Filestack is committed to keeping your files safe. We’re making some changes to our security policy on September 30, 2024, to make it even stronger. These updates are designed to better protect your sensitive information. Below is a breakdown of what’s changing and how it might affect you.
What is Filestack’s security policy?
Filestack API’s security policy is a mechanism that sets rules to control access to stored files, using parameters like expiration, file path, and allowed actions (such as read, write, etc.). It ensures that files are accessed securely and according to customers’ needs.
What changes are being made to Filestack’s security policy?
As part of an ongoing review of our policies, we are planning to make some changes on 30-September-2024 to further harden Filestack’s security by enhancing how we manage and restrict access to sensitive data.
What is changing in Filestack’s API security policy?
We are enhancing our security policy to implement more precise access controls. Going forward, each set of security credentials will be uniquely tailored to specific file paths.
How does the change affect Filestack users?
If the Security Policy is not appropriately applied from the customer side, then their Users may encounter “invalid security policy path” errors when trying to access their files and workflows, indicating that their existing access practices were inadvertently disrupted by the security update.
How can I identify if my security policy implementation will be affected?
To determine if your current implementation will be affected, check if you have enabled the security policy with file path by logging in to the Dev Portal and Navigating to Security > Policy & Signature section. In case you have a security policy with path enabled and the security policy is wrong you might encounter “invalid security policy path” errors. Review your security policies to see if they specify unique paths for different file access requirements. Also, review the security policy for each of your workflows.
How should I adjust my implementation in response to the security policy change, and where can I find additional resources?
If your implementation is affected by the security policy change, start by reviewing and adjusting the paths assigned to your security policies to ensure alignment with the intended file paths. For a comprehensive understanding, including examples and best practices, visit our detailed documentation at https://filestack.com/docs/security/policies/#enforcing-security-policy-with-path
You can set the security policy at the file or folder level or globally. To apply security policies globally, you can set up the security policy with root access and use that policy for the retrieval process. This will apply the same policies to all of your Filestack files
If you have any questions regarding this update, please contact us at support@filestack.com
Product Marketing Manager for Filestack. A technology enthusiast at heart.
Read More →