May 28, 2015 | By admin |
Frequently Asked Questions for IT
How secure is it to have Secrata EFSS in our IT infrastructure?
All of Secrata’s components are internally facing and present no threat from an outside attacker. The only external point of entry is the web server and although the Secrata Server comes with its own built-in software firewall, it is a good idea to place the web servers behind a more comprehensive hardware firewall as well. The system is configurable and typical Secrata deployment can communicate with the outside world for software updates. Incoming connections are restricted to HTTPS only, keeping the system secure. All other access to the servers and services is routed through internal networks.
What software stack does Secrata run on?
The Secrata Server runs on both Windows and Linux platforms. The core of the application runs on open source licensed Apache Tomcat, MySQL and Apache Cassandra applications. This multi-platform support enables IT architects to use operating systems they like most.
If our infrastructure is all Windows, will Secrata integrate with it?
Absolutely! The Secrata Server natively utilizes Active Directory for user authentication, Samba for accessing files, and Exchange for sending out user notifications. Not to mention, Secrata can be deployed directly on Windows, providing IT admins machine management tools right out-of-the-box.
How easy is it to deploy Secrata?
For testing and development, Secrata offers a single virtual appliance, making it easy to spin up in an existing virtual environment. For production level deployments, Secrata utilizes Chef as a framework for automated deployments and new version upgrades. Chef takes configuration and deployment complexity of distributed system out of the picture by providing a simple installer to spin up a whole redundant cluster.
How can we track performance of the system and monitor it for outages?
The Secrata Server comes with built-in monitoring for its subservices. IT admin can easily see the status and determine if something isn’t working. Performance analysis can be done with many tools available for measuring Tomcat performance because Secrata utilizes a very popular technology stack.
What maintenance needs to be done for Secrata?
The Secrata Server runs as a self-contained system with minimal maintenance necessary. A built-in status page shows the status of all subsystems and service outages, and the only maintenance needed is critical security updates for the underlying OS. If an application needs to be updated and redeployed, Chef addresses it with no downtime for the user.
Is the application always available?
The Secrata Server utilizes multiple technologies to eliminate downtime. Web servers can be load-balanced, and Cassandra native clustering addresses failures on the backend.
What is the disaster recovery plan?
Secrata can be configured to store your files within Cassandra cluster, making your data redundant, or utilize your existing file storage such as SAN or NAS. There is no single point of failure and no data loss. As for the Server itself, every component of the system is backed up and restored in case of a disaster.
How does IT manage Secrata users?
Secrata makes user management easy by proving an administrative web interface to the system; an intuitive GUI lets IT set quotas and account permissions with ease. All user management tasks for the Secrata Server can be done from this administrative user interface.
Does the mobile app maintain the security of my files during transit across the Internet?
Yes. The Secrata mobile apps employ the same end-to-end encryption technology as our desktop clients. All data sent via the mobile apps is chunked and encrypted before it is uploaded to the server. When downloading files from the server, the encrypted chunks are downloaded and stored on the mobile device in their encrypted form. Chunks are not decrypted and reassembled until the user accesses the file. In addition, all communication between the client app and the server is protected using industry standard SSL/TLS protected channels, providing an additional layer of protection to your data.
Does the mobile application have all the features of the desktop app?
Yes. The mobile app has all the same features as the desktop app, including the ability to upload and download files, access and share messages with other workspace members, and access files stored on your registered devices and data stores.
How will the use of the mobile app affect my data usage?
The mobile app has been designed to be as data efficient as possible. To minimize the data usage, the app varies the rate at which it communicates with the server based on its current mode (foreground vs. background, active vs. sleeping). In addition, the app transfers files on an on-demand basis; files are only transferred when the user explicitly requests them. This allows the user to control when data is used and to insure that they are connected to WiFi networks before transferring so that the transfer doesn’t count against their cellular data cap.
Can Secrata Server authenticate users using external authentication sources?
The Secrata Server authenticates users using multiple authentication sources that includes the server user database, Microsoft Active Directory, and OpenLDAP.
Can Secrata Server restrict access to a subset of users on external authentication sources?
The Secrata Server can restrict access to a subset of users on external authentication sources by verifying that login user is a member of external authentication source Secrata authorized groups.