News & Knowledge

What file types work with Synkzone?

Synkzone handles all types and sizes of files – from simple text files to CAD files, images and large video files.

What is meant by private cloud?

Each customer in Synkzone’s SaaS service gets their own virtual private server, completely separate from other customers. For us, it goes without saying that you should have full control over your data.

What type of encryption do you use?

All files are encrypted with AES-256 immediately upon storage. This encryption is then unbroken until a trusted client decrypts them. In addition, files are encrypted once more during transportation – an extra layer of protection for maximum security.

Do you have protection against cyber attacks?

Yes, Synkzone has built-in ransomware protection that detects early and minimizes damage in the event of an attack. Should something happen, you can easily restore your files so that no information is lost.

Is it possible to track changes in the documents?

Yes, via our zone log, all participants in a zone can see who added, modified or deleted files. However, for detailed changes to a file, the application you use must support version history.

How does your pricing model work?

As a Synkzone partner, you usually pay a fee per active user, either monthly, quarterly or annually.

Do you support video conferencing?

No, Synkzone does not have built-in support for video conferencing, but we do work with several providers who offer secure solutions. Contact us to find out more.

Can you integrate other external cryptos?

Yes, we support external crypto solutions and can also customize security based on your specific requirements.

Do we need a VPN solution to work securely with Synkzone?

No, Synkzone is designed with security in mind where you don’t have to rely on infrastructure to work safely.

How is Synkzone delivered?

The most common delivery is our agile SaaS service but we can also deliver On-Prem.

Can you share information externally with Synkzone?

Yes, we distinguish between internal and external users, but you can share information as securely and easily externally as internally.

Can the public sector use Synkzone?

Yes, several public organizations already use Synkzone. Contact us and we will help you get started.

Does Synkzone have any “backup”?

Yes, Synkzone’s SaaS service stores your files in multiple copies (encrypted of course, inaccessible to anyone but you) so that they can be safely recovered in the event of an accident.

NIS and NIS2 – EU strengthens cybersecurity requirements

The EU’s Network and Information Security (NIS) Directive was introduced to strengthen the protection of critical services. NIS2 extends the requirements and covers more activities. The aim is to create a common resilience to cyber threats across the EU.

What is NIS2?

More industries are covered, including companies providing digital services.
Requirements to ensure that suppliers also meet safety standards.
Penalties similar to GDPR – high fines for non-compliance.
Management teams become directly responsible for ensuring cybersecurity.
Stricter requirements for encryption and secure information management.

How can Synkzone help?

Synkzone offers strong encryption and secure information management, making it easier to meet the technical requirements of NIS2.

Schrems II and Privacy Shield – when data transfers outside the EU become a risk

In July 2020, the European Court of Justice ruled that the EU-US Privacy Shield agreement did not provide sufficient protection for personal data. The decision, known as the Schrems II ruling, means that organizations must ensure that the transfer of data outside the EU/EEA meets the requirements set within the Union.

With Synkzone, you don’t have to worry, we guarantee that:

No data is at risk of being transferred to third countries without proper protection.
All storage takes place within Sweden and under Swedish legislation.
You retain full control over your own encryption keys.

General Data Protection Regulation (GDPR) – protection of personal data

The General Data Protection Regulation (GDPR) is one of the most comprehensive pieces of data protection legislation and aims to ensure that personal data is handled in a lawful, secure and transparent manner. It imposes clear obligations on all organizations that process personal data – and the sanctions for non-compliance can be significant.

The GDPR is based on seven basic principles of data protection:

1. Legality, accuracy and transparency – Personal data may only be collected and processed if there is a legal basis and if the data subject is informed.
2. Purpose limitation – Data may only be used for specific, explicit and legitimate purposes.
3. Data minimization – Only the data necessary for the purpose may be processed.
4. Accuracy – Data must be accurate and up-to-date.
5. Retention minimization – Data must not be kept longer than necessary.
6. Privacy and confidentiality – Personal data must be protected against unauthorized access, loss and intrusion.
7. Accountability – Organizations must be able to demonstrate that they comply with the rules and take appropriate safeguards.

Article 32 – security of data processing

Article 32 of the GDPR requires organizations to take technical and organizational measures to ensure the secure processing of personal data. This means, among other things:

• Encryption and pseudonymization of sensitive data.
• Secure storage and access control to prevent unauthorized access.
• Continuous monitoring and risk management of IT security.
• Incident management and reporting procedures to respond quickly to data breaches.

How Synkzone helps you comply with GDPR

Synkzone is built on security by design and privacy by default, which means that our solution is designed from the ground up to protect personal data and minimize security risks.

• Full control of data
  You always keep control of your data – no unauthorized person can access it, not even us.
• Strong encryption and secure access
  All storage and communication is done with end-to-end encryption, which means that only authorized users can read the information. No third party, no backdoor.
• Minimized risk of data breach
  Because your data is encrypted immediately upon storage and transmission, the risk of unauthorized access is reduced even in the event of a breach.
• Swedish and European legislation
  Synkzone is delivered from Swedish, ISO 27000-certified data centers, which means that all data is handled in accordance with EU legislation – without the risk of influence from foreign jurisdictions such as the Cloud Act or FISA 702.
• Personal Data Processing Agreement (PUBA)
  We offer Personal Data Processing Agreements (PUBA) to facilitate your obligations under the GDPR. This means that you get a clear and legally secure management of how personal data is protected within our service.

By using Synkzone, you ensure that:

• Privacy and confidentiality are maintained through encrypted storage and strict access control.
• Storage minimization can be implemented through automatic deletion rules and controlled access.
• Data subjects’ rights can be managed smoothly through clear transparency on who has access to personal data.

Cloud Act – the threat to data privacy

The US Cloud Act gives US authorities the right to demand data from US companies, regardless of where in the world the data is stored. The legislation is far-reaching and a US company cannot contract away or waive this right. If you use cloud services from US providers, this may mean that your data is disclosed – even if the servers are physically located in the EU.

How can Synkzone help?

Synkzone is a Swedish company and is subject only to Swedish and European law. Our services are delivered with Swedish technology on Swedish soil. We do not use any American cloud providers, which means that your data can never be covered by the Cloud Act or requested by foreign authorities.

FISA 702 – invisible mass surveillance

FISA 702 is a US law that allows intelligence agencies to collect information on foreign nationals without their knowledge. US tech companies are obliged to cooperate with the authorities – without informing their customers.

If your data is handled by a US provider, or a European provider using US cloud services, it may be subject to this legislation.

With Synkzone, you don’t have to worry. All our technology is Swedish, all storage takes place in Sweden and we are only subject to EU laws. If you use Synkzone, you never risk any data being handed over to either the US or any other foreign power.

Security Protection Act (2018:585) – protecting Sweden’s security

Security protection is about protecting the information and activities that are important for Sweden’s security against espionage, sabotage, terrorist crimes and certain other threats. Security protection is regulated in the Security Protection Act and the Security Protection Ordinance.

The Security Protection Act regulates how organizations that are critical to Sweden’s security must protect their information. It covers, among other things:

• Authorities and companies in energy, transport, telecommunications and defense.
• Businesses whose data is sensitive from a national security perspective.

If the information is mishandled, it can have serious consequences for Sweden’s security. Therefore, extra high protection is required – something that Synkzone can contribute to through strong encryption and strict access control.