When deploying CrashPlan across your organization, setting up Device Backup Defaults ensures that every newly added device immediately adheres to your company's data protection, security, and bandwidth policies.
This guide will walk you through the essential steps to configure your global backup strategies, fine-tune performance, and enforce compliance across all user endpoints.
Step 1: Access Device Backup Defaults
Navigate to the Device Backup Default Settings menu in the CrashPlan console:
Sign in to the CrashPlan console and go to Administration > Organizations.
Under the Active tab, click your organization's name.
Open the Action Menu
and choose Device Backup Defaults.
Organizations inheriting settings
Most settings will be locked if the organzation is inheriting its settings
from a parent organization. If this organization should not inherit settings,
deselect Use device defaults from parent in the
General tab.
Step 2: Understand Lock and Push before making changes
As you navigate the tabs below, you will see two vital icons next to almost every setting block. Understanding these now will save you from having to backtrack later:
Lock: Selecting this locks the setting, preventing end-users from altering these specific settings within their local CrashPlan app interface, and blocking child organizations from changing them. Locking a setting automatically Pushes it to existing devices and child organizations.
Push: Clicking this overwrites the setting for all existing devices and child organizations in the organization. If you don't Push a setting, your new changes will only apply to newly created device accounts.
Step 3: Configure system performance and exclusions (General tab)
The General settings dictate how the CrashPlan app behaves on user endpoints without disrupting their daily work.
User presence vs. away: Define how many minutes of inactivity marks a user as "away." You can allow CrashPlan to use more CPU resources when the user is away and scale it back when they are actively working (present).
Battery conservation: (Windows and Mac only) Set a threshold to pause backups when a laptop's battery drops below a certain percentage.
Global & cloud exclusions: Drop paths here to block files from being backed up anywhere. You can also use Cloud Exclusions to block specific files from backing up to the CrashPlan cloud while still allowing them to copy to local destinations (like external hard drives).
Alert thresholds: Define how many days a device can go without backing up before triggering a Warning or Critical email alert to the user.
macOS Full Disk Access: Toggle the notification setting to display a dialog in the local agent if a Mac user hasn't properly granted CrashPlan permission in their system privacy settings.
Step 4: Define what and when to back up (Backup tab)
The Backup settings control the operational strategy for your device backups.
Set the schedule: Decide whether backups should run Always for continuous protection, or only Between specified times to avoid resource consumption during peak usage periods.
File selection: Add explicit paths to the directories you want to back up or exclude across the organization. Use substitution variables in paths to ensure the selection maps correctly across users and operating systems.
Filename exclusions: Filter out unnecessary or unwanted file types from backups.
Frequency & retention: Set how often new data is backed up and define your rules for how long historical versions or deleted files are retained in the archive.
Step 5: Configure backup status reports (Reporting tab)
The Reporting settings keep your end-users informed about their own backup status.
Send backup reports: Specify how often to send automated backup status summary reports to users.
Delivery time: Indicate the preferred part of the day when these status reports should be delivered to users' inboxes to maximize visibility.
Backup alerts: Specify whether Warning or Critical backup alert emails will be sent to users.
Step 6: Enforce app and encryption key security (Security tab)
The Security settings protect backups by setting application access constraints.
Require device password: We strongly recommend checking Require account password to access CrashPlan app. This prevents unauthorized physical access to settings or restores if an endpoint is lost or stolen.
-
Understand encryption key security: By default, all organizations use Standard encryption key security, where encryption keys are securely escrowed to allow for seamless administrator and web-based restores.
Depending on your organization's plan, you may be able to upgrade to Archive key password or Custom key. Only upgrade this security if your organization prefers the risk of permanent data loss over the risk of unauthorized data access.
If your plan does not include these advanced security configurations, the options will still appear inside the console interface, but you will not be able to change them from the Standard default.
Step 7: Manage throttling and network overrides (Network tab)
The Network settings limit or prevent backups from using network resources, or running under certain network conditions.
Sending limits (optional): If you must restrict bandwidth, you can set a Standard sending limit or a Scheduled limit during peak hours.
Exclude mobile hotspots: Under Metered or low data networks, consider checking this box to automatically pause backups when a user is tethered to a cellular connection.
Advanced settings (leave as default): Options like DSCP, Proxy, and Advanced TCP/IP should generally be left untouched unless specified by your network operations team.