ArcaCloud GDPR Compliance Kit
Legislation like the CCPA (California Consumer Privacy Act of 2018) brings similar regulation to other countries.
ArcaCloud hosted on your own premesis (also called self-hosted in future text) can simplify the process.
ArcaCloud comes with Clear Instructions and premium support to make sure that all bases of data protection are covered.
Security & Encryption
Transparency and auditability
Availability and access
Download our PDF document about GDPR policies
Hosted at your own premises
Guaranteed that your own data will not reach the outside internet. Used for people situations where security and regulations do not allow for cloud hosted solutions.
Keeping data on your own infrastructure means you stay in control. Only then can you show your customers exactly where their sensitive documents are. Regulators can be certain that non-compliance with proper process is minimized.
Hosted at ArcaCloud Server
ArcaCloud uses industry-standard SSL/TLS encryption for data in transfer. Data at rest in storage can be encrypted using a default military grade AES-256 encryption with server-based or custom key management. Optionally and on a per-folder base data can be end-to-end encrypted on the client with the server assisting in sharing and key management using a Zero-Knowledge model.
Seamless integration and ease of use with key features like offline recovery keys, auditing and HSM support make ArcaCloud Encryption capabilities leading in the industry.
While data needs to be available for employees at all times, the IT department must be able to ensure policies around securing and sharing personal data are respected.
Many customers care deeply about their privacy and keeping their data secure while regulators give heavy penalties for data leaks. ArcaCloud offers you the tools to keep data compliant and safe.
- Legal compliance
Federal data protection and GDPR-compliant, protecting data sovereignty, keep the server location in your country.
- Data security
Multiple levels of encryption (HTTPS/SSL/TLS, AES-256 or stronger, server-side and end-to-end encryption) ensure the highest level of data protection from hacking.
- Fine-grained authorization
A dedicated user and group management as well as a rights system allows the assignment of access rights according to your requirements.
ArcaCloud is a popular self-hosted solution in businesses dealing with private data for its ability to strictly control access to data and industry-leading security capabilities.
File Access Control
The File Access Control feature of ArcaCloud enables IT to codify legal and policy requirements, blocking unauthorized users uploading or downloading data following defined rules. Criteria include IP address ranges, group membership, file type and size, time and more. Data retention can be controlled as well, enabling administrators to limit the lifetime of certain files.
Monitoring and auditing logs
ArcaCloud offers built-in powerful monitoring capabilities, enabling organizations to ensure smooth performance. Systems can be monitored using the web interface or through monitoring and systems intelligence tools like OpenNMS, Splunk, Nagios or others. A full auditing system logs all user actions, enabling fully compliant usage of file sync and share.
A first requirement for any secure solution to share data is that it does not force complexity on the user. Complexity leads to mistakes and mistakes are costly in many ways!
ArcaCloud makes accessing and sharing data a breeze, providing users a comfortable, familiar workspace.
Secure file exchange
Sharing files across the borders of your organization can be done easily and securely with our file-drop feature.
IT stays in control at all times, enforcing security policy with the File Access Control capabilities.
Integrated in email
To quickly and securely get data to your customers or receive documents from them, use the ArcaCloud Secure Sharing Outlook Add-in. This avoids insecure and big attachments and instead provides a secure, trust-worthy file exchange that does not direct your customers to a third party but runs on your server and your domain.