At Monosnap, security is our highest priority. Monosnap Team cares about protection of our customer's data seriously. We aim to be transparent about the way we handle security.
If you have additional questions about security and compliance at Monosnap, please email firstname.lastname@example.org. We're always happy to help you!
How Monosnap protects your data
Monosnap infrastructure is designed with modern security concepts. Our security controls are tested extensively by our own Security Team, third-party security research companies and individual testers, according to bug bounty program.
For our customers, we offer several solutions based on their security requirements:
Using Monosnap Infrastructure. Monosnap bases on infrastructure provided by Amazon Web Services (AWS), Cloudflare and DigitalOcean to host or process customer's data. Below you can find information about security provided by our providers:
- AWS Security website
- AWS Compliance website
- Cloudflare Security website
- Cloudflare Certifications and compliance resources
- DigitalOcean Certifications
Zero-Trust Integration with trusted or corp cloud services. For those who prefer hosting files on own servers or such services as Google Drive, Box and other services, Monosnap provides zero-trust solution that allows uploading files avoiding Monosnap's servers. If you're interested in this integration, please contact us.
On-Premise Solution based on corp services. If you extremely care about security and want to keep everything under total control, Monosnap can be installed and run on a base of corp servers. If you're interested in this integration, please contact us.
Monosnap implement and maintain all required technical and organizational measures to protect your data from accidental and unlawful destruction, corruption, loss, alteration, and unauthorized access to your data. Monosnap has security controls and procedures, including but not limited to:
Secure Data Transfer. Monosnap architecture allows transferring files to other cloud services or corp storage directly, avoiding Monosnap servers. This is the essential security solution that stands out Monosnap from other competitors.
Data Encryption. Monosnap architecture allows transferring files to other cloud storages, avoiding our servers. We can ensure all customers who decided to store data at Monosnap Storage that all transferred data are strongly encrypted using industry-accepted methods. Monosnap supports the latest recommended secure cypher suites and protocols to encrypt all traffic in transit.
Security Integrations with SSO services. Administrators can connect corp SSO service to control his team members, even terminate connection remotely. Administrators also can set up, predefine and even restrict any Monosnap's preferences. Get more information about settings restriction here. If you're interested in this integration, please contact us.
Access Management. At Monosnap Cloud Storage, all files available by link to anyone. That is why, we don't recommend using short links for private data. To avoid data leaks, administrator of paid Monosnap Team can set up access for file viewing at Monosnap Cloud Storage for every member. Learn more about access management...
Host Management. We perform automated vulnerability scans on production servers and eliminate any suspected issues that were found in our environment. We enforce screen lockouts and the use of full disk encryption for company laptops.
Network Protection. In addition to automated vulnerability scans and monitoring, we've implemented two-factor auth for all servers access across our production environment. Monosnap's architecture is configured according to industry best practices, using AWS and Cloudflare services.
Data Backups. Monosnap automatically perform backups on daily basis. All backups are encrypted and stored in multiple independent storages. To ensure availability, customer's data stored in multiple locations in our hosting provider’s data centers. Our Team makes disaster recovery, backup and restoration tests and other required measures.
Customers Accounts and Data. We place strict controls over customer data and accounts at Monosnap. If a customer or company works under Commercial Plan or Enterprise Plan, any changes with accounts of its team members could be applied via requesting or approving by administrator only.
Development Process. Monosnap is developed in accordance with Software Development Life Cycle that included all phases from analysis to security review. The Security Team works closely with Development and QA Teams during development and in the case of resolving any additional security concerns. Monosnap also has a bug bounty program. We work with security researches around the world.
Incident Management. Monosnap maintains security incident management policies and procedures. According to these rules, Monosnap notifies impacted customers without undue delay.
Security Policies. Monosnap has strict security and risk management policies regarding user data and information assurance. We are committed to continually improving the security testing, confidentiality, and data integrity of Monosnap service. Detailed policies, procedures, and duties help to keep under control and organize workflow at Monosnap, including but not limited to:
✅ Access and Auth Requirements
✅ Risk Management
✅ Backup and Data Loss Prevention
✅ Retention and Deletion Procedures
✅ Testing, Training and Exercise Procedures
✅ Information Classification and Management
Personnel Practices. All candidates are thoroughly checked before hiring. The checking includes reviewing job history, criminal background of the candidate and close relatives, education, etc. Before starting and accessing to Monosnap systems, all employees are required to read carefully and sign NDA, information security and confidentiality policy at Monosnap; pass security and privacy awareness training.
Industry standards and compliance. Monosnap aligns with current industry standards such as ISO 27001, ISO 27002 and ISO 27018 at least.