Security & Data Privacy
Alfresco in the cloud gives you enterprise-level security and compliance all the way to your end users’ devices, while still maintaining the simplicity and ease of access your users need.
Secured content on devices
Alfresco in the cloud’s encrypted data storage protects content stored for offline use and prevents unauthorized access to the stored content on lost or stolen devices. As a paid customer of Alfresco in the cloud, all your mobile devices are covered.
Even more security enhancements to ensure content is safe and secure on any device, such as Mobile Device Management (MDM), will be introduced soon.
Alfresco provides 256-bit SSL encryption to prevent interception of data in transit between Alfresco in the cloud and end user devices and browsers.
Alfresco in the cloud is certified by McAfee SECURE and is protected with the highest level of IT security, designed and maintained by dedicated security experts.
Secure firewalls, intrusion detection and other counter measures secure Alfresco in the cloud, so that it passes McAfee's rigorous security tests every single day, allowing us to proudly display this badge:
All users must authenticate themselves using a password, or OAuth 2.0 for third-party applications accessing our APIs. Paid customers can also choose from options, such as integration with their Active Directory using SAML Single Sign On, to provide compliant authentication for all their users using their existing security credentials.
Access to the service is audited by our security infrastructure to help identify security breaches if they occur. Basic auditing of activity is also provided, with more advanced auditing functionality for administrators planned.
Permissions & Roles
Content in Alfresco is secured using granular permissions and role-based security to ensure authenticated users only access the content they’re authorized to.
Users can hide folders or files from specific users, or provide read-only access to certain content. All files and folders can have individual permissions set allowing for precise granular control of content.
Alfresco in the cloud’s security model clearly differentiates between users who belong to your organization and those who don’t, making it easy for administrators to control external access to content shared from their organization.
The service also allows a network to choose administrators who can control network settings and manage users. It takes just 2 clicks to remove users from a network. It’s really easy for organizations to control access to their network as users join and leave.
Alfresco provides 99.99% durability and 99.99% availability for all data stored, by taking advantage of Amazon Simple Storage Service (S3) technology. Alfresco takes extra measures to protect data against loss by replicating the encrypted content to another data center within Amazon Web Services.
In addition, standard and enterprise networks use 256-bit AES encryption to store all content at rest.
Redundant Offsite Backup
Alfresco in the cloud can maintain a 99.9% SLA with limited downtime or data loss in even the most extreme failure of the service, by replicating your data to another offsite data center. This ensures Alfresco never loses your data and provides redundancy across the service if a region is unavailable.
Alfresco in the cloud is provided by Alfresco Software Limited - a UK company that complies with EU data protection standards.
Alfresco in the cloud utilizes Amazon Web Services for data storage and Amazon is certified for SafeHarbor. The Safe Harbor framework is a program that provides a way for US companies to show that they adequately protect personal data according to EU standards. Any transfers of personal data that take place while using Alfresco in the cloud are permitted under the European Commission's Directive on Data Protection.
Further information about the Safe Harbor program is available on the U.S. Department of Commerce's Website.
Alfresco is currently undergoing SOC2 certification by an external auditor. This ensures that Alfresco is using the best practices and processes to manage the Cloud service reliably and securely for our customers. The full certification will be available in a few months.