Acronis
Company Policy

Full-cycle security

Since 2003, Acronis has been an innovator in ensuring the security and privacy of the data it protects. Acronis maintains a comprehensive information security and compliance program that includes administrative, physical, and technical controls based on ongoing risk assessments. Acronis information security policies and processes are based on broadly accepted international security standards such as ISO 27001 or the National Institute of Standards and Technology (NIST), and take into account the requirements of related local regulation frameworks such as European Union’s General Data Protection Regulation (GDPR) and the United States’ Health Insurance Portability and Accountability Act (HIPAA).

Bug bounty program

Have you found a security issue?

Please report it to us and we will take care that you are fairly awarded for your discovery!

As leaders in cyber protection, we develop our products with a focus on security, ensuring efficient data protection. Our dedicated Application Security, Infrastructure, SOC, and Compliance teams work tirelessly to ensure vulnerability-free products that customers can rely on for protection against modern cyberthreats.

To support these efforts, Acronis has been running a bug bounty program on HackerOne since 2018. We work closely with the security community and embrace researchers who contribute toward the optimization of our products. If you believe you have found a security issue, please report it to us and we will take care that you are fairly awarded for your discovery!

As a partner of the CVE® Program, Acronis is a CVE Numbering Authority (CNA) responsible for publishing disclosed cybersecurity vulnerabilities as CVE Records for all Acronis products. For information on security advisories and updates, see Acronis Security Advisory Database.

  • High data availability
    High data availability
    Ensuring that your organization’s mission-critical data has one of the highest levels of availability, leveraging data centers that provide redundant HVAC, network and UPS systems. Acronis follows the approach of Need plus Two (N+2) for greater redundancy. If there is a failure in a hardware-layer component, it will not affect Acronis’ critical infrastructure or Acronis customers. Acronis stores customer data employing its own software-defined storage solution, Acronis Cyber Infrastructure with Acronis CloudRAID technology.
  • Guarded physical locations
    Guarded physical locations
    Data centers are physically defended 24/7 by security personnel, high fences, and video surveillance, while on-site entry requires biometric and key card access. Strict access control measures ensure that only authorized personnel have access to the data center.
  • Reliable facility management
    Reliable facility management
    Equipped with UPS and backup diesel-generators, Acronis data centers can provide a continuous supply of electricity through undefined power outages of up to 48 hours. HVAC, fire detection and suppression systems, alarms, and monitoring by surveillance cameras (CCTV) allow Acronis to provide a reliable infrastructure.
  • Location choice for your data
    Location choice for your data
    The global nature of our data center network means your data can be stored where you want, ensuring your regulatory compliance and connectivity requirements are met.

Commitment to compliance

To ensure that customers can trust our commitment to secure, private, professional product development, Acronis is ISO/IEC 27001:2013 and HDS:2018 certified, and Acronis is committed to complying with applicable privacy laws including GDPR and HIPAA where applicable, confirmed by independent, third-party audits.

Securing the industry
  • Member of the Open Web Application Security Project

    The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Acronis has joined the OWASP to contribute more to various application security projects. Being a company that promotes and follows a security development lifecycle, Acronis pays a lot of attention to application security. Among many projects run by the OWASP community, Acronis is interested in working on web application vulnerability scanners.
  • Cloud Security Alliance member

    Cloud Security Alliance (CSA) Security Trust, Assurance and Risk (STAR) is the industry’s most powerful program for security assurance in the cloud. STAR encompasses key principles of transparency, rigorous auditing, and harmonization of standards. The STAR program provides multiple benefits, including indications of best practices and validation of security posture of cloud offerings. As Acronis focuses on cloud workloads and their protection, membership in Cloud Security Alliance is natural. We completed an assessment for CSA’s STAR Level 1 certification, giving more confidence to our prospects, partners, and customers.
  • Member of Microsoft Virus Initiative

    Acronis Cyber Protect is certified as an official anti-malware solution for Windows that can replace Windows Defender. This is achieved via participation in Microsoft Virus Initiative, through which members prove they are able to provide top-level security for Windows.
  • Member of Anti Phishing Working Group

    With phishing now one of the main threats to businesses and individuals – and Acronis products protecting against it – we are proud to contribute to the industry by being a member of the Anti Phishing Working Group.
  • Proud member of AMTSO

    As part of the Anti-Malware Testing Standards Organization (AMTSO), Acronis is helping to develop proper standards for testing security solutions, and we participate in tests that adhere to AMTSO’s standards.
  • Member of The Messaging, Malware and Mobile Anti-Abuse Working Group

    In this international information technology industry forum, Acronis contributes and discusses how to reduce the threat from bots, malware, spam, viruses, DoS attacks, and other online exploitations with other industry players.
  • ML contributor to VirusTotal

    Membership in AMTSO allowed Acronis to contribute our Machine Learning engine to VirusTotal, enabling all users around the world to benefit from our technology’s ability to detect various online data threats.
  • Member of the Open Web Application Security Project

    The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Acronis has joined the OWASP to contribute more to various application security projects. Being a company that promotes and follows a security development lifecycle, Acronis pays a lot of attention to application security. Among many projects run by the OWASP community, Acronis is interested in working on web application vulnerability scanners.
  • Cloud Security Alliance member

    Cloud Security Alliance (CSA) Security Trust, Assurance and Risk (STAR) is the industry’s most powerful program for security assurance in the cloud. STAR encompasses key principles of transparency, rigorous auditing, and harmonization of standards. The STAR program provides multiple benefits, including indications of best practices and validation of security posture of cloud offerings. As Acronis focuses on cloud workloads and their protection, membership in Cloud Security Alliance is natural. We completed an assessment for CSA’s STAR Level 1 certification, giving more confidence to our prospects, partners, and customers.
  • Member of Microsoft Virus Initiative

    Acronis Cyber Protect is certified as an official anti-malware solution for Windows that can replace Windows Defender. This is achieved via participation in Microsoft Virus Initiative, through which members prove they are able to provide top-level security for Windows.
  • Member of Anti Phishing Working Group

    With phishing now one of the main threats to businesses and individuals – and Acronis products protecting against it – we are proud to contribute to the industry by being a member of the Anti Phishing Working Group.
  • Proud member of AMTSO

    As part of the Anti-Malware Testing Standards Organization (AMTSO), Acronis is helping to develop proper standards for testing security solutions, and we participate in tests that adhere to AMTSO’s standards.
  • Member of The Messaging, Malware and Mobile Anti-Abuse Working Group

    In this international information technology industry forum, Acronis contributes and discusses how to reduce the threat from bots, malware, spam, viruses, DoS attacks, and other online exploitations with other industry players.
  • ML contributor to VirusTotal

    Membership in AMTSO allowed Acronis to contribute our Machine Learning engine to VirusTotal, enabling all users around the world to benefit from our technology’s ability to detect various online data threats.

Sorry, your browser is not supported.

It seems that our new website is incompatible with your current browser's version. Don’t worry, this is easily fixed! To view our complete website, simply update your browser now or continue anyway.