ArcaCloud GDPR Compliance Kit

The GDPR (General Data Protection Regulation) makes organizations liable for any violations of user privacy and deviations from a high data security standard.

Legislation like the CCPA (California Consumer Privacy Act of 2018) brings similar regulation to other countries.

ArcaCloud hosted on your own premesis (also called self-hosted in future text) can simplify the process.

ArcaCloud comes with Clear Instructions and premium support to make sure that all bases of data protection are covered.
Image
Complete Control

Complete Control

ArcaCloud combines advanced data access controls with powerful monitoring and logging capabilities to ensure compliance and auditability. Our Compliance Kit gives you the tools you need to export, update and delete user data.
Covering All Bases
GDPR Compliance Apps
Ultimate Security

Security & Encryption

The GDPR requires organizations to ensure adequate protection for private data, from encryption to clear and well implemented security practices.

Transparency and auditability

Private users have a right to demand a full overview of what data is collected, including an export of what an organization has on them.

Availability and access

Upon request, an organization has to be able to show what they do with user data, who has (had) access and they must be able to modify or delete any data they have on private individuals.

Download our PDF document about GDPR policies

Hosted at your own premises

100% certainty

Guaranteed that your own data will not reach the outside internet. Used for people situations where security and regulations do not allow for cloud hosted solutions.

Keeping data on your own infrastructure means you stay in control. Only then can you show your customers exactly where their sensitive documents are. Regulators can be certain that non-compliance with proper process is minimized.

Hosted at ArcaCloud Server

Encryption

ArcaCloud uses industry-standard SSL/TLS encryption for data in transfer. Data at rest in storage can be encrypted using a default military grade AES-256 encryption with server-based or custom key management. Optionally and on a per-folder base data can be end-to-end encrypted on the client with the server assisting in sharing and key management using a Zero-Knowledge model.

Seamless integration and ease of use with key features like offline recovery keys, auditing and HSM support make ArcaCloud Encryption capabilities leading in the industry.

Data Protection

While data needs to be available for employees at all times, the IT department must be able to ensure policies around securing and sharing personal data are respected.

Many customers care deeply about their privacy and keeping their data secure while regulators give heavy penalties for data leaks. ArcaCloud offers you the tools to keep data compliant and safe.

  • Legal compliance
    Federal data protection and GDPR-compliant, protecting data sovereignty, keep the server location in your country.
  • Data security
    Multiple levels of encryption (HTTPS/SSL/TLS, AES-256 or stronger, server-side and end-to-end encryption) ensure the highest level of data protection from hacking.
  • Fine-grained authorization
    A dedicated user and group management as well as a rights system allows the assignment of access rights according to your requirements.

ArcaCloud is a popular self-hosted solution in businesses dealing with private data for its ability to strictly control access to data and industry-leading security capabilities.

Image
Image

File Access Control

The File Access Control feature of ArcaCloud enables IT to codify legal and policy requirements, blocking unauthorized users uploading or downloading data following defined rules. Criteria include IP address ranges, group membership, file type and size, time and more. Data retention can be controlled as well, enabling administrators to limit the lifetime of certain files.

Monitoring and auditing logs

ArcaCloud offers built-in powerful monitoring capabilities, enabling organizations to ensure smooth performance. Systems can be monitored using the web interface or through monitoring and systems intelligence tools like OpenNMS, Splunk, Nagios or others. A full auditing system logs all user actions, enabling fully compliant usage of file sync and share.

Easy access

A first requirement for any secure solution to share data is that it does not force complexity on the user. Complexity leads to mistakes and mistakes are costly in many ways!

ArcaCloud makes accessing and sharing data a breeze, providing users a comfortable, familiar workspace.

Secure file exchange

Sharing files across the borders of your organization can be done easily and securely with our file-drop feature.
IT stays in control at all times, enforcing security policy with the File Access Control capabilities.

Image
Integrated in email

To quickly and securely get data to your customers or receive documents from them, use the ArcaCloud Secure Sharing Outlook Add-in. This avoids insecure and big attachments and instead provides a secure, trust-worthy file exchange that does not direct your customers to a third party but runs on your server and your domain.

 

Deep integration
ArcaCloud integrates in hospital infrastructure with support for SAML and Shibboleth, LDAP, Kerberos, Oauth, and other often used authentication mechanisms and runs on all enterprise Linux systems offering support options to match their life cycle.
Works almost everywhere
Data storage can be one or multiple NFS, Object Storage, Samba or a variety of other powerful storage mechanisms. This way Arcaloud provides seamless access to data on existing storage mechanisms, respecting existing access control policies and transparently handling changes on the underlying storage layer.