Recently one of our competitors had a major security breach, affecting thousands of businesses. As security is a primary concern for all businesses, we wanted to take a moment and share with you how we keep your information safe. Whether it’s digital or physical security, we’ve got your back.
Here are the types of security measures SmartFile has in place to keep your data safe.
One of the ways that we make sure our client’s data is safe is by hiring hackers. Yes, you read that right. While this doesn’t mean we find some sketchy guy online, SmartFile does continually contract a legitimate third party to execute penetration testing. They provide auditing services by simulating a cyber-attack and attempting to get into things they shouldn’t be able to.
These ethical hackers send us a report detailing any vulnerabilities they found, and we resolve any issues. More importantly, we give our customers the ability to view these reports.
Physical Data Center
When you store data on the cloud, it’s not as if you’re simply pulling it down from the sky when you need to access it. When you get down to it, data still has to be stored somewhere physical: data centers. The data center that SmartFile uses to store our client’s data is SOC 2 compliant, which ensures service providers can securely manage data to protect the interests of an organization and the privacy of its clients. Our data center is also HIPAA compliant, meaning it follows the strict information security policies and procedures that adhere to HIPAA.
The level of effort needed to access our data physically feels a little like James Bond sneaking into a villain’s lair. You can’t just walk into the building. You need to be buzzed in and match your ID to a list of validated names. Once you have been cleared for entry, you’re given an ID badge that expires after 12 hours. If you try to use it after that allotted amount of time, the information on the badge fades, revealing a red stop sign which is a sure-fire way to get caught.
Next, you’re assigned a personal identification number to unlock a handprint scanner (just like in the movies!) to get one step closer to the servers. But you’re not done yet. You’ll find a set of trap doors located at both ends of a long hallway that can’t be open at the same time. Each of these doors is locked by a 4-digit code and a handprint scanner.
Once you finally get through all of that, and you want to access the cabinet for the specific server you need, there will be another keypad requiring a 3-digit code that only works for one of the many cabinets.
Data can be exposed to risks both in transit and at rest and requires protection in both states. Data in transit means it’s traveling from network to network or being transferred from a local storage device to a cloud storage device. Our network firewall takes care of these types of digital threats on the cloud. We employ threat identification, which is basically a fingerprint of attacks. So, if we detect a certain pattern of events that qualify as an attack, we can act quickly to prevent it.
For SmartFile clients with our on-prem solution, we use encryption at rest to secure inactive data stored on any device or network. This also means that even if a data thief were to take something from an on-prem client and plug it into their own hardware, they wouldn’t be able to see the data.
Just because SmartFile has excellent data security, doesn’t mean you shouldn’t take precaution into your own hands as well. Our file sharing solution allows administrators to customize a password compliance policy. With users in control of setting up password requirements, it means that we aren’t storing your credentials, and you’re empowered to create a policy that works for your users. The last thing we want is to tell you how to manage your policies.
You can give your users all types of password requirements. Control the required complexity and number of characters as well as the length of time before a user must change their password again. You can also determine if users can’t reuse a password they’ve used in the past, or if so, the acceptable range (ex. you can’t use any of the last three passwords, but any older than that are acceptable).
SmartFile also allows for multifactor user authentication through a third party. Choose from factors like:
- Security Token
- Rolling 6 digit code
For more information on keeping your files safe, read our security tips for file sharing.
Whether it’s your client’s financial data or proprietary industry secrets, your business probably deals with sensitive information multiple times a day. Keeping your files secure is crucial for protecting your clients and your company’s reputation. With a file sharing solution like SmartFile, we can keep your files safe and your data secure.
Let SmartFile keep your files safe from damage and unauthorized access. Give it a try for free today — no credit card required!