โ Back to Home
๐ก๏ธ Encryption Model
Encryption at Rest
All files stored in Vault are encrypted using industry-standard AES-256 encryption:
โข Algorithm: AES-256-CBC
โข Key Management: Server-side managed encryption keys
โข Storage: Encrypted files stored on secure DigitalOcean infrastructure
Important Disclosure: Vault currently uses
server-side encryption, not zero-knowledge encryption. This means:
- SkillBreed engineers can technically access your files if required
- We can reset your password and restore access to your account
- Files are encrypted on our servers, but we hold the encryption keys
Encryption in Transit
All data transmitted between your device and our servers is protected:
- TLS 1.3: Latest transport layer security protocol
- SSL Certificates: Valid certificates from Let's Encrypt
- HTTPS Everywhere: All connections forced to HTTPS
๐ข Infrastructure & Hosting
Server Location
Your files are stored on our infrastructure:
- Provider: DigitalOcean LLC
- Location: United States data centers
- Jurisdiction: Subject to U.S. data protection laws
- Compliance: SOC 2 Type II, ISO 27001 (in progress)
Network Security
- Firewall protection (UFW configured)
- Intrusion detection (Fail2ban active)
- DDoS mitigation
- Regular security patching
๐ Authentication & Access Control
User Authentication
- Password Hashing: bcrypt with salt (14 rounds)
- Session Management: JWT tokens with 7-day expiration
- Inactivity Timeout: 10-minute automatic logout
- 2FA: Two-factor authentication available (optional)
File Sharing
- Share Links: Cryptographically secure random tokens
- Password Protection: Optional password for shared links
- Expiration: Links can be set to expire
- Revocation: Links can be revoked anytime
๐ฆ Malware Scanning
Every file uploaded to Vault is automatically scanned for malware:
VirusTotal Integration: Each upload is scanned by 70+ antivirus engines before being accepted into your vault. Infected files are automatically rejected.
๐พ Backup & Disaster Recovery
Automated Backups
- Frequency: Daily automated backups
- Retention: 30-day backup retention
- Redundancy: Backups stored in separate geographic location
- Encryption: Backups are also encrypted at rest
Recovery SLA
- Data Recovery: Up to 24-hour recovery window
- Uptime Target: 99.9% monthly uptime
- Incident Response: 1-hour response time for critical issues
๐ Security Monitoring
- System Monitoring: Netdata real-time infrastructure monitoring
- Log Aggregation: Centralized logging with Logwatch
- Intrusion Detection: AIDE file integrity monitoring
- Vulnerability Scanning: Regular scans with rkhunter
- Access Logs: All file access logged with IP and timestamp
๐ฅ Access to Your Data
Who Can Access Your Files?
Honest Disclosure:
- You: Full access through your account
- SkillBreed Engineers: Technical access for maintenance/support (encrypted but keys are server-side)
- Law Enforcement: We may be required to provide access under valid legal process (subpoena, warrant)
- Third Parties: No access - we never sell or share your data
What We DON'T Do
- โ We never sell your data
- โ We never scan files for advertising purposes
- โ We never share data with third parties (except as legally required)
- โ We never use your files for AI training
๐จ Incident Response
In the event of a security breach:
- Detection: Automated alerts + manual monitoring
- Containment: Immediate isolation of affected systems
- Investigation: Forensic analysis to determine scope
- Notification: Affected users notified within 72 hours
- Remediation: Security patches and improvements deployed
๐ Third-Party Audits
Current Status: SkillBreed Vault is working toward SOC 2 Type II certification. We have not yet undergone a third-party security audit.
Planned Compliance:
- SOC 2 Type II (Target: Q3 2026)
- ISO 27001 (Target: Q4 2026)
- GDPR Compliance (Active)
- CCPA Compliance (Active)
๐ Contact Security Team
Found a security vulnerability? Please report it responsibly:
Security Email: security@skillbreed.com
Response Time: Within 24 hours
Disclosure: Coordinated disclosure after fix is deployed
Last Updated: January 28, 2026