Secure The File

Storm partnered with FinTech start up SecuretheFile to develop a digital vault to help people securely organise, store and share their most important life information and documents.

A safe place to securely organise, store and share

6
categories to choose from
2
Factor authentication
256
Bit encryption

The Challenge

The digital vault comes with dozens of pre-organised categories along with content and guides to help people at all stages of their life journey.

The value proposition is focused on helping financial advisers comply with GDPR by enabling their clients to be in control of their own data and files. The nominees and sharing functionality within SecureTheFile  enable IFAs to continue to access documents to support client renewals and inter-generational and estate planning.

Storm collaborated with the experienced SecureTheFile team in delivering the product using agile principles through Discovery, Alpha, Beta and Live stages.

Storm brought to bear a full range of skills to the project including product management, user experience and interface design as well as our proven capability in architecting and developing highly secure cloud hosted web applications - making use of Azure security services such as Azure Key Vault and Managed Identity Service.

 

Key Features

  • Security

    Use of Content Encryption Keys with a Master Encryption Key in conjunction with Azure Key Vault was chosen as the best approach to encrypt data at rest for the Secure the File product.
  • Multi-factor Authentication

    During discovery stage it was established that a mandatory second factor was needed for all customers and IFAs to provide adequate authentication security for accessing the service
  • Consent

    One of the driving features of the Secure the File product is customers having ownership over their own files and information. The customer should provide consent, during the on-boarding process, to the Secure the File application to process their data. Customers will also be able to provide explicit consent for other Secure the File users, such as IFAs and para planners, to access their data. Customers will be able to revoke consent at any time.
  • Hosting

    The application and its components were contained within a “virtual network” designed to isolate it from other services and the public internet. This virtual network provides a security and access boundary through which only specific, defined access is allowed via additional Azure services or network security rules.

Security

Encryption

Use of Content Encryption Keys with a Master Encryption Key in conjunction with Azure Key Vault was chosen as the best approach to encrypt data at rest for the Secure the File product.

Multi-Factor Authentication

Second factor authentication is mandatory for all customers and IFAs to provide adequate authentication security for accessing the service

Consent Driven Access

Customers can choose to provide explicit and granular consent to nominees and IFAs to access parts of their data. Customers can revoke consent at any time

Get in Touch