Deaddrop

Deaddrop is a web based secure file transfer appliance. It is designed from the ground up with security in mind. Operating system, sub systems, web server and web applications are all hardened. The deaddrop application is used to transfer files between single persons or groups of persons as easy as possible. Usability and awesome security features, was key design properties built-in from the beginning.

Only by having an appliance, not using a service by some unknown entity on the other side of the Internet, one has the possibility to have control over file imports/exports into an organization, to have a policy compliant way to transfer information, to have security controls in place that you configure and control.

Usecaces include having Deaddrop

A controlled way to export sensitive files to third parties, e.g. contracts or reports, to get access control, secure transport and not least an audit trail with timestamped upload and download recepits.

A printing company that need to receive large files. Sensitive files better not be sent by traditional unencrypted FTP or mail

An internal distribution mechanism, as a datalock, between different security zones, where only certain files are allowed to be transferred in certain directions

As a file distribution mechanism for projects working with internal and external partners

A chokepoint and controlpoint for importing files to an organization, for example patches and executables that is not covered by automatic patch solutions (e.g. WSUS)

A controlled way to export documents to members of the board, with full access control, secure transport and not least an audit trail with timestamped upload and download recepits

A data washing machine, that is used to check that only allowed content is exported. And that information is checked before beeing forwarded

Features

Security

  • Hardened operating system with minimal and restricted install
  • Files are virus scanned with multiple antivirus scanners
  • No sideloading or mashup of data, or program code
  • File up and downloads are protected by TLS

Technical

  • Support for several 3rd party SMS gateway suppliers
  • Built for Internet standards: TLS, HTTP, SMTP, NTP
  • Hardened SElinux policy enforcing all processes
  • SElinux MCS isolation between users

Usability

  • As simple to send one file to one party as sending multiple files to many receivers
  • Receiver get reminder notification if file is not downloaded for some time
  • Possibility to transfer very large files (many gigabytes)
  • Simple 3 click-to-send setup with reasonable defaults

Features in upcoming releases include

Whitelisting of files

Blacklisting of files

Timed release of files, upload a file that gets released tomorrow or in two weeks

Metadata cleaner to allow an uploader to clense files

ActiveDirectory intergration

SAML support

Support for TSP (Time stamp protocol) for cryptographically timestamped audit trails that a certain file passed a certain time

Enhanced statistics and administration pages

Additional languages supported

Additional Authentication Methods

Interested in Deaddrop?