Protecting Customers' Data is Our #1 Priority

Spanning Backup employs multiple layers of operation and physical security to ensure the integrity and safety of your data, including:

SOC 2 Compliancee
Spanning is SOC 2 Type II certified, a rigorous evaluation of repeatable internal operational and technical controls, information technology processes, and trust services principles.

Strong Encryption
Spanning Backup protects data at rest with 256-bit AES object-level encryption (one of the strongest block ciphers available) with unique, randomly generated encryption keys for every single object and a rotating master key protecting the unique keys.  All data in transit is also protected with Secure Socket Layer (SSL) encryption.

Intrusion Detection
Our systems constantly guard against intrusion with log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting, and active response.

Compartmentalized Access
Access to production servers is granted only to named Spanning employees who have specific operational requirements. Changes to the production environment access control list are tracked and auditable.

HIPAA Compliance 
Spanning’s service is HIPAA-compliant. If you are interested in learning more, please contact us at sales@spanning.com.

Cloud Security Alliance Member
Spanning is a member of the Cloud Security Alliance (CSA), a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.

Skyhigh Enterprise-Ready 
Spanning Backup has been awarded the Skyhigh CloudTrust™ rating of enterprise-ready. Skyhigh Enterprise-Ready cloud services fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.

Third-Party Certifications and Audits
Spanning Backup operates within the Amazon Web Services cloud, which is ISO 27001 certified, has completed multiple SAS-70 Type II audits, and publishes a SOC 2 report under both the SSAE 16 and the ISAE 3402 professional standards.

Privacy & Security Certifications
Spanning Backup has also earned TRUSTe Enterprise Privacy Certification and is certified under the US-EU Privacy Shield.