

Company Policy
Full-cycle security
Since 2003, Acronis has been an innovator in ensuring the security and privacy of the data it protects. Acronis maintains a comprehensive information security and compliance program that includes administrative, physical, and technical controls based on ongoing risk assessments. Acronis information security policies and processes are based on broadly accepted international security standards such as ISO 27001 or the National Institute of Standards and Technology (NIST), and take into account the requirements of related local regulation frameworks such as European Union’s General Data Protection Regulation (GDPR) and the United States’ Health Insurance Portability and Accountability Act (HIPAA).
Bug bounty program
Have you found a security issue?
Please report it to us and we will take care that you are fairly awarded for your discovery!
As leaders in cyber protection, we develop our products with a focus on security, ensuring efficient data protection. Our dedicated Application Security, Infrastructure, SOC, and Compliance teams work tirelessly to ensure vulnerability-free products that customers can rely on for protection against modern cyberthreats.
To support these efforts, Acronis has been running a bug bounty program on HackerOne since 2018. We work closely with the security community and embrace researchers who contribute toward the optimization of our products. If you believe you have found a security issue, please report it to us and we will take care that you are fairly awarded for your discovery!
As a partner of the CVE® Program, Acronis is a CVE Numbering Authority (CNA) responsible for publishing disclosed cybersecurity vulnerabilities as CVE Records for all Acronis products. For information on security advisories and updates, see Acronis Security Advisory Database.
- High data availabilityEnsuring that your organization’s mission-critical data has one of the highest levels of availability, leveraging data centers that provide redundant HVAC, network and UPS systems. Acronis follows the approach of Need plus Two (N+2) for greater redundancy. If there is a failure in a hardware-layer component, it will not affect Acronis’ critical infrastructure or Acronis customers. Acronis stores customer data employing its own software-defined storage solution, Acronis Cyber Infrastructure with Acronis CloudRAID technology.
- Guarded physical locationsData centers are physically defended 24/7 by security personnel, high fences, and video surveillance, while on-site entry requires biometric and key card access. Strict access control measures ensure that only authorized personnel have access to the data center.
- Reliable facility managementEquipped with UPS and backup diesel-generators, Acronis data centers can provide a continuous supply of electricity through undefined power outages of up to 48 hours. HVAC, fire detection and suppression systems, alarms, and monitoring by surveillance cameras (CCTV) allow Acronis to provide a reliable infrastructure.
- Location choice for your dataThe global nature of our data center network means your data can be stored where you want, ensuring your regulatory compliance and connectivity requirements are met.
*Exact list of certifications and standards may vary for specific data center, please request additional information from your account manager.
About data centersCyber threats insights
Technical details into the latest malware, vulnerabilities, and cyberattacks
Securing the industry
Member of the Open Web Application Security Project
The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Acronis has joined the OWASP to contribute more to various application security projects. Being a company that promotes and follows a security development lifecycle, Acronis pays a lot of attention to application security. Among many projects run by the OWASP community, Acronis is interested in working on web application vulnerability scanners.Cloud Security Alliance member
Cloud Security Alliance (CSA) Security Trust, Assurance and Risk (STAR) is the industry’s most powerful program for security assurance in the cloud. STAR encompasses key principles of transparency, rigorous auditing, and harmonization of standards. The STAR program provides multiple benefits, including indications of best practices and validation of security posture of cloud offerings. As Acronis focuses on cloud workloads and their protection, membership in Cloud Security Alliance is natural. We completed an assessment for CSA’s STAR Level 1 certification, giving more confidence to our prospects, partners, and customers.Member of Microsoft Virus Initiative
Acronis Cyber Protect is certified as an official anti-malware solution for Windows that can replace Windows Defender. This is achieved via participation in Microsoft Virus Initiative, through which members prove they are able to provide top-level security for Windows.Member of Anti Phishing Working Group
With phishing now one of the main threats to businesses and individuals – and Acronis products protecting against it – we are proud to contribute to the industry by being a member of the Anti Phishing Working Group.Proud member of AMTSO
As part of the Anti-Malware Testing Standards Organization (AMTSO), Acronis is helping to develop proper standards for testing security solutions, and we participate in tests that adhere to AMTSO’s standards.Member of The Messaging, Malware and Mobile Anti-Abuse Working Group
In this international information technology industry forum, Acronis contributes and discusses how to reduce the threat from bots, malware, spam, viruses, DoS attacks, and other online exploitations with other industry players.ML contributor to VirusTotal
Membership in AMTSO allowed Acronis to contribute our Machine Learning engine to VirusTotal, enabling all users around the world to benefit from our technology’s ability to detect various online data threats.
Sorry, your browser is not supported.
It seems that our new website is incompatible with your current browser's version. Don’t worry, this is easily fixed! To view our complete website, simply update your browser now or continue anyway.