CYFR Vault — Zero-Knowledge Encrypted File Storage¶
CYFR Vault provides enterprise file storage with client-side AES-256-GCM encryption. Your files are encrypted before they leave your environment. CYFR never possesses your decryption keys and has no technical ability to access your data.
How It Works¶
- Client-Side Encryption — Files are encrypted in your browser or device using AES-256-GCM before transmission
- Customer-Managed Keys — Encryption keys are generated and held exclusively by you. CYFR servers never see plaintext keys
- Zero-Knowledge Storage — CYFR stores only ciphertext. Data at rest is unreadable without your keys
- Per-File Unique Keys — Each file gets a unique encryption key. Compromise of one key does not compromise others
Key Features¶
- Team Folders — Granular access controls. Read, write, admin permissions per folder
- Version History — 30-day version retention. Restore any previous version
- Immutable Backups — Ransomware protection via append-only snapshots
- Sharing Links — Time-limited, password-protected, download-restricted sharing
- Audit Trail — Every access, share, and modification logged to immutable ledger
- MSP Multi-Tenancy — White-label reselling. Isolated customer silos
Demo¶
Try the client-side encryption demo: cyfr.technology/demo/vault
Interactive Demo¶
Try client-side encryption in your browser: Launch Encryption Demo →
Quick Links¶
- Architecture — How encryption and storage work
- Encryption Model — Cryptographic details
- API Reference — File operations API
- Key Management — Best practices
- Deployment — On-premises and cloud options