Last modified: March 28th, 2018
We provide this overview so that you can better understand the security measures we've put in place to protect the information that you transmit using Mover.
Secure Storage & Transfers
We encrypt the files that you transmit through Mover using the AES-256 standard, which is the same encryption standard used by banks to secure customer data. Encryption for your files is applied as soon we receive them, and we manage the encryption keys.
Mover uses Amazon EC2, Microsoft Azure, Google Cloud Compute, and other custom hosted servers for our server infrastructure. Microsoft, Google, and Amazon store data over several large-scale data centers.
You can find more information about:
- Amazon's security at the Amazon Web Services' website.
- Google's security on the Google Cloud Platform website.
- Microsoft's security at the Microsoft Azure website.
If supported, your files are sent between the services you choose and our servers over a secure channel using 256-bit TLS (Transport Layer Security) encryption, the standard for secure Internet network connections.
Your Data is Not Retained by Mover
After we have completed transmission of your data between the services you have directed us to use we remove any copies of your data from our servers. We simply facilitate the transfer of your data and we have no interest in, or benefit from, retaining your data.
We guard your privacy to the best of our ability and work hard to protect your information from unauthorized access.
On the rare occasion, Mover employees may access your connections and files only to fix bugs or troubleshoot problems that have been identified.
Compliance With Laws and Law Enforcement
How to Add Your Own Layer of Encryption to Mover
Mover applies encryption to your files after they have been uploaded, and we manage the encryption keys. Users who wish to manage their own encryption keys can apply encryption before transmitting files through Mover. Please note that if you encrypt files before transmitting them, some features may not be available.
Where Do I Report Security Concerns?
We take a number of measures to ensure that the data you transmit through Mover is safe and secure. While we're very confident in our technology, we recognize that no system can guarantee data security with 100% certainty. For that reason, we will continue to innovate to make sure that our security measures are state of the art, and we will investigate any and all reported security issues concerning Mover's services or software. For a direct line to our security experts, report security issues to email@example.com.
We will fully credit anybody whose reports lead to the improvement of Mover security.
Security in Depth
This whitepaper presents an overview of Mover’s infrastructure with regards to security and how it fits into customers planned implementation. It will cover security policies and encryption.
Mover is a highly available infrastructure with the primary purpose of moving files between cloud storage providers. We provide a level of service tailored for the customer, and we understand that security and reliability are the most important features. We are dedicated to continually improving, and the policies presented here are to be considered the minimum standard of our implementation.
Security for us comes in four primary areas:
- Authorization of the service for a user.
- Storage of user authorization information.
- Protection of our infrastructure from external intrusion.
- Security of a user’s data as it flows through our system.
Authorization of service
During the process of authentication with a cloud storage provider or other service, we require the collection of authentication data to be retrieved and stored for later use. There are two primary methods that are used to collect this data, they are:
OAuth (Open Authorization) is a web standard which provides a process for end-users to authorize third-party access to their server resources without sharing credentials. More information can be found at:
Although the exact encryption method varies browser by browser, Mover requires strong TLS encryption between Mover and the User for the initial authorization. All our OAuth token exchange use TLS v1.2 to connect to the authorizing server. OAuth will allow the user to deny Mover access to the third-party service at any time by revoking our token.
All password or key collection occurs through the web interface over a secure TLS connection utilizing strong ciphers, generally 256-bit AES or stronger.
Storage of user authorization information
In order for us to have continual access to the user’s service, we need to store authorization credentials. In the case of OAuth or OAuth like services, like Box, we store an authorization token which grants us access. In the case of a direct password or key, like FTP servers or Amazon S3, we need to store direct authorization credentials.
These credentials are the key to accessing the customer’s files, and we take special care to secure this properly. All tokens and passwords are encrypted using AES 256 variant with both global and user specific encryption keys. This data is then stored in our internal database servers with no outside access.
Security of Infrastructure
It is important that our infrastructure is secured from external attacks. The following classes of servers have carefully implemented security policies:
- API Servers
- Web interface
Runners are our servers that move files. Since this entire process relies on outbound connections, our security policy can be very simple and secure. There is no outside access allowed to these servers. All outbound traffic is pushed through a point firewall, obfuscating the infrastructure behind.
For maintenance, SSH access is allowed through a two stage process. Access to the point firewall utilizing SSH keys only, then from there SSH access to the individual servers only via SSH keys. To further increase security, inbound SSH is only allowed from specific white-listed IP addresses.
Our API servers, both for our public API and internal API, have a public facing interface. Similar to the Runners, the API servers have SSH management access through a two stage process. The main difference is that our API servers require a public facing web interface that is completely open. Only TLS web traffic is allowed into this interface. For our internal application API, only authenticated session based traffic is allowed. For our public API all access is secured through our managed API keys.
All applications by Mover that have a web interface (ie. https://app.mover.io) are secured using TLS strong ciphers. User input, including username and passwords, are passed securely to the backend over this encrypted TLS connection, identified by our site-wide 2048-bit TLS certificate.
User data as it flows through us
During the process of a transfer, all files are downloaded to our Runner servers, then uploaded to the destination service. Each step relies on the security provided by the individual service that we are getting the files from, or uploading the files to. The following list describes the encryption available with each service:
During mediation process, Mover maintains a copy of the file, temporarily, on an encrypted file system before it uploads it to the final destination. As soon as the file has been verified uploaded, we immediately remove the file from our cache. We never keep a copy of your data.
Architecture Overview Diagram