LucidLink Filespaces is built on a modern, general-purpose distributed file platform designed for the cloud.
One of the fundamental tenets of the design is our strong focus on security to provide the best-of-class solution for highly sensitive workloads.
We minimize the amount of trust required by all entities involved in storing, managing, and transferring data. This means not making any assumptions about explicitly trusting the network infrastructure, the cloud storage providers, or LucidLink itself.
Infrastructure & storage providers have no knowledge about the data that customers store and transmit. Only the customer can “see” the data.
Data is encrypted on the customer device and remains encrypted both in transit and at rest and only the customer is in possession of the encryption keys. In contrast, server-side encryption typically employed by other cloud storage services, data is encrypted at only rest, and the service providers maintain the encryption keys and therefore have full access to the content.
All the locally cached data and metadata on the client devices are stored encrypted on the local disk. Simply disconnecting from the Filespace prevents an attacker with physical access to the device from gaining access to the LucidLink Filespace.
Filespaces are based on a split plane architecture where the metadata and the data planes are managed separately. The metadata is synchronized through a central metadata service provided by LucidLink, while the data is streamed directly to and from the cloud or an on-premise object-store.
Authenticated encryption – AES-256 in GCM mode
Any malicious tampering or data integrity issues such as bit rot on the
server-side are immediately detected upon access
SaaS offering, no hardware or IT support required
End-to-end security encryption
Works with any object storage
Instant on-demand file access from anywhere
Works with any OS