log4j Vulnerability and ExaVault
Reporting on efforts to monitor and audit systems around the log4j Log4Shell vulnerability CVE-2021-44228. Read More
Published on 22 Mar 2018 - Updated on 28 Jan 2020
ExaVault takes data security and the security of your file transfers seriously. Very seriously. Protect each step of the process using our file sharing service – from login to data storage to sharing files and sending links to your clients.
We know how critical data security is, so we decided to start with the basics – protection for every account’s storage and file transfer connections. The main features available with all ExaVault accounts are:
Offering the ability to restrict access by IP address is becoming a common feature for today’s online services and SaaS providers. For example, Google sends you a notification when you log into your account from a new device. You then have the option to take action if you did not log in as shown in the notification.
IP address restrictions allow connections from only those devices that are specified by the owner of the account. With ExaVault’s IP address restrictions, your account isn’t able to be accessed by anyone trying to log in from a location that doesn’t match an approved IP address. Whitelisting IP addresses means that nobody (not even you) can log in on a new device until the IP address is added to the whitelist for your account.
After making sure your account’s storage is safe, we also focus on file transfer connections. We consider sending and receiving files a vital part of everyday business. While we support FTP for file sharing, you can use secure connections on protocols like SFTP and FTPS freely. Switch between SFTP and FTPS via your FTP client to encrypt file shares for sending and receiving files securely. If you use our web file management system, you can be sure that your file transfers are secure with an HTTPS connection.
To ensure security on the account level, requires effective user management, especially when allowing multiple users to access your account. With our web file management system, you can enable complex password enforcement that keeps users from creating accounts with easy-to-guess passwords. When setting up new user accounts, you can set up permissions allowing users to see (or not see) certain files and folders. Last, but certainly not least, our file management system allows you to set up expiration periods for both users and file shares.
We care about your data and go to great lengths to keep it secure. First, we make backups to multiple locations in near-real-time at our primary data centers. Next, the backups are sent to our secondary disaster recovery data centers. Third, all of your data is encrypted from the moment it is sent via SFTP, FTPS or HTTPS.
Finally, ExaVault’s software supports “FTP Resume.” If a large file transfer is interrupted, it will resume where it left off when the internet connection is restored. You can rest assured that all your business files and data will completely transfer where you want them.
It is near impossible to maintain protected data storage and secure file transfers without a powerful FTP server. Our team has gone to great lengths to create a platform with security as a core requirement.
We fully control the cloud infrastructure all the way down to the hardware level. We have our own data storage platform with a high-security profile for all servers. Access to our FTP servers is logged and monitored for intrusions or other anomalies continuously.
Rest assured that all databases and customer data storage have firewalls at the edge along with internal controls. Your privacy is just as important as your data, so all encrypted traffic uses an SSL certificate with a 2048 bit private key, employing TLS v1.2.
ExaVault owns and physically controls all of its infrastructure. Our equipment is housed in best-in-class carrier-grade data centers. Physical security of your data at ExaVault starts with 24/7 surveillance and highly controlled sign-in/sign-out procedures. Four-factor biometric verification on each floor is required for all personnel. Of course, all our data centers are SOC 2 Type ½ Compliant and ISO 27001 Certified.
The four levels of data security described above have been built and controlled by the ExaVault team from the very beginning. Our secure system for sending, receiving and storing files is the most crucial part of our work, but it is not complete without audits. ExaVault performs regular audits and training using internal and third-party tools to make sure our platform is secure at all times. We have strong terms of service and data privacy policies with customization available for enterprise customers.
ExaVault will keep your data safe. Period. Our strongly protected physical infrastructure for data storage and easy-to-use web interface ensure the safest FTP online experience. You can count on us to keep your data secure, and your business files uploading and downloading reliably with our extensive customer-accessible security options, fully redundant infrastructure, and real-time backup systems.
Ready to upgrade your business file transfer solution? Get secure FTP hosting with ExaVault today!
Reporting on efforts to monitor and audit systems around the log4j Log4Shell vulnerability CVE-2021-44228. Read More
Make sure your data and files are being transferred securely with secure methods like SFTP. Read More