ARender SaaS uses a set of features allowing it to securely store your documents while your end users read them.
End-to-end encryption with your end users
- ARender SaaS uses let’s encrypt to dynamically generate you its secure HTTPS certificate that you receive upon subscription
Documents are temporary
- Documents that you provide us for your end user consumptions are only stored at most one hour after its last access
- ARender SaaS stores those documents to optimise rendering speed during the time your end users need to access the documents
GCP data at rest policy ensures no documents will be stored without encryption on disks
Your sub-domain name is only accessible using your secret API Key
- Without this API Key, users cannot access your subdomain
With ARender Saas portal you can manage your identity providers and your users
- You are responsible for the users login, we do not manage it to ensure we (or a malicious user) are not able to tamper with your documents
- If a malicious user want to access your documents, you’ll be able to easily identify the offender that will be redirected to your login platform
You also control which user (identified with SAML 2.0) access which documents
- We do not control user access rights per document, you’re in charge, yet again to seal any unwanted API, remote call, etc…
Documents inside containers
As we said, temporary document storage in ARender is secure on its own. To this layer, we added the fact that ARender SaaS is by nature auto-scalable and composed of many micro services.
This cause that not only does ARender temporary documents are stored encrypted by the cloud provider, but as well the location of the file stored into the cluster is not deterministic, and will change over time. This renders the temporary documents even harder to track.
At a glance, only ARender SaaS software stack knows where temporary documents are and where they are stored, but not even us knows it.
As a downside of this approach, when you raise us an issue, and if you want us to reproduce the issue, you might have to provide us directly a redacted version of your document as we do not know and do not want to know/host your private data.