Advanced Key Management

OwnBackup Encryption Key Management Screenshot

Comprehensive Compliance for Enterprise Security Policies

  • Encryption keys generated and approved by account owner

  • Data encrypted using customer keys, not derivatives or composite keys

  • Encryption keys rotated and destroyed according to the organization’s schedule, or on-demand

  • Two-person key revocation/purge

  • Dedicated data tenancy encrypted using customer-provided encryption key

OwnBackup allows customers to encrypt their backup data using own Base64-formatted string of a 256-bit secret.

Integration with Salesforce Shield

  • OwnBackup will backup and recover Salesforce Shield encrypted fields, when granted permissions.

  • OwnBackup will backup and recover Salesforce Shield encryption keys, in their cipher-text form.

  • OwnBackup can set notifications upon changes to Salesforce Shield encryption keys.

OwnBackup Change Management Alerts Screenshot
OwnBackup Add and Replace Master Key Screenshot

Rotate & Revoke Master Encryption Key

Easily manage and archive master encryption keys in the Account Settings dashboard. Use this dashboard to quickly find out which keys are Active, Canceled, or Archived.

A two-person process ensures authorized master encryption key revocation.

OwnBackup Security Controls

  • Encryption in transit via TLS1.1 or TLS1.2

  • 2FA and IP Restriction support (or SSO via SAML 2.0)

  • Backups are restored at Amazon Web Services (independent from

  • All customer activities audited and logged

  • Comprehensive information security program with SOC2 Type II third-party audit