Brief Description

Focus on file permissions, security and integrity.  Permissions are assigned to members.  Security with password and 'openssl AES-256-CBC' encryption.  File integrity is provided by MD5 checking.  Downloads are provided in password protected zip packages.

Extended Description

Overall purpose of the “Secure File Manager Plus” is to provide a secure area for teams to store controlled files.  

Setup of Teams and Team Security

• Permissions Applied to Members (required)

• Administrator
• Manage Folders
• Upload Files
• Download Packages
• Delete Files

• Two Factor Authentication (optional)

• When enabled, the Team cannot be accessed until Two Factor Authentication has been established
• More information on Member Accounts and Two Factor Authentication.

File Manager Security

• All activity within the File Manager is tracked and logged with user information.
• Un-approved members or guests attempting to retrieve information from the file manager will redirected.
• Create Folders.  When creating folders, a password can be applied.   Passwords are evaluated to ensure length and complexity are sufficient.  This password is used for the encryption process of all uploaded files.
• Upload Files.  Only specific file types can be uploaded.  The code also prevents certain types of files to be excluded regardless of the upload type permitted.  Upon uploading:

• File MD5 value is stored
• When the folder in which they are being uploaded has a password, the file is encrypted with 'openssl AES-256-CBC + key' encryption and another MD5 value is stored.  Encrypted files are in a state that cannot be read.  Decryption is the only way to effectively view file.
• Create URL Shortcuts.  URL shortcuts are simply files created automatically when a URL and a filename are provided.  Upon creating the shortcut, a file is created with 1 line of plain text which includes the URL.  If the folder has a password, the file is also encrypted.

• Downloading from Password Protected Folders

• Upon either downloading a single file or downloading a package, all files are decrypted, an MD5 is stored, a header is imprinted on PDF, PNG, GIF, and JPG files.  The header contains a unique identifier for traceability.  The files are then collected and put into a password protected ZIP package for download.  Within the ZIP package will be a file with information about the files it contains. The ZIP package will be password protected with unique 40 character alphanumeric+special character password.  A MD5 and SHA-1 of the zip package are then collected.
• An email is sent to the member downloading the file.  This email includes all the information about the download including; unique identifier, password, MD5, SHA-1, and detailed information about the files in the the zip container.
• Immediately after downloading, the zip package is removed from the server.  
• Package passwords are NOT saved or stored.  Packages must be downloaded again in the event a password is lost.

• Downloading from non-Password Protected Folders

• Downloading a single is a traditional download without any information about the file included.
• Downloading a package and an MD5 is stored. The files are then collected and put into a ZIP package for download.  Within the ZIP package will be a file with information about the files it contains.

Notes and Information on Keeping Secure Files Secure

To ensure file security, it is important to keep ZIP packages secure.  Never UNZIP a password protected ZIP package to your local computer.  

PDF, PNG, JPG, and GIF files will contain a header with the member information and time stamp at the top of every page.  This helps with traceability in the event the printed and/or the unprotected file is found on a local computer workstation, laptop, or smart device.

Once a file has been removed from a protected ZIP package, the security integrity becomes questionable.  It is important to establish local policies and provide training on handling printed and non-protected files.

Additional Comments

Files are backed up during normal system maintenance schedules.  Since the password protected files are encrypted, backups DO NOT store the files in the un-encrypted state and recovery is impossible without a password.

The only information about the folders and files that is stored is password of the folder.  The password is encrypted with 'openssl AES-256-CBC + key'  and then stored in a MYSQL password field.  This technique of storing critical information has time tested.

If you do not have direct access to the server files and database information, consider making local backups of the download ZIP packages.