Backup & Recovery

Carbonite / CrashPlan

Name: Carbonite / CrashPlan
Author: OpenText / CrashPlan

by OpenText / CrashPlan

Not FedRAMP Authorized

FedRAMP Status

Not FedRAMP Authorized

Impact Level

N/A

Overview

Carbonite and CrashPlan are consumer-grade cloud backup solutions commonly used by small businesses. They lack FedRAMP authorization, government-grade encryption, and the audit controls required for CUI protection. CUI data must not be backed up to these platforms.

CUI Risk Assessment

Not FedRAMP authorized. Consumer-grade backup with no CUI protections. Cannot be used for backing up CUI data.

NIST 800-171 Violations

Using Carbonite / CrashPlan for CUI without FedRAMP authorization may violate these NIST 800-171 controls:

3.1.1 3.8.1 3.8.9 3.13.8

FedRAMP Compliant Alternatives

Veeam Government Cloud

Veeam — Moderate Impact

Commvault Cloud for Government

Commvault — Moderate Impact

Frequently Asked Questions

Can I use CrashPlan to back up CUI data?

No. CrashPlan and Carbonite are not FedRAMP authorized and lack the security controls required for CUI. Use Veeam Government or Commvault Government for compliant backup.

Run a Full Tech Stack Audit

Check all your enterprise tools at once with our free CUI Compliance Auditor.

Launch CUI Auditor

← CUI Compliance Auditor