Backblaze
Security

Keeping our customer data
safe is a part of our DNA

Our Philosophy

Security is a top priority at Backblaze. We believe that no technology is perfect and that working with skilled security researchers across the globe is crucial in identifying possible weaknesses in our systems. If you believe you've found a security bug in our service, we are happy to work with you to resolve the issue promptly and ensure that you are fairly rewarded for your discovery. Our bug bounty program is open to the public and is managed via Bugcrowd. You’ll find everything you need to know at bugcrowd.com/backblaze . We look forward to your help in making our platform even better.

Keep customer data safe and secure.
Keep the system easy to use for customers.
Proactively monitor all systems and processes.
Hire third party organizations to continuously test the security of our systems and processes.
Provide our Chief Security Officer the resources needed to enable this security philosophy.

Account Access

Backblaze deploys the best-in-class security to prevent unauthorized use or access.

Single Sign-On via G Suite or Office 365 available for all users
2-Factor Verification via SMS or ToTP Authenticator Apps available for all users
Require account verification prior to accessing private data.
Do not store passwords. Instead, put them through a hash and salt.
Maintain usage and access monitoring on all accounts.

Computer Backup

Data is encrypted on your computer, encrypted during transmission, and encrypted while stored.

Personal Encryption Key

(“PEK”) option available for all customers. With a PEK, Backblaze cannot access your data (in case of lost password, subpoena, or any other event).

Data Transferred via HTTPS

Using a strong protocol, a strong key exchange, and a strong cipher. We continuously monitor using industry standard, independent sources like SSL Labs

Public/Private Keys

2048 bit public / private keys secure a symmetric AES -128 key

B2 Cloud Storage

Backblaze B2 is our object storage service. It allows you to determine the level of security that is right for you and your data.

SLA of 99.9% Availability .
Durable by design - you can trust that your data is safe with us .
Backblaze B2 stores the data you put in it. Choose to upload only encrypted data, use a third party integration to encrypt data before transmission to Backblaze B2, or store data unencrypted.
Data is immediately encoded for redundancy upon receipt and stored in a data center in your account region.
Data in Private Buckets can only be accessed after account authentication.
Data in Backblaze B2 can be protected from ransomware using object lock and third party integrations, making the data non-erasable and non-modifiable for a user-specified interval.

Storage Infrastructure & Data Durability

Our purpose built infrastructure - based on the Backblaze Storage Pod - is designed from the ground up to keep your data safe and secure.

Backblaze Vaults and Backblaze Reed - Solomon Encoding form the backbone of our system. Learn more about how we calculate our durability.

Data Centers

Our physical facilities have best-in-class security features and are staffed every hour of every day of the year.

SSAE-18 / SOC-2 compliant.
Biometric Security.
ID checks and area locks that require badge-level access.
Regions: US West (California & Arizona), US East (Virginia), & EU Central (Amsterdam).

More Data Center Info

Your browser appears to be blocking javascript. Our site requires it to be enabled to function properly.
To use this site, please enable javascript on your browser.

Backblaze Security