Security & Compliance

DocBeacon is designed with security and privacy-by-default principles. This page summarizes our current security controls, data protection measures, and compliance posture based on our implementation and hosting model. It complements (but does not replace) our Privacy Policy and Terms of Service.

1. Data Storage and Encryption

  • Storage Providers: DocBeacon supports multiple storage backends configured via environment variables. For Amazon S3 or Cloudflare R2, we generate short-lived presigned URLs for secure access to private objects.
  • Server-Side Encryption (S3/R2): Where S3/R2 is used, server-side encryption with AES256 is enabled for stored objects as part of our default configuration.
  • Cloudflare R2: When using Cloudflare R2, we implement S3-compatible API with presigned URLs for secure access. All uploads are private by default and accessed through time-limited signed URLs.
  • Hashing and Integrity: For uploaded documents, we calculate content hashes (e.g., SHA-256) to support integrity checks and deduplication where applicable.
  • Transport Security: All traffic to the DocBeacon application is served over HTTPS using TLS. When accessing files via presigned URLs, the links are likewise served over HTTPS.

2. Authentication and Session Security

  • Passwords: We hash passwords using bcrypt with a cost factor of 12 by default (configurable), and we never store plaintext passwords.
  • JWT Sessions: We issue JSON Web Tokens (JWT) with a default expiration of 7 days. Tokens are signed with a secret configured via environment variables. Rotation or shorter lifetimes can be configured based on your risk profile.
  • Session Store: We maintain session records in our database to support login state and revocation workflows, and to enforce lockouts where applicable.
  • Login Protection: We enforce account lockouts after repeated failed attempts (default max attempts 5; default lockout 15 minutes). These values are configurable.
  • OAuth: We support Google OAuth and implement CSRF protections and redirect URL validation as part of the provider flow.

3. Cookies and Consent

  • Essential Cookies: We use essential cookies required to operate the Service (e.g., authentication, session continuity, security).
  • Analytics: We may use privacy-conscious analytics with appropriate consent or opt-out mechanisms depending on jurisdiction.
  • Consent Banner: Where required, we display cookie consent notices and honor your preferences for non-essential cookies.

4. Document Sharing and Access Controls

  • Download Controls: Owners can disable downloads for shared documents; when disabled, the UI and underlying routes restrict direct file export.
  • Dynamic Watermark: Optional dynamic watermarks can be applied to deter unauthorized sharing.
  • Link Expiration: Share links can be configured to expire after presets (e.g., 3 days, 1 week, 1 month) or a custom date.
  • Password Protection: We support password gating for site access and account-level flows. For document-level access, use link expiration, download disablement, and watermarking today; additional share-password features may be introduced based on demand.
  • View-Only Mode: Certain links can be restricted to preview-only experiences to reduce data exfiltration risk.
  • Presigned URLs (S3/R2): For S3/R2 storage, downloads are served via presigned URLs with a short expiration to prevent long-lived public exposure.

5. Auditability and Logging

  • Activity Logs: We log key security-relevant events (e.g., sign-in attempts, document views/downloads, and administrative changes) to support incident investigation and usage analytics.
  • Aggregations and Metrics: We aggregate usage statistics (e.g., unique viewers, downloads) for owners to monitor document engagement.
  • Data Minimization: We avoid storing unnecessary personal data in logs and redact or pseudonymize content where feasible.

6. Secrets and Configuration Management

  • Environment Variables: Sensitive keys (e.g., JWT secret, OAuth credentials, storage keys) are provided via environment variables. We do not hardcode secrets in source code.
  • Key Rotation: Keys can be rotated by updating environment variables and restarting the application; we recommend periodic rotation as a best practice.
  • Principle of Least Privilege: When configuring S3/R2 or other providers, we recommend scoped IAM roles and access policies limited to required buckets and actions.

7. Incident Response

  • Detection and Triage: We monitor for anomalous behavior and error signals across the stack.
  • Notification: In the event of a confirmed Security Incident impacting personal information, we will notify affected customers without undue delay and provide information to help meet legal obligations. Where required by law, we use commercially reasonable efforts to issue initial notice within 72 hours after confirmation.
  • Containment and Remediation: We prioritize containment, revoke affected tokens/keys as needed, and issue patches to address root causes.

8. Compliance and Data Processing

  • Controller/Processor: For account, billing, support, website, and service analytics data we collect directly, we act as an independent controller. For Customer Content you upload to DocBeacon, we act as a processor on your behalf.
  • Data Processing Addendum (DPA): We make a standard DPA available on request that includes appropriate cross-border transfer mechanisms (e.g., EU SCCs and UK IDTA where applicable).
  • International Transfers: Where required, we implement recognized transfer mechanisms and safeguards.

9. Known Limitations and Roadmap

  • Cloudflare R2 Access Model: R2 uploads are private by default with presigned URL access control. This provides enhanced security compared to public storage solutions.
  • IP Allowlisting: Native IP allowlists are not yet available. If this is critical to your use case, contact us to discuss alternatives (e.g., reverse proxy or enterprise features).
  • Granular Share Passwords: Document-level password policies are on our roadmap based on customer demand; today, use link expiration, download disablement, and watermarks for additional protection.

10. Contact

If you have questions about this page or require a signed DPA, please contact support@docbeacon.io. For security vulnerabilities, please include steps to reproduce and relevant logs where possible.