All of Secrata’s components are internally facing and present no threat from an outside attacker. The only external point of entry is the web server and although the Secrata Server comes with its own built-in software firewall, it is a good idea to place the web servers behind a more comprehensive hardware firewall as well. The system is configurable and typical Secrata deployment can communicate with the outside world for software updates. Incoming connections are restricted to HTTPS only, keeping the system secure. All other access to the servers and services is routed through internal networks.
The Secrata Server runs on both Windows and Linux platforms. The core of the application runs on open source licensed Apache Tomcat, MySQL and Apache Cassandra applications. This multi-platform support enables IT architects to use operating systems they like most.
Absolutely! The Secrata Server natively utilizes Active Directory for user authentication, Samba for accessing files, and Exchange for sending out user notifications. Not to mention, Secrata can be deployed directly on Windows, providing IT admins machine management tools right out-of-the-box.
For testing and development, Secrata offers a single virtual appliance, making it easy to spin up in an existing virtual environment. For production level deployments, Secrata utilizes Chef as a framework for automated deployments and new version upgrades. Chef takes configuration and deployment complexity of distributed system out of the picture by providing a simple installer to spin up a whole redundant cluster.
The Secrata Server comes with built-in monitoring for its subservices. IT admin can easily see the status and determine if something isn’t working. Performance analysis can be done with many tools available for measuring Tomcat performance because Secrata utilizes a very popular technology stack.
The Secrata Server runs as a self-contained system with minimal maintenance necessary. A built-in status page shows the status of all subsystems and service outages, and the only maintenance needed is critical security updates for the underlying OS. If an application needs to be updated and redeployed, Chef addresses it with no downtime for the user.
The Secrata Server utilizes multiple technologies to eliminate downtime. Web servers can be load-balanced, and Cassandra native clustering addresses failures on the backend.
Secrata can be configured to store your files within Cassandra cluster, making your data redundant, or utilize your existing file storage such as SAN or NAS. There is no single point of failure and no data loss. As for the Server itself, every component of the system is backed up and restored in case of a disaster.
Secrata makes user management easy by proving an administrative web interface to the system; an intuitive GUI lets IT set quotas and account permissions with ease. All user management tasks for the Secrata Server can be done from this administrative user interface.
Yes. The Secrata mobile apps employ the same end-to-end encryption technology as our desktop clients. All data sent via the mobile apps is chunked and encrypted before it is uploaded to the server. When downloading files from the server, the encrypted chunks are downloaded and stored on the mobile device in their encrypted form. Chunks are not decrypted and reassembled until the user accesses the file. In addition, all communication between the client app and the server is protected using industry standard SSL/TLS protected channels, providing an additional layer of protection to your data.
Yes. The mobile app has all the same features as the desktop app, including the ability to upload and download files, access and share messages with other workspace members, and access files stored on your registered devices and data stores.
The mobile app has been designed to be as data efficient as possible. To minimize the data usage, the app varies the rate at which it communicates with the server based on its current mode (foreground vs. background, active vs. sleeping). In addition, the app transfers files on an on-demand basis; files are only transferred when the user explicitly requests them. This allows the user to control when data is used and to insure that they are connected to WiFi networks before transferring so that the transfer doesn’t count against their cellular data cap.
The Secrata Server authenticates users using multiple authentication sources that includes the server user database, Microsoft Active Directory, and OpenLDAP.
The Secrata Server can restrict access to a subset of users on external authentication sources by verifying that login user is a member of external authentication source Secrata authorized groups.