Overview

If you are considering entrusting your backups to CrashPlan Central or CrashPlan PRO Hosted Services, you may have questions about where and how your data is stored. This document begins with a high level, people-friendly overview and then quickly dives deep into technical specifics. If you need more information, please contact support@crashplan.com.

Data Center Location

The data center is a 5,000 square foot underground facility within a vault of a former bank in Minneapolis, Minnesota. The walls, ceiling and floors are constructed of 21" steel-reinforced concrete.

How Secure and Reliable is It?

Our carrier-grade data center has redundant fiber connections to three Tier 1 providers, multi-redundant utilities, triple-redundant power and redundant AC. Access is through a vault door (pictured above) with electronic locks and video surveillance.

All of this equipment redundancy guarantees very high availability and resiliency to failure.

Our physical premises' security ensures CrashPlan's infrastructure is protected from third-party physical harm - something that is often overlooked by other providers.

How is Your Data Stored?

Your files are encrypted before they ever leave your computer. The encrypted data is transmitted over the Internet and enters our 21" steel-reinforced concrete data vault, ultimately being stored on our ultra-efficient RAID 6 storage servers.

Your files are never unencrypted. If you use a private data key, it is impossible for a third party to decrypt your files.

When you're not backing up to us, storage servers verify all backup data is in a valid readable state. Most companies assume that once it is stored, the information is still readable; we make no such assumption and continuously verify the validity of backup data 24x7x365.


Data Center Hardware Infrastructure

AC Power Systems
  • Liebert UPS. 125 kva, 15 minutes. Inspected quarterly. N+1 redundancy in all systems.
  • Valve-Regulated Lead-Acid (VRLA) batteries providing a minimum of 15 minutes backup at full load.
  • Automatic Transfer Switches (ATS) and bypass/isolation switches provide N+1 redundancy for dual source power capability.
  • 24 x 7 national maintenance agreements for UPS and backup generator.
  • Generator is sized to run entire site at full load for a minimum of 24 hours without refueling. Load tested weekly (TH). Managed by Cummins. Refuel agreement – guaranteed 4 hour response time.
HVAC Liebert Chilled Cooling Units
  • Full data-grade Liebert with redundant loop system (N+1 redundancy). 72° ambient air temperature (+/-2°), 45% humidity (+/-5%)
  • Up-flow U302 cubic feet per second
  • Water detection system in bottom of cooling units
FM200 Fire Suppression
  • Dry-pipe, pre-action double interlock, breathable Halogen gas, fire suppression system. Fully inspected quarterly.
  • Smoke and high temperature heat detectors
  • Certified and inspected by the City of Minneapolis Fire Department
Monitoring
  • UPS: current, voltage and load
  • HVAC temp and humidity
  • Physical access
  • Virtual access
Security
  • Walls, ceiling and floors of the data center are constructed of 21" steel reinforced concrete.
  • The physical entrance is protected by three security access levels.
  • All physical activity is logged and archived to ensure maximum physical protection.
  • Digital surveillance cameras record all physical access.
  • Entrance to the building is guarded 24x7x365 with dedicated security personnel.
Cabinets
  • Servers are located in locked cabinets divided by application for additional access controls.
  • Enterprise clients have dedicated cabinets with separate access logs.

Data Center Network Infrastructure

Routing/Switching
  • Redundant Cisco core routers
  • Redundant Cisco and other core switches
  • Full BGP-4 routing
Connectivity
  • Three separate Tier I upstream providers are connected via fiber.
Monitoring
  • Switches/routers/hosts/access/environment
  • SNMP monitoring on CPU, memory, bandwidth, fan speed, temperature, load, I/O throughput, RAID controllers, individual drive temp, drive S.M.A.R.T status, and more. Frequency varies from 30 seconds to 5 minutes depending on check.
Security
  • Commercial grade firewalls from Cisco and others
  • Intrusion detection
  • Configuration change control monitor and auditing
  • Access control monitoring and auditing