All Products
Search
Document Center

Cloud Backup:Data security

Last Updated:Jun 04, 2026

Cloud Backup encrypts backup data at rest with AES-256 and protects data in transit with SSL/TLS.

Encryption at rest

Cloud Backup encrypts backup data with AES-256 at the source before transferring it to the cloud. By default, Cloud Backup uses self-managed keys. You can also use keys from Key Management Service (KMS).

KMS is a key management service provided by Alibaba Cloud that protects key privacy, integrity, and availability at a low cost. You can manage keys and develop custom encryption and decryption solutions in the KMS console. Overview of the key service.

Encryption in transit

Cloud Backup supports both HTTP and HTTPS access. HTTPS uses SSL/TLS, a Layer 4 protocol, to encrypt data in transit, ensuring privacy and integrity between applications.