Your Files — Your Security
With LiquidFiles, you are in complete control over where your files are stored.
You can either deploy the application in your data center or in the Amazon EC2 cloud. The difference with almost all other options is that your sensitive corporate data is shared with other organizations and security is outside of your control. LiquidFiles is different and will match the security of your existing environment.
LiquidFiles uses industry standard 256 bit AES encryption as default for all transfers. All cryptographic, randomization and token generation uses cryptographically strong OpenSSL functions to operate encryption and random number generation as opposed to often used default less secure functions in the operating system. This is particularly true for random number generators which is often the weak link in end to end cryptographic systems.
Each message can be sent with the following different download permissions:
- Only Specified Recipients.
- Only Specified Recipients and local users — so you can forward within your own company.
- Anyone after authentication — perfect for sending marketing material, since they have to authenticate, you will know who downloaded the files (they don't need accounts to download).
- Anyone — if you don't need any authentication.
Local Users here refers to either a list of domains you've listed as being local, i.e. yourcompany.com. Or individual users that you've listed as local.
LiquidFiles has very flexible Authentication mechanism, that enables you to:
- Centralise all accounts using LDAP/Active Directory.
- Use Strong, Two Factor Authentication.
- Having remote users either with or without accounts. If you setup remote users without having to have accounts (the default), they will go through an email verification process (with a short timeframe) to verify their account.
- Configure users ability to enable or disable messages permissions.
- Limit administration of the appliance from hosts or networks.
- Every uploaded and downloaded file and message is logged.
- All successful and failed logins are being logged.
- All LDAP activity is being logged.
- Any admin changes to any setting or user is logged.
- All logs are stored on the system for 30 days. You can forward logs to a syslog server if you need to keep them for longer.
For a list of more Security Features, please see the Features page.