Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Encrypted Storage with File Requests?
5 points by klohto on July 17, 2020 | hide | past | favorite | 6 comments
We are struggling with sharing small but confidential files (SPII) between us and customers. When we discuss PoC with customer, we usually exchange smaller batch of data, like Excel sheets, encrypted through email. We have S3 set-up for processing any bigger load of data after that.

As you can guess email is not ideal and I really don't like it from a security standpoint. If we try to go directly with S3, the business user is usually not too tech-savvy to get the CLI going.

Giving him a GUI, like Cloudberry, requires involvement of IT department, which as you can guess, takes quite a big of time in any reasonable bigger company and slows the process down.

I looked at Dropbox, Box, SpiderOak, Syncplicity, and Sookasa, but none of them fit the need. Basically I'm looking for a SaaS (preferably) offering that has the following features: * Browser client or support for Windows and macOS * File requests with password support * 2FA to access the files * File residency options or located in Europe * SOC2, HIPAA, ISO or any equivalent security certificate * Access logs and auditable at least on IP level * User-friendly and accessible for non-technical people

Nice to have: * File upload (through file requests) without an account * Zero knowledge encryption and open-sourced

I might just want too much though... Do you have your own solution? Is there something that I can host myself (rather not)?



For open source you might look at NextCloud [1]. They have both a cloud and self hosted solution. Each users files are encrypted with their keys. Disclaimer, I do not use it. We were going to use it for an internal project but the AGPL license is not compatible for our company.

[1] - https://nextcloud.com/


That looks like a powerful service. From a quick check, it seems to have all the things I need. Thanks a lot, it’s a step in right direction for me!


No problem. It looks like Linode [1] even have a way to deploy this as a pre-packaged app on a VM. I bet some other VPS providers probably do this too.

[1] - https://www.linode.com/marketplace/apps/


Long-time lurker here. My colleague and I are currently building our own distribution platform, primarily to share access to our software product artifacts (Docker images, ZIP files, MSI packages) to Gumroad subscribers. We are using S3 as a backend, so atleast some of your requirements would be fulfilled. 2FA is on our TBD list.

Totally of topic: I primarily replied because I found your LinkedIn profile, saw "Beaker" as product name for your previous work and laughed hard: We also chose a Muppet name for the platform described above: "Gonzo" ;-)


Looks like we might need to roll our own :( Ha, Gonzo is great! Frankly, the name was the only exciting thing about the product. But I would definitely choose a similar name again, it makes my presentations funnier if I can insert a relevant picture with a muppet.


Sync.com is a Canadian solution that does what you are asking.

Maybe add them to your search keyword list!? :-)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: