Security

CTERA Portal incorporates multiple layered security features to ensure that your data is protected whether in transit or at rest:

• You can deploy the portal either on-premise or in a virtual private cloud (VPC) to keep your data within your network and 100% behind your firewall.
• CTERA Portal uses cryptographic libraries certified with FIPS 140-2.
• All data is encrypted before it is sent to the cloud using AES-256 encryption and remains encrypted as it is stored.
• All WAN transfers use Transport Level Security (TLS) protocol over the WAN, preventing unauthorized interception of data transfers.
• Manage your own encryption keys or use personal passphrases per user to prevent privileged administrators from accessing data. Password policy enforcement ensures that passwords have a minimum length and complexity, and that the password is changed frequently.
• Use email and SMS-based two-step authentication for external file sharing to ensure only intended parties can access files. You define rules based on file size, name, or type that deny or allow files to be shared externally or uploaded to your network.
• CTERA Portal provides role-based access control, using Active Directory or LDAP roles and groups to control access to data and set up administrator roles.
• CTERA Portal interfaces with Single Sign-On (SSO) management tools to provide seamless user authentication and avoid duplicate credentials.
• CTERA Portal integrates with leading Anti-Virus, and EMM tools ensure that security and governance follow the data.

For a more detailed description of CTERA security, see https://www.ctera.com/resources/ctera-platform-security-architecture-whitepaper/,