ENCRYPTION CONTROL

Migrate without risking your data

Switching servers, clouds, or providers? Your backups stay locked the whole way. No data exposed. None lost.

Every vendor can move your data. But they unlock it first to do it. We never do.

Claim Design Partner See migration features → →

$ rdc repo sync push-all

✓ Enumerating repositories ...... 4 repos

✓ Snapshotting gitlab (42 GB) ... encrypted

✓ Snapshotting nextcloud (128 GB) .. encrypted

✓ Snapshotting mailcow (84 GB) .. encrypted

✓ Snapshotting mariadb (96 GB) .. encrypted

✓ Transferring via encrypted channel .. 350 GB sent

✓ Verifying integrity on secondary .. SHA-256 match

✓ Restoring on secondary ........ 4 repos live

✓ Migration complete: 4 repositories migrated to secondary

Transferred: 350 GB Encryption: 100% Exposure: zero Time: 12m 34s

Illustrative output; actual runs may include extra logs.

Data Exposed During Migration

100%

Encryption Maintained

Any

Destination Supported

THE PROBLEM

Migration is when your data is most exposed

Here is the scary part of any move. Most tools unlock your data first, then copy it. So your files sit out in the open during transfer. One slip and they leak. And when the move ends, your old encryption setup is gone. You rebuild it by hand on the other side.

89% of companies use more than one cloud, yet only 8% lock down 80%+ of their cloud data Flexera 2024 / Thales 2025 ^[2]

$4.88M average cost of one data breach worldwide IBM Cost of Data Breach 2024 ^[3]

$90K–$300K in cloud transfer fees to move one petabyte of encrypted data between clouds Cloud provider pricing ^[4]

The old way

Step 1 Unlock data

Step 2 Copy to a holding area

Step 3 Send it unlocked

Step 4 Lock it again at the other end

Result Settings lost

With Rediacc

Run one command

Nothing exposed

Verified

THE REAL COST

What migration risk is costing you

Every migration without end-to-end encryption is a compliance incident waiting to happen.

Migration Risk Calculator

Data volume in TB20

Migrations per year3

Hours of exposure per migration8

Without Rediacc

Exposure windows / year24 hrs

Data at risk per migration20 TB

Re-encryption labor$4,800

Annual migration risk

$12,528

With Rediacc

Exposure windows / year0 hrs

Data at risk per migration0 TB

Re-encryption labor$0

Annual migration risk

Assumes $200/hr labor for re-encryption configuration, $4,880/TB breach premium (IBM 2024) [3], and 1% breach probability per exposure window. Rediacc maintains encryption throughout — zero exposure windows, zero re-encryption needed.

HOW IT WORKS

One command. Zero exposure.

Pack

Your saved copies stay locked. Keys, settings, and rules travel with them. Nothing gets unlocked.

Move

Send it to any server, cloud, or provider. The data stays locked the whole trip. AES-256 never turns off.

Verify

A fingerprint check confirms every file arrived whole. If one byte is off, it undoes the move on its own.

Source Exporting

gitlab 42 GB

nextcloud 128 GB

mailcow 84 GB

mariadb 96 GB

4 repos 350 GB total

AES-256

Encrypted Channel

Destination Verified

gitlab SHA-256 ✓

nextcloud SHA-256 ✓

mailcow SHA-256 ✓

mariadb SHA-256 ✓

4 repos Integrity confirmed

UNDER THE HOOD

Unlock-and-copy vs. moving it locked

Old tools unlock your data before they send it. That leaves a window where your files sit unprotected. We never unlock anything. Your locked copies move as sealed blocks, start to finish.

Traditional Migration

Rediacc

Unlock, copy, then lock again

Locked copies sent and received, never unlocked

You must hand your keys to the transfer tool

Your keys stay with you the whole time

You rebuild settings by hand on the other side

Encryption setup, Docker settings, and network routes move together

Hopes the data arrived whole, no check

A fingerprint check on every repo after transfer

WHY IT MATTERS

What you get

Encryption in transit

Your data stays locked with AES-256 at every step. We never unlock it, not even for a second.

Settings travel with data

Your settings move with your data as one bundle. Encryption setup, your keys, Docker config, network rules. All of it.

No one sees your data

Nothing gets unlocked along the way. No open windows. No middleman ever sees your raw data.

THE GAP

What others can’t do during migration

Most backup tools bolt migration on as an afterthought. We built it in, locked from the start.

Capability	Veeam	Rubrik	Commvault	Druva	Rediacc
Move data without unlocking it	✗	✗	✗	✗	✓
You keep your keys during transfer	✗	✗	✗	✗	✓
Settings and data move together	✗	✗	✓^[5]	✗	✓
Checks data after transfer	✓^[6]	✓^[7]	✓^[8]	✓^[9]	✓
One-command migration	✗	✗	✗	✗	✓
Move to any destination	✓^[10]	✓^[11]	✓^[12]	✗	✓
Auto-undo if it fails	✗	✗	✓^[13]	✗	✓

Migrate safely, every time

Start free with the Community edition. Locked migration is built in. No credit card.

Claim Design Partner Free for up to 5 repositories · No credit card required

$ rdc repo push --to secondary -m primary

Short on time?

Skip the deep-dive. Grab the five-minute version your team can read at a stand-up.

Download short brief (PDF)

Lock any app you run in a container

GitLabNextcloudVaultwardenMariaDBKeycloakMinIOMailcowGrafana

Databases, mail servers, CI/CD, file storage, logins, monitoring. If it runs in a container, we move it locked.

Explore Other Solutions

encryption

Sources & References

Flexera, “2024 State of the Cloud Report,” 2024. “Multi-cloud usage up from 87% last year to 89% this year.” www.flexera.com
Thales, “2025 Cloud Security Study,” conducted by S&P Global 451 Research, 2025. “Only 8% of organizations encrypt 80% or more of their cloud data.” cpl.thalesgroup.com
IBM Security, “Cost of a Data Breach Report 2024,” July 2024. “The global average cost of a data breach reached $4.88 million in 2024.” newsroom.ibm.com
AWS, “Amazon S3 Pricing — Data Transfer,” 2024. “Data Transfer OUT from Amazon S3 to Internet: $0.09 per GB for the first 10 TB/month.” aws.amazon.com
Commvault CommCell Migration moves entire clients including configuration, backup history, and data as a single operation. documentation.commvault.com
Veeam SureBackup verifies data integrity post-transfer by booting VMs and running application-level health checks. helpcenter.veeam.com
Rubrik performs automated integrity checks on ingested data using its append-only file system verification. docs.rubrik.com
Commvault validates data integrity post-transfer using CRC checksums at multiple stages including Data Verification jobs. documentation.commvault.com
Druva Restore Check proactively verifies backup data consistency and device snapshots on an automated schedule. help.druva.com
Veeam supports cross-platform recovery including VMware-to-Hyper-V, physical-to-virtual, and cloud migrations via Instant Recovery. helpcenter.veeam.com
Rubrik supports cross-platform Live Mount and export to VMware, Hyper-V, AWS, and Azure environments. docs.rubrik.com
Commvault supports cross-hypervisor restores (VM conversion) between VMware, Hyper-V, AWS, Azure, GCP, and more. documentation.commvault.com
Commvault Undo Failover automatically rolls back to pre-failover state by restoring original VM configuration. documentation.commvault.com

Product performance claims are based on Rediacc’s btrfs copy-on-write architecture. Calculator estimates use industry-standard cost models; actual costs vary by organization.

Migrate without risking your data

Migration is when your data is most exposed

What migration risk is costing you

Migration Risk Calculator

One command. Zero exposure.

Pack

Move

Verify

Unlock-and-copy vs. moving it locked

What you get

Encryption in transit

Settings travel with data

No one sees your data

What others can’t do during migration

Migrate safely, every time

Short on time?

Explore Other Solutions

Encryption You Control

Audit Trail

Migration Safety

Immutable Backups

Cloud Outage Protection

Backup Verification

Environment Cloning

AI Pentesting