What is the Datto Cloud, and how secure is it?



What is the Datto Cloud, and how secure is it?


  • Datto ALTO
  • Datto SIRIS
  • Datto NAS
  • Backupify/Backupify 2.0
  • Datto SaaS Protection/Datto SaaS Protection 2.0


Your Backupify/Datto SaaS Protection data is stored in the secure Datto Cloud. The Datto Cloud already backs up over 1 million Datto customer computers a day and is purpose-built for security, speed and reliability. Customers will benefit from improved system performance that comes from running on a cloud optimized for backup and restore.

Secure Controls

Datto’s data centers are compliant with the Service Organization Control (SOC 1/ SSAE 16 and SOC 2) reporting standards. Renowned as the predominant credential for data centers, the criteria for SOC auditing are set forth by the American Institute of Certified Public Accountants. The operational controls and activities of Datto’s facilities are audited annually to maintain compliance.*

Secure Management

Datto’s Cloud Engineering team proactively monitors and maintains the servers of the Datto Cloud. This includes ensuring the health and optimization of hardware, overseeing OS updates, and conducting reactionary fixes for any security exploits either published or discovered. The Datto Engineering team is on-call 24/7 for emergency support.

Encryption: Data remains AES-256 bit encrypted during the entire synchronization, storage, and replication process

Data Security: Datto Cloud Engineering’s access to node servers is authenticated via a unique RSA SSH key, and root permission is guarded by a robust 22-character minimum passcode.**

Physical Access: Physical access is guarded 24/7 by personnel, biometric scanning, and activity logging.

Remote Access: Reverse SSH connections are utilized when providing any remote web services.

Redundant Data Centers

Datto’s geographically diverse cloud is comprised of five data centers internationally. All data is first synchronized to the primary facility in Pennsylvania. A secondary location in Utah serves as means of replication for the primary data center. All sites can provide users remote access to protected files and systems in the case of a disaster.

Reliable Infrastructure

The data centers themselves are TIER 3 rated according to the American National Standards Institute (ANSI/TIA-942). This means that all infrastructure components are fully fault-tolerant, which translates to a minimum guaranteed uptime of 99.982%. This acts as a safeguard against the failure of any given piece of equipment required for data center functionality, infrastructure redundancy, and ensures that the Datto Cloud remains intact and operational.

Power: Two utility feeds, N+1 generators, and 2 dual module UPS battery systems supply Datto’s servers.

Networking: Diverse physical entry points and load balancing across three Internet Service Providers (ISP).

Cooling: Industry-grade passive and active HVAC systems regulate temperature and humidity.

Fire Protection: Waterless FM200 systems use vapor to extinguish fires in 10 seconds while neither conducting electricity nor causing harm to occupants.

Click Here to download additional details about the Datto Cloud.

* SOC reports and bridge/gap letters may be released to partners upon request, but Datto does not publish them to the web.

** Agent data encrypted prior to cloud syncing cannot be decrypted off-site without the partner entering their private key in the partner portal.



Was this article helpful?

1 out of 1 found this helpful

You must sign in before voting on this article.

Want to talk about it? Head on over to our Community Forum!