The concept of spherical protection implemented in SphereCyberX is built around a data-centric vision of cybersecurity. The idea is that the data constitutes the “nucleus”, the center of a sphere, surrounded by concentric layers of protection. Each layer serves a distinct purpose and is responsible for specific aspects of protection at different stages of data processing. By integrating these layers, Xopero has created a multidimensional, comprehensive, dynamic system resilient to modern threats.

SphereCyberX centers around four key areas:⁠ Data Recovery, Storage & Access, Transmission, and Isolation. These are the foundation for other layers and protection mechanisms, serving as the backbone of the digital data protection strategy across all stages of the data lifecycle.

Data Recovery focuses on ensuring operational continuity in the event of a system failure or cyberattack. The driving force behind it is Instant Disaster Recovery – a set of advanced processes and technologies that allow full system functionality to be restored quickly after an incident. Additionally, on-source compression and deduplication mechanisms are used in order to reduce the amount of stored data. In this layer, Test Restore provides a secure, isolated environment for verifying backup integrity, while Any2Any Restore enables flexible data recovery to physical devices, virtual environments, or cloud platforms.

When it comes to Storage &Access, it relies on a secure data repository called Fortress Object X Storage (FOXS). This proprietary extension of object storage was designed to protect backups against ransomware attacks, tampering, and deletion. Its Single Write Repository (SWR) technology ensures that data can only be written once, without the ability to modify it afterwards.

Another important feature is Zero-Knowledge Encryption, which precludes even the system’s operators from accessing encryption keys. Management Service Access Control, on the other hand, controls access to management services, enforcing authorization for administrative operations. Security in this area is further enhanced by Triple-I (Immutable, Indestructible, Immediate) – a technology that combines single-write mechanisms, backup integrity, and instant access to backup copies.

In the Transmission layer, a feature called Secure Tunneling protects data in transit by creating encrypted tunnels. Adaptive Bandwidth Management is a mechanism that dynamically adjusts bandwidth utilization to increase efficiency. In order to further protect data during transfer, SphereCyberX offers One-Way Data Flow, which ensures that data can only move in one direction during replication. Xopero Sphere Replication Engine (xSRE) guarantees secure data transfer to isolated environments, following the advanced Air Gap backup model.

One of the key components of spherical protection is Isolation, which delivers the highest level of security for critical data. This includes isolating data in line with the requirements set out in regulations such as NIS 2, GDPR, HIPAA, and ISO 27001 (Compliance-Driven Approach). Time-Based Access means that the isolated data is only accessible during an active backup process and within a specific time frame.

Point-to-Point Network Connection creates direct, encrypted links between isolated zones, while Isolated Replication Zone provides a dedicated environment for storing replicated data. A solution that combines both physical data isolation (Air Gap) and an immutable repository is Xopero Secure AirGap Immutable Repository (xSAIR).

One of the pillars of SphereCyberX is Xopero Zero Trust Approach (XZTA), which eliminates the risk of unauthorized access to company data and privilege escalation. Based on minimal trust, this approach enforces strict access control. Users can also take advantage of Own Key Encryption, a feature that gives them control over their encryption keys while operating under a zero-knowledge encryption model. That same model governs role-based access control from the very beginning, even before data leaves its source. This mechanism is what’s referred to as On-source Data Processing (xODP).

SphereCyberX is delivered either as the Xopero Unified Protection (XUP) hardware appliance or as the Xopero ONE software platform. The available models differ in scalability and are divided into two groups: XUP for Business (from 14 to 96 TB) and XUP for Enterprise (from 200 to 2,200 TB). Customers can also choose between silver, gold, and platinum support tiers. In addition, Xopero ONE supports integration with Xopero Cloud for online storage.

Find out more about SphereCyberX Technology