SkyBackup is committed to security and focused on keeping your data and your credentials safe. We use industry-leading security practices when connecting to data sources and loading data from/to them.
SkyBackup is hosted in a secure Microsoft Azure cloud, in west US data centers. Microsoft provides its customers with the best security and protection for their data, and security is built right into their Azure platform.
Microsoft Azure Cloud servers run in secure data centers, and access to them is restricted only to authorized personnel. Microsoft Azure Cloud implements the best security practices and complies with a wide set of national, regional, and industry-specific requirements and security standards - SOC 2, ISO 27001, and many others.
To keep your data secure and private, SkyBackup stores users' private data encrypted using AES 256-bit encryption. Encryption keys are unique for every user, and our employees don't have access to them, and cannot decrypt users' data. Only the top-level administrators have administrative access to SkyBackup's virtual machines.
SkyBackup complies with the European Union's Global Data Protection Regulation (GDPR).
SkyBackup complies with HIPAA requirements for Protected Health Information (PHI), and we are ready to sign a Business Associate Agreement (BAA) with customers who are subject to HIPAA mandates.
SkyBackup is PCI DSS-compliant. We use 2Checkout payment provider for processing payments. 2Checkout handles all the payment details. Your private data is 100% safe, as 2Checkout complies with the latest online security standards and is PCI DSS-certified. No payment information is handled or stored by SkyBackup. For more details, you can review 2Checkout's Terms and Conditions and Privacy Policy.
Users' private data stored by SkyBackup, is encrypted at rest using AES 256-bit encryption, which is one of the strongest ciphers available.
SkyBackup stores the following users' data:
Backups - User data backups, created by SkyBackup are stored in secure Azure GRS storage. SkyBackup uses Microsoft Azure redundant storage mechanisms to ensure that the data is not lost even in case of hardware failures. Users' backup data cannot be accessed directly and can be accessed only via SkyBackup services. Whenever necessary, users can delete their backups when they don't need them anymore.
Connection parameters - To maintain automatic backup, SkyBackup stores the necessary connection parameters for your data sources. Credentials are stored encrypted using AES 256-bit encryption.
Connection metadata - SkyBackup stores names and types of objects and fields in users' data sources in order to display them in its user interface. This is the only part of users' data, visible to our employees. They may access it in order to provide better assistance to the users in their specific use cases.
Temporary cache - Occasionally, when running users' queries or integrations, SkyBackup may cache some of the users' data. This cache is stored only while the operation is running and is immediately deleted after it finishes.
If our user prefers to stop using SkyBackup and delete their account and all the connected data, they can delete it in their Settings section.
SkyBackup is using an Azure Virtual Network inside the Microsoft Azure platform. All the virtual machines, on which SkyBackup is running, are protected by the firewall and routing rules, and only ports, required for SkyBackup functioning, are open.
SkyBackup can be accessed only via HTTPS. All the users' data is encrypted in transit using TLS end-to-end encryption and strong encryption keys with length of at least 128 bits. All the interactions between our interface and APIs are also encrypted.
For all the data sources that support OAuth connections, SkyBackup uses OAuth connections by default. This means that you don't need to provide your data source credentials to SkyBackup, and they are not stored on our servers. You can revoke OAuth access to your data at any time. These OAuth tokens are stored encrypted on SkyBackup.
SkyBackup allows signing in either by creating an account with email and password or by using Single Sign-On (SSO) with Google, Salesforce or Xero. For email/password accounts, SkyBackup uses a strong hashing mechanism for passwords. Passwords are not stored on SkyBackup servers, only secure hash is stored.
SkyBackup is developed by Devart - a company with 25+ years of experience in creating data connectivity solutions and database tools, having more than 40 000 customers , including companies from Fortune 500 and Fortune 100. It is developed using all the necessary secure coding practices and standards. SkyBackup developers are experienced and trained for secure coding, and SkyBackup's code includes measures for minimizing and mitigating security risks and breaches. SkyBackup team regularly conducts automated security tests and checks for vulnerabilities.