How secure is filedrop?

All files are transferred across the network securely encrypted.

If you are sending personal or confidential data, tick "Encrypt every file" when creating a new drop-off. Then the passphrase you enter must be used when downloading the drop-off. The passphrase is not stored on filedrop, and cannot be recovered if lost. No one can access the files without it.

All files uploaded and temporarily stored on filedrop are held on equipment owned and operated at SUNY Potsdam's own Data Centre.

All data is subject to the Data Protection regulations and laws of SUNY Potsdam and the country.

filedrop is in no way a "cloud" service. Everything is stored (even temporarily) on equipment directly owned by SUNY Potsdam, and managed by its own IT staff.

All access to data is very tightly and strictly controlled by SUNY Potsdam. All accesses to data on filedrop are logged and can be easily checked if you are ever concerned that a 3rd party might have gained access to your data.

Furthermore, uploaded data is only held on filedrop for a maximum of 14 days, after which time it is automatically deleted. There is no "undelete" facility available at all. No backups are taken of the uploaded data (it's only a transitory stopping point), so no uploaded data ever moves off filedrop itself onto other equipment or media such as backup tapes. After an uploaded file has been deleted, there is no way of recovering the file.

Retrieval of a drop-off by a recipient can only be done with both the drop-off's Claim ID and Passcode.
When dropping off files, you can choose not to send either or both of these to the recipient automatically: you would then need to send that information by hand yourself.