Backblaze backup software offers business a way to backup their data securely – offsite, onsite and online in the Cloud. Backblaze is based in San Meteo, California USA and has been providing its cloud backup service since 2008. Support staff are available via email. They use encryption to protect your data while in transit between your computer and their servers, and they encrypt all data on your device before sending it to their servers where it is stored encrypted. For greater security you can use your own private key to encrypt your backups – this means that only you can decrypt your data, Backblaze cannot access it. Backblaze does not disclose where its data centres are located. Backblaze data centres have been are secured to a high standard, but they do not disclose if they have been independently certified. Backblaze allows you to automatically & continuously backup your data to their servers and to easily recover backed up files using their web interface or desktop/mobile applications. Backblaze makes no claims to the ownership of your data.
This disclosure was provided and researched by Arrowrock. Sources are cited where possible.
|Company Phone Number||650.352.3738|
|Company Email Addressfirstname.lastname@example.org|
|Physical Address||500 Ben Franklin Ct
San Mateo, CA 94401
What services does this disclosure apply to?
What country holds legal jurisdiction over the service(s)?
How long has your company been operating?
Beta launched in February 2008
How long has your company been providing the service(s) covered in this disclosure?
Is your company currently profitable?
Backblaze, a leading online backup provider, announced they have inked a deal with TMT Investments Plc to obtain $5 million in equity funding. Backblaze is already profitable and growing quickly and this funding will be used to accelerate hiring for product development, global marketing, and partnerships.
What are your standard customer support hours?
Via email, tutorials and FAQ 24/7/365
What channels are available for communication with clients?
Online request message, email, & phone (phone not for customer support).
Which is your preferred channel for client communications?
Do you collect any information from client communications?
What is your standard response time for customer support inquires?
Do you proactively communicate information about future planned outages and maintenance to clients?
Do you proactively communicate information about current unscheduled outages and incidents to clients?
Do you make incident reports available to clients after major incidents?
Backblaze publishes information about incidents on its blog.
What is the expected uptime of the service?
Has the service experienced any outages in the last 12 months?
Does the SLA guarantee service uptime?
DISCLAIMER OF WARRANTIES. YOUR USE OF BACKBLAZE PRODUCTS IS AT YOUR SOLE RISK. THE BACKBLAZE PRODUCTS ARE PROVIDED “AS IS,” “WITH ALL FAULTS” AND “AS AVAILABLE” FOR YOUR USE, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, UNLESS SUCH WARRANTIES ARE LEGALLY INCAPABLE OF EXCLUSION. SPECIFICALLY, BACKBLAZE AND ITS VENDORS DISCLAIM IMPLIED WARRANTIES THAT THE BACKBLAZE PRODUCTS ARE MERCHANTABLE, OF SATISFACTORY QUALITY, ACCURATE, FIT FOR A PARTICULAR PURPOSE OR NEED, OR NON-INFRINGING. BACKBLAZE AND ITS VENDORS DO NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE BACKBLAZE PRODUCTS WILL MEET YOUR REQUIREMENTS OR THAT THE OPERATION OF THE BACKBLAZE PRODUCTS WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT DEFECTS IN THE BACKBLAZE PRODUCTS WILL BE CORRECTED. BACKBLAZE AND ITS VENDORS DO NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OR THE RESULTS OF THE USE OF THE BACKBLAZE PRODUCTS IN TERMS OF THEIR CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE. BACKBLAZE PROVIDES THE BACKBLAZE PRODUCTS ON A COMMERCIALLY REASONABLE BASIS AND DOES NOT GUARANTEE THAT USERS WILL BE ABLE TO ACCESS OR USE THE BACKBLAZE PRODUCTS AT TIMES OR LOCATIONS OF THEIR CHOOSING.
Are logs kept of client logins and locations?
Website Cookies and Logs
When you visit www.backblaze.com and other Backblaze websites, our servers automatically collect certain information such as your IP address, browser type, page requested, cookies, etc. This information is used to provide a custom experience, keep your session active, or improve the service.
Does your service support password/account recovery?
You can recover your Backblaze login password via password recovery – https://secure.backblaze.com/forgot_password.htm.
However, there is an additional option for clients utilize a unique passphrase to encrypt their data. This passphrase will be used to encrypt your private key. This passphrase is your responsibility to remember and safeguard. This is important: if you forget or lose this passphrase there is no way that anyone, including Backblaze, can decrypt, and thus restore, your data. When you choose to add your own passphrase there is no “forgot passphrase” mechanism as Backblaze does not know your passphrase.
Does the service monitor for any suspicious account activity?
Does your service offer two-step or multi-factor authentication?
Does your service offer login via other services?
Does your service secure all client data in transit?
Backblaze products automatically encrypt your data before transmission and send the encrypted data using industry-standard Secure Socket Layer (SSL) encryption.
When you use Backblaze, data encryption is built in. Files scheduled for backup are encrypted on your machine. These encrypted files are then transferred over a secure SSL (https) connection to a Backblaze datacenter where they are stored encrypted on disk. We use a combination of proven industry standard public/private and symmetric encryption methods to accomplish this task.
Does your service secure client data at rest?
Data is encrypted behind the corporate firewall and/or on the client before being sent over the Internet. This will ensure that data is protected both in transit and at rest.
Your data is encrypted on your computer, sent over an encrypted connection, and stored encrypted. Want more security? You can use your own private key so nobody but you can ever have access.
For more information, refer to: http://blog.backblaze.com/2008/11/12/how-to-make-strong-encryption-easy-to-use/
Does your service allow clients to collaborate with 3rd parties?
Does your primary system reside in a data center with a security certification?
Where Your Data is Stored
• Mission Critical Facility
• 24×7 Onsite Staff
• Biometric Security
• N+1 UPS power systems
• 25 Independent Telecom Providers
Does your backup/disaster recovery system reside in a data center with a security certification?
Do you claim ownership of any client data or information uploaded to your service?
LOGICALLY NO.. BUT NOT EXPRESSLY DISCLOSED.
From Privacy Page: Users may update or remove their information by signing in to www.backblaze.com or contacting Backblaze support. To remove your information, please visit your account and click “Cancel Account.” If you cancel your account, some of your data may still be retained in our archives or backups.
Does the client retain full ownership of any data of information transmitted or stored via upstream providers?
Does client use of your service generate any metadata or other statistical information?
By using the online backup service, the system automatically encrypts and transfers your files to Backblaze servers. Certain information will be available to Backblaze such as type of operating system, file types, or sizes to enable Backblaze to provide the service or help support you. Backblaze will never look at your actual files.
Where are the primary systems that host client data located?
Outside Sacramento, California, USA
Where are the backup/disaster recovery systems that host client data located?
Are there any other systems that host client data on behalf of your service?
Does the client have full access to their data during the service contract period?
Can the client freely download their data from the service during the contract period?
Yes. Data is downloaded in the same format in which it originated.
Can the client easily import/upload their data from a competing service provider into your service?
Does your services include an API to access client data?
Following termination of the service, will the client be able to access their data?
Following termination of the service, is all client data deleted?
If you cancel your account, some of your data may still be retained in our archives or backups.
Does anyone in your organization (including contractors and upstream providers) have the ability to directly access client data?
Does your company use client data or information for any business function (other than the provision of the service)?
Data collected is used exclusively with the goal of providing and improving this service.
No Spam. Backblaze will not sell, rent, trade or give away your email address or other contact information to any other organization.
No Spyware/Adware/Malware. Backblaze software is designed to backup your files online and contains no spyware or other unwanted applications.
No Third Party Advertising. Backblaze does not intend to advertise for other organizations through its website or email communications.
Does your company use client data or information to generate revenue (other than the provision of the service)?
Do you access client data in any additional circumstance not yet specified in this disclosure?
Do you have a policy in place for dealing with data loss or breach?
Do you notify clients if their data has been lost or compromised?
Does your service support data versioning?
Backblaze keeps up to four weeks of file versions. Modified a file and need an old version? Just scroll back and pick a file from two weeks ago.
How often are service/client data backups performed?
What method is used to perform service/client data backups?
How long is backup data retained for?
The information in this report is provided “AS IS” without warranty of any kind, express or implied. Please use good judgement and verify the information you consider important before basing any decisions on it.