About security of ecloud.global

Since it’s a common concern for /e/ users, we’d like to clarify a few points:

  • ecloud.global is an instance of ecloud-selfhosting, which is based upon several open source projects.
  • Nextcloud server-side encryption is not used, since the data is stored next to the application and NC themselves suggest full-disk encryption in this case. That’s what we use for now – LUKS.
  • We have a long-standing relationship with a security expert in charge of hardening and monitoring our systems, including ecloud.global.

A few of the improvements applied to ecloud.global in regards to the base ecloud-selfhosting instance:

  • Performance tuning adapted to the scale of the service (number of users, storage size, etc).
  • We try to always keep the infrastructure and applications in compliance with the best available security hardening guidelines available such as DevSec Hardening Framework and CIS Benchmark for Ubuntu.
  • We apply process confinement techniques and mitigations provided by AppArmor and systemd.
  • We use Wazuh monitoring for threat detection.

If you think (or can prove) that there is a security vulnerability in ecloud.global or the ecloud-selfhosting project, please contact us directly: security AT e.email . Kindly use the following key to encrypt any sensitive disclosure: