Built for security from the start
Yarkon is fully integrated with AWS IAM. It will never allow any end user any permission that was not explicitly granted by the AWS Admin of the account. You can apply any access policy in IAM, and Yarkon will follow it.
API keys are never shared with end users; end users only get short lived session based API keys. The system administrator can always promptly revoke a user access to the system, at any time.
User access can be defined at the account, role, group or user level. Permissions can be set at the bucket or folder level, and can be any combination of read-write and read-only.
The admin can optionally enforce strong passwords, and make users change passwords when their account is created. For extra security, users will be locked out after three failed login attempts - the administrator can unlock users at any time.
100% IAM compatible
Your files, your account
The Yarkon web client application communicates directly with S3. Your documents never touch our servers, or routed through any other service.
Yarkon works across AWS regions; the user interface can show buckets from different regions and support all actions between them.
Enterprise grade security features
Industry standard data security encryption
Yarkon uses AES encryption to secure all account data stored. All user passwords are one-way hashed using the bcrypt algorithm. The TLS protocol is used to secure all network communication between the client and our platform or AWS.
End users only get short lived session tokens
Our proprietary authorization system dynamically generates short lived session based tokens, granting end users only the minimal permissions needed. Your S3 keys are never exposed or shared with end users.
AWS secured infrastructure
The shared edition of Yarkon is hosted by AWS, following all security guidance and best practices.
Single Sign On
Yarkon Server supports SSO using SAML2, so you can integrate Yarkon into your existing infrastructure.
Deployment options for every situation
Different customers have different needs and different security requirements. That's why Yarkon can be deployed to fit every situation.
You can use the shared Yarkon Cloud, hosted by us. Or, you can host Yarkon in your own Virtual Private Cloud, by deploying Yarkon Server from an EC2 AMI or as a docker container.