When your data lives in the cloud, security is really important topic.
There are different aspects of security and here we try to give overview how we do things and how we protect your data. If there are any open questions, please don’t hesitate to contact us.
When you use our s3 compatible API, we authenticate all requests with Key ID and Secret Key.
We support only S3 authentication V4 standard because it is more secure than V2.
As the next step, we always validate if the requester has access to the data requested.
Data transfer from client to our servers is protected by strong HTTPS encryption. And on hard drives, data is encrypted at rest.
Additionally, it is always wise to add extra layer of protection and encrypt your data before sending it to cloud, to any storage provider for the matter.
Please see our page of Data durability.
If you have found a security vulnerability, please email us directly at firstname.lastname@example.org
Our goal is to keep Storadera safe and secure for everybody.
Disclosing (possible) security vulnerability to service provider is a responsible thing to do.
Public disclosure on the other hand may put whole Storadera community at risk.
If you even suspect a vulnerability, but do not have means to investigate further, send us an email email@example.com.
We treat any emails about security with highest priority.
If you have any questions about security, contact us at firstname.lastname@example.org