To achieve compliance with GDPR, many companies face major challenges. One of these is e-mail communication in the area of personal data exchange. Since data is usually not sent encrypted by e-mail, it is increasingly looking for secure alternatives. This mainly concerns the sharing of personal data under GDPR, but not exclusively. Ideal are secure platforms on which one can store and exchange data (files) in encrypted form. These platforms are a secure alternative to Dropbox and other online storage services.
Timewarp has therefore developed Sharebox, a secure file-sharing solution, as an alternative to Dropbox based on the Nextcloud software. This solution retrieves the customer from where they stand, ensuring the secure exchange of GDPR-relevant data through encryption with the addition of extras such as high scalability, high degree of automation or customization options for the customer’s CI.
Encryption ensures exchange of sensitive information
Timewarp provides the Sharebox platform on its own Docker infrastructure. This results in many advantages: Docker containers are manufactured quickly and can be reproduced as required. In addition to the high scalability, the solution is characterized by a high degree of automation. For example, upgrades can be imported quickly and without interruption. Access to the data is encrypted via SSL. For each access attempt, the validity of the certificate is queried. That’s exactly the kind of security that companies need in terms of GDPR compliance.
Easy handling of the Sharebox
The Timewarp Sharebox will be charged according to used hard disk space. Again, it offers a favorable alternative for the customer to Dropbox, which are often charged according to number of users. The Sharebox was developed especially for those companies that want to securely exchange data with external parties. This concerns, for example, doctors, lawyers or accountants. Customers can create users themselves without incurring additional costs. These external users can access their documents via link generation.
The data exchange works very fast and is highly available, as the Sharebox infrastructure is housed in TIER III data centres with excellent Internet connectivity. Thus, the local editing of files (even offline) by fast synchronisation is very convenient. The easy handling of the Sharebox solution Timewarp as an alternative to Dropbox is an important advantage. The Nextcloud Login can be combined with the Active Directory User. This means that entering the Nextcloud platform is not complicated by any additional work steps.
Data stays in Austria
In view of the high penalties for violations of the provisions of the GDPR, the question of the corresponding protection (encryption) of the stored data is very important for companies. For personal and sensitive data, alternatives to Dropbox, Google Drive, or OneDrive are essential, as they may be compromised when used. It is not certain that the data are located in countries where the GDPR is valid at all. A reliable solution therefore represents the use of Timebarp’s local online storage service Sharebox.
With the GDPR companies are obliged to take extensive measures to ensure data protection and to document these. The conscientious selection of the cloud service provider for storing and exchanging data is the logical first step here.
Comprehensive Security Concept
Timewarp recommends proactively addressing corporate file sharing and implementing unified policies for all employees. In practice, there is often wild growth in particular the uncontrolled or unauthorized use of cloud storage solutions often with non-secure devices is a major challenge. GDPR compliance has many aspects and often improving a process is only the beginning of a comprehensive security concept. Therefore, Timewarp also offers comprehensive IT security consulting. Starting with the analysis of the current situation, all IT aspects are examined, including the security of the end devices. The resulting catalog of measures with implementation guidelines is the basis of the data protection regulations required by the GDPR.