A Carbonite encryption primer

September 22, 2015

When you entrust valuable data to an online backup provider, you must feel confident your data is private and secure. That’s why Carbonite uses state-of-the-art technology, secure infrastructure, and industry-leading standard operating procedures to keep our customers’ data safely, securely and privately backed up and easily restored.

World-class data encryption is an important part of this process. Before Carbonite backs up your files to the Carbonite cloud, all files are encrypted using 128-bit Blowfish encryption.

Encryption and HIPAA compliance
Encryption is important for any person or small business that wants to keep their information safe, secure and private. But it’s absolutely essential for doctors, dentists, insurance agents and anyone else who needs to comply with the Health Insurance Portability and Accountability Act (HIPAA). In fact, it’s the law.

HIPAA requires Covered Entities and their Business Associates to implement a mechanism to encrypt and decrypt electronic protected health information (ePHI). Carbonite meets this requirement through its use of 128-bit encryption and its use of Secure Sockets Layer (SSL) technology.

To be specific, we use 128-bit encryption while the files are still on the customer’s computer. Files are transmitted to state-of-the-art data centers using SSL. And Files are encrypted on the secure servers that make up the Carbonite cloud.

Does Carbonite allow customers to manage their own encryption keys?
Yes. During installation, Carbonite business account admins can select private encryption key management, allowing them to manage the sole copy of the encryption key for each Windows computer, NAS device and server. With private encryption key management, no one, not even the Carbonite technical support staff, can recover files without your unique encryption key. And since your private encryption key is never sent to Carbonite, there will be no way to recover the key should it be lost or misplaced.

We strongly recomend that administrators should not choose this option. If you elect to manage your own encryption key, Carbonite will not keep a copy of the private encryption key used to encrypt your files. You will be solely responsible for storing your key, and neither you nor anyone at Carbonite will be able to decrypt the files in your backup without it.

Also, Customers who choose to manage their own encryption key will not have the ability to use Anytime Anywhere Access, nor can they request Courier Recovery. Also, it is not possible to access your backed up data if you lose your encryption key.

Have questions? Our small business team is here to help.
Call us at: 1-855-227-2249


  • Carbonite