We at Sendent believe that Nextcloud is the best content collaboration platform for data security and privacy.
Unlike U.S.-based tech companies, which are required to disclose data to U.S. federal law enforcement even if the servers are located in the E.U., Nextcloud allows you to have full control over your data. Your server, your rules.
Today we are going to highlight five Nextcloud features that help keep your data safe.
Data security starts with knowing what happens to the data within your own server. Here are a few ways users can monitor their files with Nextcloud:
- Track file activity: Check all changes including newly added or deleted files in shared folders, recent edits, downloads, new comments, and more.
- Server Information app: Admins can use this app to monitor their Nextcloud server installation. See statistics and keep an eye on the server’s performance. See more monitoring apps in the Nextcloud App Store.
- Compatible with industry tools: Admins can monitor Nextcloud system with popular tools such as Splunk, Nagios, and openNMS.
- Auditing logs: Log data in the nextcloud.log file to monitor file handling and user management and protect against data loss.
Read more about server monitoring on the Nextcloud website.
Users can configure permissions on the files and folders they share:
- Set permissions for shared files to: read, create, edit, and/or upload
- Watermark files to make it more difficult to steal data
- Create passwords and expiration dates for shared files and folders
- Hide the contents of a shared folder where outside users can upload files to
- Block download permissions to control access
Suspicious login detection
Nextcloud 16 introduced a machine-learning-based login detection, supplementing Nextcloud’s existing brute-force protection and 2-factor authentication. This feature uses a locally trained neural network to detect login attempts by malicious actors.
File access control
This feature allows admins to limit access to files according to their specific requirements. Admins may create a system-wide definition of rules that restrict file access, preventing individual users from sharing files in defiance of those rules.
File access control is configured using Flow.
An audit is a security and compliance process employed by companies to identify problems, reveal their causes, improve performance, and instill trust in their partners and customers. In many cases, regular audits are required by government regulators (e.g. Publicly traded companies are required to provide audited financial statements to shareholders and the government).
For starters, Nextcloud supports an audit log that stores the activities of all users of the system, which may be reviewed if required.
Nextcloud as a tech company also has internal processes and code audits as a security and confidence measure. They also regularly engage with third parties to review and audit the Nextcloud code base.
Swiss IT security firm Kyos audited Nextcloud’s code for a client, the local government of Geneva, Switzerland. Kyos said: “After testing the solution in a Proof of Concept, it clearly appeared that Nextcloud was professionally developed and maintained. It was very stable and the security audit was excellent. It was prompt, professional and very efficient.”