Keep your data safe.
Forget about the massive public cloud data breaches.
The Æoncase Sync Appliance is deployed behind your corporate firewalls, and your data never leaves your infrastructure if you do not want it to.
Enjoy the ease of mind brought by not having to cross your fingers the next time a massive public cloud data breach is made public.
Data in transit is secured with industry-standard Transport Layer Security (TLS) using strong ciphersuites with Perfect Forward Secrecy.
Moreover, the Sync Appliance uses a private, unique root Certificate Authority (CA) to prevent global PKI attacks.
For additional security, enable client-side file encryption on a folder basis. The client encrypts files before sending them to your Sync Appliance, on top of the standard encryption used in the secure connection.
Only other clients with the encryption key can access them.
It is not possible to access the contents of these files without the client-held key, even for the Sync Appliance admin.
The Sync Appliance incorporates specific security measures to prevent attacks against source-based deduplication (which allows to skip transfers for data already available in the destination).
spurious ownership claims, where a modified client would try to “upload” to the server a file it does not really have
side-channel attacks, where knowledge on whether a file exists in the system is exploited
Sync Appliance services run in isolated containers with an un-priviledged user with limited permissions.
The Sync Appliance is engineered to thwart whole classes of attacks using sound implementation techniques.
Internal SQL queries are constructed and analyzed statically, so as to prevent SQL injection attacks.
HTML generation in the web server is performed using typed structures validated statically so as to prevent HTML injection attacks.
User passwords (when not using external LDAP/AD authentication) are hashed using the bcrypt key derivation function.