Sealed Cloud – uniquely secure
The patented Sealed Cloud Technology is based on a concept of several interlinked technical precautions. This ensures that unencrypted data cannot be accessed in the data center. The aim of this concept is to eliminate the “human” weak point at the service provider.
360° security
The sealed cloud offers holistic protection. Your data is not only secure during transmission (“data in transit”) and storage (“data at rest”), but also during processing (“data in use”). Thanks to the sealed infrastructure, even metadata such as user identification, file names and the creation or modification data are not visible to unauthorized persons. This makes the sealed cloud an uniquely all-round secure technology.
The patented Sealed Cloud Technology
Our patented sealed cloud technology (EP 3314844) is at the heart of idgard. It goes far beyond end-to-end encryption and demonstrably excludes any unauthorized access to data and connection information with the help of technical measures. As a result, our customers’ data remains inaccessible to idgard at all times – while at the same time secure data processing can be realized in idgard.
Security on your device
Strong user authentication
2-factor authentication
Control over your own data
The data is stored in the idgard cloud, whereby you retain sovereignty over the data.
Secure offline availability of documents on mobile devices
Encrypted storage of downloaded files and the option of intelligent data deletion.
In-App PDF Viewer
No forwarding to external PDF viewers. Your data remains secure in the app, even when you view and edit it.
Security in architecture
- Encryption of data at file level with individual, user-generated keys
- End-to-end encryption for the transfer of data between server and user
- Data protection using the latest technology (state-of-the-art SSL encryption AES 256)
- Data processing on technically sealed application servers with volatile memory
- Individual user data encryption – without idgard having access to your keys
Security against attacks from internal and external threats
Against attacks from outside (perimeter protection)
- Hardening of server operating systems
- Electro-mechanical monitoring of all systems on doors
Against attacks from within (data clean-up)
- Unencrypted data is processed exclusively in data clean-up areas (without persistent storage).
- Data clean-up area: In the event of physical access, data on the servers is deleted by switching off (powering down) the servers.
Your advantages of idgard technology at a glance
- Sealed processing: Unauthorized access – even by administrators and service operators – during data processing is technically impossible.
- Encrypted connection: The connection to the idgard servers is protected by SSL/TSL encryption.
- Encrypted storage: Data is stored at file level using user-specific AES-256 encryption. There is no vulnerable key memory.
- GDPR-compliant: idgard meets the strict requirements of GDPR for processing of personal data.
- Certified in the highest protection class: idgard is certified in the highest protection class (3) according to the Trusted Cloud Data Protection Profile (TCDP). This facilitates documentation and control obligations.
- Made in Germany: idgard is developed in Germany and operated exclusively in high-performance German data centers.
- Housing instead of hosting: The idgard servers are reserved exclusively for idgard and do not host any services from other providers. This means that idgard controls the entire server stack.
- Suitable for confidentiality holders: idgard is also suitable for strictly regulated industries and even for professional secrecy holders according to § 203 StGB (German Criminal Code) such as doctors, lawyers, tax consultants or auditors.
idgard has been certified by TÜViT (TÜV Nord) in the highest TCDP protection class for cloud services! You can find out here to what extent this makes your documentation and control obligations easier.