Each project’s data are synced only for project members. This means that every project is akin to a closed virtual private network consisting only of its member’s devices and files are shared directly.
Every project’s data is stored on your organization’s storage devices which act like a central file repository. An organization can have multiple storage devices for redundancy, each storage device can be assigned to one organisation only.
A storage device is a dedicated unit for storing data with Sher.ly Storage Server software installed, such as Sherlybox, supported NAS or company Linux or Windows file servers.
Learn more about Sherlybox
Q: What security measures are in place to protect access to the files on the local machine?
A: The local machine is protected by user access credentials; the SD app requires user login and every device is authenticated by certificate. You can add files to projects by dropping them into a project folder directly into \homefolder\Sherly\Organization\ProjectX\ and Sher.ly will pick up on the new files. Project members have no access to data infrastructure, they can only see their own devices. No files placed outside of the project folders structure will be shared.
Q: Is there any additional protection or file transfer encryption?
A: Files are encrypted on transfer with TLS/SSL connection, the same way online banking works. We use OpenSSL for all connections, with 2048 keys and we own CA for device keys verification and revoking. We can impose additional security but most people don’t like being asked for a password every time they switch from the app. We’re looking at additional security measures, like public-private key file access restriction and change tracking, but these make more sense for specific cases, conscious users and, of course, encryption comes with a cost to performance. As you know, security is a process of many layers, not a single feature.
14 Jun, 2017
19 May, 2017