Wuha was designed in a secure way from the design stage. The protection of your data has been thought of from the very beginning of the application. We do our utmost to maintain an extremely high level of cybersecurity. We would like to describe to you in complete transparency how your data flows in a waterproof and secure way through our system.
Do you have any questions? Contact the Security Team
Your data are hosted at OVH's Data Centers in France. Whether on the network, maintenance or server side, OVH is the most proven French hosting provider in terms of security:
Wuha only accesses the data you have access to. So if you log in to your Google Drive account, Wuha will only index the data you have access to. As soon as you lose authorization on a document, it will automatically be deindexed from Wuha servers. The same applies to the deletion of a document: it is immediately deleted.
In order to reduce the attack surface and limit communications between our services, our system is organized into separate clusters. A cluster is a group of machines and services. The objective is to ensure that each cluster can only communicate with the clusters to which it is authorized. The flow of information is in the form of a silo: it must be watertight and limited to the authorizations provided for. Data 1 can be exchanged between cluster A and cluster B. Thanks to this system, any attack will only be able to reach a certain type of data that will be difficult to exploit in isolation.
To further limit the risk of intrusion into our architecture, each subnetwork and server is protected by its own firewall, finely configured and specifically for the traffic expected to flow. This mechanism is in place to ensure that traffic on a cluster is benevolent and legitimate.
Here is a diagram that illustrates how your data flows and is protected.
First, your data will pass through a global firewall (in addition to the subnetwork firewalls mentioned above) that will ensure that you are benevolent and that you are allowed to pass. This firewall protects the entire structure of servers, applications and databases.
An access and traceability control allows all authorizations to be filtered to ensure that a user has the right to perform the requested action.
All your data circulating through our systems benefit from "in transit encryption": your data is encrypted throughout its transport. Encryption is performed by the SSL/TLS (Transport Layer Socket) protocol using the AES (Advanced Encryption Standard) 256 bits algorithm.
We assume that our system can always be improved even if we have already implemented all the security standards. We have thus developed a real safety culture within the Wuha team. We are constantly tracking down possible flaws and possible improvements to our system:
In other words, you can sleep and both ears, the Wuha team is working hard to protect your data.