We protect your data.
And your company.

We know how critical data security is, and we go to great lengths to make sure that your data is kept safe. From our extensive customer-accessible security options, to our fully redundant infrastructure, to our realtime backup system, you can rely on us to keep your data secure and your business running.

Start Your Free Trial

Physical Security

We use best-in-class carrier-grade datacenters to house all your data, which are SOC 2 Type 1/2 Compliant and ISO 27001 Certified.

Firewall & Intrusion

We employ redundant firewalls and intrusion detection systems to keep your data secure.

Security Options

We offer numerous security controls in our software, from complex password enforcement to accounts that automatically expire.

Audit & Control

All activity in every account is logged to an immutable log that can't be modified even by administrators.

Data protection is our first priority

Customer and User Security Options

It starts with you. Every account includes a number of security specific features that can be enabled, to help limit access to only authorized parties. You can lock your data down as much as you'd like.

  • IP address restrictions allow connections from only those devices you specify.
  • Optional complex password enforcement keeps your users from creating accounts with easy-to-guess passwords.
  • Optional secure-only mode forces connections on secure protocols ( e.g. SFTP ) and disallow connections on legacy protocols such as FTP.
  • Home directories can be assigned per user so that users can only see the information you want them to see.
  • Shares and users can be set to expire on a certain date, to prevent future access.

File & Data Integrity

Keeping data safe, whether in transit or at rest, is critical to the smooth operation of your account. We backup data to multiple locations in near-realtime, and have a number of features to ensure your files are transmitted safely and securely.

  • All data is backed in up realtime in our primary datacenters.
  • All data is backed up in near-realtime to our secondary disaster recovery datacenter.
  • Data is encrypted in transit via SFTP, FTPS or HTTPS (Unencrypted plain FTP is also available but can be disabled).
  • All protocols support resume functionality if a transfer is interrupted.

Computer and Network Security

We've gone to great lengths to design a platform with security as a core requirement. We run a custom built cloud infrastructure, which we fully control all the way down to the hardware level. We employ multiple firewalls, monitoring and intrusion detection systems, and isolate each customer's data, all to keep your data safe & secure.

  • ExaVault servers run only our data storage platform, and keep a high security profile (minimum ports open, etc.)
  • Access to all equipment (servers, firewalls, etc.) is logged and monitored for intrusions or other anomalies.
  • Multi-layered set of monitoring and intrusion protection systems in place, including firewalls at the edge and internal controls on access to databases, customer data storage and other key resources.
  • All encrypted traffic uses an SSL certificate with a 2048 bit private key, employing TLS v1.2.

Physical Security

ExaVault owns and physically controls all of it's infrastructure. All equipment is housed in best-in-class carrier-grade datacenters. Each datacenter is SOC 2 Type 1/2 Compliant and ISO 27001 Certified, and has a bevy of infrastructure and security features.

  • Datacenter staff onsite 24/7/365.
  • Sign-in/sign-out required for all personnel.
  • CCTV / IP-DVR systems cover all aspects of each facility.
  • Four-factor biometric verification is required to access the datacenter floor.
  • Regular and randomized security patrols conducted.
  • Datacenters are SOC 2 Type 1/2 Compliant and ISO 27001 Certified.
  • Datacenters employ N+1 redundant electrical, mechanical and life safety systems.

Uptime and Redundancy

File storage and transfer is only useful if it’s accessible. With this in mind, we’ve structured our services to maximize available uptime. Our network and server infrastructure is fully redundant, from our incoming network feeds all the way down to data on disk. Our deployment processes allow upgrades to be performed with no downtime.

  • Redundancy at every level: firewall, network, application servers, database servers, storage layer, and more.
  • Secondary disaster recovery facility able to take over for a primary facility failure.
  • Software maintenance process is designed to allow for upgrades without downtime.
  • Disaster recovery plans are in place and reviewed and updated regularly.
  • Third party monitoring for ExaVault services provided via Pingdom.

Audit & Control

Audit logs are critical for both informational and compliance purposes. ExaVault provides immutable audit logs for every transaction in your account, from the account administrator to the lowest level user.

  • Every transaction by every user is recorded - upload, download, move, copy, rename, share, delete & more.
  • Audit logs are immutable. No one, including the account administrator, may change or delete them.
  • Search and filter capabilities provided to quickly find a transaction in question.

Governance

Building a secure system is only half the battle. Keeping it secure is equally important. ExaVault performs regular audits and trainings using internal and third-party tools to make sure our platform is secure.

  • Code audits on any new code to ensure security and compatibility.
  • Regular internal training on security best practices.
  • Regular infrastructure tests using internal and third-party tools to identify and patch vulnerabilities.
  • Strong terms of service and data privacy policy, with customization available for enterprise customers.