We treat backups like the production database they protect.

Backvera was built from the ground up to keep your backups safe, private, and verifiable, so when you need them, they're there and they're yours.

  • Independent storage in the Backvera Cloud
  • Region-scoped data residency
  • Verified-before-it-lands writes
  • Public incident reporting
Backvera security overview
Encryption

End-to-end encryption by design. No exceptions.

At rest & in transit

Strong encryption on every backup before it lands, and encrypted transport for every byte that moves. No decryption keys ever live on your host.

Authenticated single-use requests

Every call between Backvera and your site is signed, scoped, and good for a few seconds only.

  • Signed tied to a shared secret
  • Time-boxed expires in seconds
  • Single-use no replay attacks

Tamper-evident communication

Any change to a request after it's signed, even one byte, and it's rejected. A captured request can't be replayed, reused, or altered.

GDPR & data handling

Built to help you meet modern privacy expectations.

EU storage region

Pick the EU region at setup. Backups stay in EU object storage; metadata on EU control servers.

SSO via SAML

Connect Okta, Entra ID, Google Workspace, or any SAML 2.0 IdP. Force-SSO closes the local password path.

Enforced 2FA

Require 2FA for every member before they can reach a backup or restore. Sessions without it are bounced to setup.

Restricted email domains

Lock workspace membership to domains you trust. Invites and self-joins outside the allowlist are refused.

Export & erasure

Data export and deletion ship with the product, not by support ticket. Both are auditable per workspace.

Audit log / tamper-evident

Every login, restore, and plan change is written to a workspace audit log with timestamp, actor, and source IP.

Where backups live

Backvera Cloud is the default. You choose where else.

Learn more about data residency
Backvera Cloud Default destination
Optional secondary copy destinations
Amazon S3 S3 compatible Google Drive Dropbox SFTP / SSH … and more
Backup integrity

Verifiable backups you can count on, before you need them.

Fingerprint every file

Each scan records a fingerprint, then flags anything that looks tampered with.

Verify before it lands

Every piece is integrity-checked before it's accepted into the Cloud.

Dry-run any restore point

Preview the diff against your live site, then apply or back out.

Restore tests we recommend

Monthly one-click restore tests into a throwaway staging URL.

Operations

Built for real-world resilience and transparency.

Public status & post-mortems

Real-time status page and published post-mortems for every incident, written as the record of what happened.

Multi-cloud backup

Optional secondary copy across two independent clouds, replicated behind the scenes for redundancy.

Survives host-account compromise

Your Backvera login is separate from your host. If the host is breached, the Cloud copy stays out of reach.