A data breach in which documents containing sensitive information such as personal data or Intellectual Property are released results in costly reputation damage and high fines. Storro offers unparalleled security, privacy and resilience to attacks. We do this by, among other things:
- Automatic encryption of (personal) data
- Demonstrably serious about confidentiality
- GDPR compliance
Automatic encryption of (personal) data
Every document in Storro is automatically encrypted, shredded and stored in one or multiple data centers in Europe. This automated security flow means no one can “forget” to encrypt the data. This way you can be sure that your data is protected. The files remain encrypted at rest and in transit. Only the data owner and designated contacts have the keys to this – even Storro company doest not have a copy. In this way, no service provider or storage location gets readable or even complete information. It is even possible to work directly peer-to-peer with contacts, without using the distributed cloud storage. With this Storro exceeds current legislation (such as the AVG/GDPR), standard NDA clauses and security requirements from the market. It is not without reason that the application has been awarded several times internationally and our team has several technical European publications to their name.
Demonstrably serious about confidentiality
Storro is actively used as a selling point to customers and prospects to show that you take the protection of their information seriously. Storro’s protection exceeds current legislation, standard NDA clauses and security requirements, while working super fast and pleasant.
Using Storro immediately improves compliance and risk management. In this way you amply meet the applicable requirements, without the need for substantive knowledge. Information in Storro is automatically stored encrypted, with the keys only in the hands of the data owner and designated contacts. The data is stored across known locations in Europe and is compartmentalized in Projects (need-to-know structure). In addition, every change is transparently and indisputably recorded in an audit trail, and user access is cryptographically enforced. Even in the event of a data breach at a storage location, only encrypted and incomplete data (snippets) is disclosed.