S. headquarters.
Our development teams follow Open Web Application Security Project standards and conduct code reviews focused on secure transmission and storage of data, initial mapping and analysis of an application’s attack surface and identification of security vulnerabilities.
Our cloud engineering personnel maintain operational ownership and monitoring of network, systems, applications and security at our global data centers, including system health, secure data transmission, protection from denial of service, physical access and network and system vulnerabilities.