Security & Privacy

With Storro your data and you enjoy unprecedented security and privacy. At https://storro.com/en/technology we explain in detail how this has been technologically executed, and what guarantees this offers. Summarized, your information is protected as follows:

All data in Storro is automatically encrypted to make it unreadable to unauthorized actors. This encrypted file is then cut into small data chunks that are each sent over a separate encrypted connection (RPC) to your project members as to prevent man-in-the-middle attacks. As Storro doesn’t know a central component, like a server, it’s very complex to attack. Your data is stored spread out over the devices of you and your team members – the people that actually need access to it. No third party, including us, has a copy of this data or the keys. So even if the encryption algorithm were to be compromised, your data remains private. Furthermore, user rights are not software based –as is standard- but cryptographically enforced to prevent abuse. All actions in a project are captured in a private blockchain to ensure indisputable, transparent audit trail and revision control that lets you go back to any previous state of a file, folder or project. For the many differences with how cloud services work, please see the question What is the difference between Storro and cloud services such as Dropbox, Google Drive or OneDrive?

The little information that we have of you is not given to third parties, unless legally obliged as described in our privacy statement.

Storro uses both symmetrical and asymmetrical encryption. The fundamental cryptographic algorithms used in Storro are::

  • Keccak-f₁₆₀₀ for all symmetrical encryption
  • Curve25519 for all asymmetrical encryption

These algorithms have no known weaknesses. All keys are generated locally and are solely in possession of the data owner(s). See https://storro.com/en/technology for more information.

Your files are stored encrypted and compartmentalized on a virtual drive (default location S:) on your own hard disk. When it concerns a shared project, it’s also stored on the hard disks of these project members. Storro creates a view on your data so you can work in it, but the data on disk remains encrypted at all times for protection. The virtual drive is approachable via the application and your finder when Storro is running. When you quit the application, the virtual disk disappears and only encrypted data chunks can be found on your system.
Only you have an overview of the projects you are in. Others can only see the shared projects they have been invited to. The Storro company has no insight in any of your projects.

License

Purchasing and extending of licenses can be done in the application that is downloadable for free.
In the application, click the hamburger menu top right and go to License. On the left side it shows a button New license group that you will need to distribute licenses. On the right side you can manage the licenses you own. Click on the License button and subsequently Update License. A webpage opens in which you can enter the amount of licenses you wish to purchase.

Distributing purchased licenses is done by creating a New license group. You can add contacts by clicking the Members button, entering their email addresses and clicking Invite. Upon accepting this invite, your contacts will become part of this license group and can use Storro for the duration of the license you purchased.

Member of the license group with the assigned role of Administrator can extend, revoke and dispense licenses. Having multiple Administrators in a group can be convenient to increase the chance someone is available in case of urgent requests.

Both monthly and annual subscriptions expire after the set duration, without tacit renewal. Running subscriptions cannot be paused or cancelled.

Before expiration of a trial or subscription you have the option to purchase a (new) license via the application. By doing so you continue to enjoy Storro’s full functionality.

Should you decide not to renew a subscription, then you get limited functionality; you can no longer change and add information to shared projects or go back to previous versions of files and folders. You will continue to be able to access and copy the information in Storro in the state of when the subscription expired. Should you decide to renew your subscription at a later date then you will regain access to Storro’s full functionality.

Support & trouble shooting

Storro supports Windows (7 and up), MacOS (Yosemite and up) and Linux (Ubuntu 18.04 64-bit). You will find all installer files on our Download page and clicking the OS icons.

Next to running on desktops and laptops, the Storro application also runs (headless) on physical and virtual servers, hosted in- or externally.

At this time Storro supports computers running on Windows, MacOS or Linux. In the future OSX, Android and Windows mobile will be supported as well.
Your virtual Storro drive is mounted automatically when running Storro. (Re)start Storro to get access to this location and refresh all finder windows.

Functioning of Storro

The size of projects and files is not limited by Storro but by the available space on the hard disks of you and your project members. There is also no limit on the amount of synchronized data or the amount of changes made.
Storro is compatible with any file type.
Storro guarantees true end-to-end protection of your information when all parties involved work with Storro. The application can be installed, or run without installation rights by selecting ‘Skip driver during setup.

Should you want to share a single file with a contact that can’t/won’t download Storro, then you can generate a link that enables the recipient to download the file directly from your system and others in the project.

To generate a link for a specific file go to the Files tab in the application. Here you can go through the project’s folder structure. Click the three dots behind the file of choice and select Quick share. Enter how long it should be valid for and send the copied code to your contact(s).

Note: the system of you or a synchronized project member (Administrator, Participant or Observer; not a Facilitator) should be online at time of the download by the recipient. Despite being sent over an encrypted connection, the file itself is decrypted before transfer so that the recipient (without keys) can read it. This entails that the file will be stored on the recipients system unencrypted, and you will have no more insight in what happens to it.

When installing Storro your firewall may ask you to grant Storro permission to connect with the internet on private and/or public networks. By indicating that it may you make full use of the application.
Storro uses private blockchain technology, meaning that a cryptographic chain is created for each individual project of which the information is stored distributed only over the systems that should have access to its content: the project members. No one outside of the project team has a copy of, or insight in this, hence the term ‘private’.

In this crypto chain the user rights (roles) of the project members are captured to prevent manipulation. Furthermore, every change (the metadata, not the content itself) to a project, subfolder or file is recorded in here to form a very reliable yet lightweight blockchain audit trail. This also provides the option to go back to every previous version of a file, folder or entire project, preventing abuse. Besides it guarantees that every project member has an indisputable, transparent image of all the project’s activity and information.

Storro’s private blockchain implementation requires very little computing power and functions without tokens or voting.

Putting your information it a cloud simply means storing it on servers of third parties. This gives those parties the possibility to go through your information, as well as give access to fourth parties such as (foreign) government agencies. All of this happens on a large scale. Because millions of organisations are storing their information on the same servers, they become an alluring target for malicious actors, and vulnerable to massive data breaches.

With Storro you don’t have to trust any third parties because you store your information (encrypted, compartmentalized and decentralized) with those that actually need access to the files; your project members. Outside of these contacts –selected by you- no one get neither readable nor complete information, let alone the keys to it. That includes us. That’s why your data and you enjoy unprecedented security and privacy.

Read more about the technological execution and the guarantees this offers you on https://storro.com/en/technology.

Storro is developed in the Netherlands and wholly Dutch owned.