Overview
Auvik automatically collects and stores configuration backups from supported network devices to support change tracking, compliance, and recovery.
Because these backups may contain sensitive information, Auvik applies security controls to protect them.
This article explains where configuration backups are stored, how they are secured in transit and at rest, and how access to this data is controlled.
Where are configuration backups stored?
Device configuration backups collected by Auvik are stored in the Auvik cloud, not on the local collector.
The Auvik Collector is responsible only for:
- Retrieving configuration data from devices
- Forwarding that data securely to the Auvik cloud
Once uploaded:
- Configurations are stored and managed in Auvik’s centralized cloud infrastructure
- The collector does not retain configuration backups long-term
Are configuration backups encrypted in transit?
Configuration data is protected differently depending on where it is in the collection process:
Device to collector (local network)
Data transfer uses the device’s native protocol, such as:
- SSH (secure)
- Telnet
- FTP / TFTP
Important:
Some protocols (for example, Telnet, FTP, and TFTP) may transmit data in clear text.
Security at this stage depends on the protocol configured on the device and the local network environment.
Collector to Auvik cloud
All data sent from the collector to Auvik is:
- Encrypted using TLS (Transport Layer Security)
- Transmitted over a secure web socket connection
This ensures that any data leaving the local network is encrypted.
Are configuration backups encrypted at rest?
Once configuration backups reach Auvik’s cloud environment:
- Data is encrypted at rest
- Storage is hosted within secure AWS infrastructure
- Industry-standard encryption mechanisms are used to protect stored data
Who can access configuration backups?
Access to configuration backups is restricted using role-based access controls:
Only authorized users can:
- View configurations
- Download backups
- Restore configurations (where applicable)
Permissions are governed by:
- User roles
- Tenant and site-level access
How long are configuration backups retained?
- Configuration backups are kept indefinitely
- Backups are only removed when the associated device is deleted from Auvik
This allows for long-term tracking of configuration changes.
What security controls protect stored configurations?
Auvik applies several security controls to protect configuration data stored in its cloud environment, including:
- Layered security architecture
- Data isolation between customer accounts
- Restricted access to authorized personnel
- Secure AWS-based infrastructure
- Regular security audits, including SOC 2
These measures help ensure that configuration data is protected against unauthorized access.
For more details, see:
Additional information
For more details about Auvik’s security practices, including:
- Encryption standards
- Compliance certifications
- Data residency
Refer to the following resources: