CloudFiles logo
CloudFiles logo
banner-background

Security at CloudFiles

With GDPR, SOC-2 & ISO 27001 compliance, CloudFiles provides theperfect privacy-aware file sharing solution. We take a Privacy-By-Design approach to data, application as well as infrastructure security

SOC-2, GDPR & ISO 27001

SOC 2 Type II

SOC 2 Type II

CloudFiles is SOC 2 Type II certified. We work with an AICPA certified auditor to evaluate our security controls and policies on an annual basis. SOC 2 report can be provided, upon request.

Learn more

GDPR

GDPR

At CloudFiles, we adhere to GDPR and other privacy regulations in everything we do. We recognise that protecting privacy requires a holistic security program. We have done extensive research and created a support articles explaining how CloudFiles is GDPR compliant

Learn more

ISO 27001

ISO 27001

CloudFiles has received its ISO 27001/IEC 27001:2013 certification, adhering to the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).

Data security

CloudFiles stores document and customer's data in multiple availability zones. Data in each zone is encrypted at rest with AES-256. CloudFiles also offers BYO-S3 (Bring your own S3) so that you can store your files in the region of your choice and have full control over your files.

Data security

Application security

CloudFiles leverages a leading web application firewall with automatic updates to block against the latest threats. We also utilise application level DDoS protection from CDN provider and network level DDoS protection from cloud provider. TLS 1.2+ is minimum for data in transit. CloudFiles regularly engages application security experts for third party penetration tests.

Application security

Infrastructure security

AWS handles physical and virtual aspects as part of the shared responsibility model. We deploy our application using containers run on AWS managed services. This limits our footprint and ensure a better security posture as we typically do not manage servers or EC2 instances in production.

Infrastructure security

Copyright 2024 Cloudfiles Technologies Inc. All Rights Reserved.