5 Unique Security Features by Nextcloud

Originally published at: 5 Unique Security Features by Nextcloud - Nextcloud

You love Nextcloud because it allows you to keep your data secure and under your control.

When it comes to protecting your data, we want to be your #1 trusted technology and provide you with state-of-the-art, industry leading tools that go beyond today’s technology standards.

Nextcloud offers more security features and benefits than most people realize, and today we want to zoom in on 5 of them.

Remote Wipe

Remote wipe is a Data Leak Prevention (DLP) method that allows a system administrator to remotely delete data from a device. It’s especially useful if your device is lost, has been stolen or when an employee no longer works for your organization.

Due to built-in Nextcloud support, Remote wipe will not only work on systems under the management of a company (MDM), but also on the private devices of employees in BYOD situations or for friends who have an account on your server. Therefore it is also helpful for home users, large universities, and non-profits who often don’t fully control the devices of their users.

2 examples when Remote wipe is essential:

  • In a scenario where guest accounts were handed to a third party who use private devices, say for planning an event: when the event is over, you can wipe the documents from the devices of guests you gave access.
  • In a situation where an employee leaves the company and keeps their device(s): If you want to make sure an ex-employee can’t access company data, you can utilize Remote wipe and to remove the company data from their devices.

Stolen or lost devices usually catch you unprepared. Therefore, this feature is supported by all official Nextcloud clients, for Android, iOS and desktops. Note that the Nextcloud Remote Wipe feature can only remove data from online devices.

Curious? Watch the video to see how it works:

Video Verification

In situations where extreme security is warranted and the identity of a recipient must be verified with absolute certainty before they are granted access, Nextcloud includes the industry-first implementation of Video Verification in a file sync and share solution.

You might be familiar with this process from the opening of online bank accounts: you have to record yourself or have to have a live session with a human. In both cases, a human has to check your identity before you gain access.

Similarly, Video Verification enforces a Nextcloud Talk video call before access is given to a share, making sure the identity of the recipient is properly checked. The call can be picked up through the Nextcloud Talk Mobile apps as well as the web interface.

At Nextcloud, we want you to feel 100% certain that your data is protected and under your control and jurisdiction.

When extreme security is warranted and the identity of a recipient must be verified with absolute certainty.

Private Cloud Security Scan

To help our system administrators assess the security of their private cloud server, we have developed the Private Cloud Security Scan.

Our scan is strictly based on publicly available information, that is, the list of known vulnerabilities relevant for Nextcloud releases as well as any applied hardenings or settings we can scan without having access to the server.

It’s available for free here, just add your server URL.

Security Bug Bounties

Nextcloud protects your security with up to $10,000 in our HackerOne’s Bug Bounty program.

We have partnered with HackerOne because of its extraordinary popularity among IT security professionals. The widely used platform has a global hacking community that uncovers high-risk vulnerabilities fast and which allows us to quickly leverage the collective knowledge of a huge amount of security experts. Over 3,000 hackers have already reported countless bugs for Nextcloud and reaped the benefits.

Nextcloud’s commitment to responsiveness and putting security first puts them in the best position to attract top hacker talent to continue to supplement the good work their internal security team is doing to protect customers.” – Michiel Prins, Co-founder HackerOne.

Anyone reporting a security vulnerability in Nextcloud can earn up to $10,000, making ours one of the highest security bug bounty programs in the open-source industry!

Learn more in our latest update about the program and read the HackerOne Case Study!

HackerOne Case Study

Virtual Data Room

In settings where a strong security firewall is needed between departments or organizations without impeding smooth and efficient collaboration within each team, a separate Virtual Data Room can be set up. Nextcloud offers a range of features for VDR use and its on-premises nature offers unparalleled confidentiality and control.

For Nextcloud, VDR is a set of features to implement the concept of a VDR, with flexibility in the exact implementation. In our next post, you will learn about some of these features!