Security at Cloud Haven Backup

Security

A security posture built for the worst day, not just the average one.

Cloud Haven Backup supports compliance efforts including GDPR, HIPAA workflows and SOC 2 program requirements. We do not claim certifications we don't hold — see our Security Policy for the current state.

Encryption

AES-256-GCM at rest, TLS 1.3 in transit. Files are encrypted on your device before upload.

Key management

Customer-held keys with optional zero-knowledge mode. Recovery via passphrase plus printed key card.

Anomaly detection

Unusual deletion or encryption patterns trigger alerts and freeze affected restore points.

Access control

Role-based access, SSO, 2FA, IP allowlists (Business / Enterprise) and granular audit logging.

Infrastructure

Geo-redundant storage with regional residency selection. Independent third-party penetration testing.

Incident response

24/7 on-call. Documented IR runbook. Customer notifications within applicable legal timelines.

Trust resources

Security Policy
Data Processing Addendum
Privacy Policy
Request a security review pack

Contact security For business