Wasabi Trust Center

Security and Data Protection You Can Trust

Explore the hub for our most-accessed security, compliance, and legal resources.

Wasabi operates under a shared responsibility model. This model outlines the security and management responsibilities between Wasabi and its customers. Understanding this model is crucial for maintaining the security, privacy, and integrity of your data in the Wasabi cloud storage regions.

Data Management

Classify, retain, and delete data appropriately.

Identity & Access Management (IAM)

Define user roles and permissions; use IAM policies instead of root credentials.

Multi-Factor Authentication (MFA)

Require a second factor for login to strengthen access security.

Learn more

Multi-User Authentication (MUA)

Require multiple approvals for sensitive actions (e.g., Object Lock changes).

Single Sign - On (SSO)

Connect Wasabi to your enterprise identity provider.

Object Lock (Immutability)

Prevent tampering with Write Once, Read Many (WORM) protection to defend against ransomware.

Covert Copy (Ransomware Recovery)

Enable Covert Copy to maintain an isolated recovery copy of critical data for ransomware events. Covert Copy provides:

A logically isolated copy for ransomware recovery
Hidden buckets not visible through standard bucket listing operations
Enforced Multi-User Authentication (MUA) for access
Protection against modification, overwrite, or deletion

Covert Copy complements Object Lock by providing a secure recovery mechanism if primary data is encrypted or unavailable.

Covert Copy user guide

Encryption Options

Client-Side Encryption: Encrypt before upload with your own keys.
SSE-C: Use Wasabi’s server-side encryption with your keys.

Bucket & Object Policies

Define access controls, versioning, and lifecycle rules.

Network Security

Use HTTPS for all transfers, secure API keys, and configure firewalls/VPNs.

Wasabi ensures that the foundation of the storage platform is always secure and reliable.

Automatic FIPS-197 using AES-256 encryption at rest
Designed for 11x9s (99.999999999%) of data durability with redundancy and repair
Secure compute, storage, database, and networking infrastructure
Global data centers with SOC 2 Type II and/or ISO 27001, redundant power, cooling, and 24/7 monitoring
Owned and managed hardware stack (servers, storage, networking)
Compliance with ISO 27001, HIPAA, CJIS, GDPR/UK GDPR controller obligations, and applicable SEC standards

Have questions?

For any additional questions, just send us a message and we'll be happy to assist.

Privacy Inquiries

Compliance & Security Inquiries

Report a Security Incident