AES-256-GCM encryption
Applied for storage protection with integrity checks.
Security + compliance
Strong cryptography is the baseline. Operational control is the differentiator.
Proven encryption standards with policy-aware workflows for regulated teams.
Encryption
AES-256-GCM
Transport
TLS 1.3
Audit
Full event trail
Availability
99.9% target
Security foundations
TLS 1.3 in transit
Client-to-platform communication is protected in transit.
Dual encryption modes
Choose end-to-end privacy or platform-managed encryption.
Role-centered access control
Permissions are separated by responsibility.
Comprehensive audit logs
Capture file events, access patterns, and admin changes.
Backup + resilience
Encrypted backups and monitored infrastructure support reliability goals.
Encryption modes and when to use them
End-to-end mode
For high confidentiality content.
- Encryption performed before upload
- Key access remains with authorized user scope
- Best fit for highly sensitive data
Server-side mode
For operational collaboration and managed external sharing.
- Encryption at rest with platform-managed keys
- Supports share links with expiry/download caps
- Best fit for day-to-day team workflows
Compliance posture
GDPR
Active posturePrivacy-oriented controls and audit visibility support regulated workflows.
CCPA
Active postureAdministrative controls support handling of sensitive customer data.
HIPAA-compatible workflows
E2E mode required for PHIPHI workflows should use end-to-end mode and organization policy controls.
SOC 2 Type II
In progressControl evidence and process maturity are in active progress.
Best-practice checklist for teams
Practice 1
Use end-to-end mode for regulated or highly sensitive material
Practice 2
Enforce strong password policy and enable multi-factor authentication
Practice 3
Limit share-link lifetime and max downloads by default
Practice 4
Review audit events for anomalous access patterns
Practice 5
Grant least-required role permissions and revisit quarterly