Security is one of the most important topics for us.
When you use our s3 compatible API, we authenticate all requests with Key ID and Secret Key.
We support only S3 authentication V4 standard because it is more secure than V2.
As the next step, we always validate if the requester has access to the data requested.
Data transfer from client to our servers is protected by strong HTTPS encryption.
In servers, data is encrypted before saving to hard disks.
We use Reed-Solomon algorithm to divide your data between hard drives.
For example we can set a pool of 6 drives to have 4 data drives and 2 parity drives. This means that we can lose 2 drives and data is still available and safe. But we always react quickly on the first failure and not waiting second one to happen.
Failed drive will be replaced automatically and data is regenerated from other drives.
Our software is designed to handle any hardware failure and keep your data safe and available at all times.
If you have found a security vulnerability, please email us directly at firstname.lastname@example.org
Our goal is to keep Storadera safe and secure for everybody.
Disclosing (possible) security vulnerability to service provider is responsible thing to do.
Public disclosing on the other hand may put whole Storadera community at risk.
If you even suspect vulnerability,but do not have means to investigate further, send us email email@example.com.
We treat any emails about security with highest priority.
If you have any questions about security, contact us at firstname.lastname@example.org