Sync Security and Privacy Brief Now Available
Security and privacy are two of the leading issues for users when transferring important data. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical challenges when there’s a need to share data externally. Resilio Sync offers the ability to sync data securely and privately by replicating data directly between trusted devices and keeping data encrypted in transit.
We take security and user privacy very seriously at Resilio. By design we don’t capture or store any user data on our infrastructure. Further, we have no way to gain access to user data or personal information. We believe the only way to truly keep user data secure, is to not have any user data. We never see it, we never store it, and we can’t access it — and neither can any 3rd parties. Any anonymized statistics we collect when you use Sync are sent in the clear, so you know exactly what data we’re gathering.
Here are some of the key security and privacy properties of Sync:
* Sync only transfers data by establishing a direct connection between peers you select. This allows data to exist at rest exclusively on private infrastructure.
* Sync keeps ALL your data private. Other solutions may keep your files private, but store login, usage, and access information on public servers.
* Sync uses cryptographic security instead of a password-based system, and all your data is AES-128 encrypted in transit.
* Sync uses X.509 digital certificates for mutual authentication and validation of file modification requests.
* Insecure, but easy-to-use tools (like email) can be used to securely sync folders with Sync.
* Each device has full control over how it communicates with other peers and services can be limited to increase privacy.
* Resilio collects usage statistics from Sync to help us improve the product. This information is sent in the clear so you know what we are gathering.