Every file uploaded to NISC DropZone is encrypted with a strong encryption algorithm during the upload process before being placed in permanent storage.

Each file receives its own unique, randomly generated encryption key. Even if someone gained direct access to the server's file storage, they would be unable to read any files without the separate per-file encryption keys.

All connections to NISC DropZone are encrypted over HTTPS. Unencrypted HTTP connections are automatically redirected to HTTPS.

HTTP Strict Transport Security (HSTS) is enforced, which instructs browsers to always use encrypted connections when communicating with NISC DropZone.

No data — including passwords, file keys, or file contents — ever travels over an unencrypted connection.

A cryptographic hash is calculated for every uploaded file during the upload process. This hash serves as a unique fingerprint that can be used to verify the file was not altered or corrupted during transfer.

The hash is displayed to both the sender and recipient, and included in notification emails. See the FAQ for instructions on verifying file integrity.

Every file is scanned for viruses and malware during the upload process. If a threat is detected, the upload is immediately rejected and the file is deleted.

If the virus scanning service is unavailable, uploads are blocked entirely — no unscanned files are ever accepted.

NISC DropZone enforces strong authentication to protect user accounts:

• Strong passwords — Passwords must meet length and complexity requirements, are checked against a dictionary of common words and patterns, and are verified against a database of passwords known to have been exposed in data breaches (using a privacy-preserving method that never exposes your full password).
• Secure storage — Passwords are stored using an adaptive hashing algorithm with unique salts. Plaintext passwords are never stored or logged.
• Account lockout — Accounts are temporarily locked after repeated failed login attempts, with email notification to the account holder.
• Passwordless login — Passkeys (WebAuthn/FIDO2) are supported as an alternative to passwords, allowing sign-in with fingerprint, face recognition, or a hardware security key.
• Single sign-on — Organizational users can authenticate through their identity provider, eliminating the need for a separate password.

User sessions are identified by long, randomly generated tokens that are computationally infeasible to guess. Sessions automatically expire after a period of inactivity.

Session cookies are protected with industry-standard security flags that prevent JavaScript access, restrict transmission to encrypted connections only, and mitigate cross-site request forgery attacks.

NISC DropZone employs multiple layers of protection against common web application attacks:

• Content Security Policy — A strict policy prevents cross-site scripting (XSS), code injection, and unauthorized data exfiltration. Inline scripts and styles are blocked.
• Injection prevention — All database queries use parameterized statements, preventing SQL injection. User input is validated and sanitized before use.
• Security headers — The server enforces additional security headers that prevent MIME-type attacks, disable unnecessary browser features, block cross-origin resource access, and suppress information leakage.

File access is strictly controlled:

• Only the intended recipient can download a file, and only with the correct file key.
• Only the original sender can delete or manage their uploaded files.
• Transfers are restricted to ensure at least one party is from an authorized organization. Violations are logged and trigger administrator alerts.

NISC DropZone includes comprehensive monitoring and automated maintenance:

• Audit logging — All security-relevant events are logged, including logins, file operations, password changes, and administrative actions.
• Security notifications — Users receive email alerts for important account events such as password changes, account lockouts, and logins after extended inactivity.
• Automatic cleanup — Expired files, sessions, and unverified accounts are automatically removed. Inactive accounts are disabled after an extended period, with advance warning emails.