<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=348068&amp;fmt=gif">
Couchdrop Cloud SFTP logo

At Couchdrop we understand that your data is sensitive and valuable and that is why we put data security at the forefront of everything we do.

Here are some of the ways that Couchdrop keeps your data secure.


Couchdrop SFTP

Couchdrop SFTP is the SFTP server for the cloud. 




Movebot makes data migrations frictionless and is built on Couchdrop's cloud technology.



Data encryption

All data that passes between you and Couchdrop is encrypted using industry-standard security protocols.

Couchdrop encrypts all data at rest with AES-256, including databases, document files, backups and logs.

Data is protected in transit using HTTPS with TLS 1.2 and above and SSL via SFTP and FTPS.

Key management 

Couchdrop follows strict and modern key management techniques using 1password and Doppler for password and production key/config management


Access control and Infrastructure

Couchdrop's server instances, file storage and databases are provided and hosted by either Digital Ocean or Amazon Web Services.

Digital Ocean and Amazon Web Services have achieved SOC2 (SAS70 Type 2) and ISO 27001 certifications.

Only explicit engineering team members have access to production systems and data. Access is governed by internal security policies and requires CTO approval.

Background verification checks

All new staff undergo police and reference checks prior to being employed. 


Confidentiality requirements

All employees are subject to perpetual confidentiality agreements.

Security awareness

All new employees participate in an information security induction and are required to review and sign Couchdrop's information security policies prior to their first day.

New employees also participate in an online security awareness training program as part of their onboarding and receive refresher training annually thereafter.

Couchdrop conducts periodic security awareness sessions for all staff annually on selected security and privacy related topics


Development process

All changes to the Couchdrop platform go through formal change control procedures. Couchdrop follows a Lean Kanban approach to development ensuring that Couchdrop is constantly delivering value to its customers. 


Couchdrop follows OWASP security principles by design and all development is peer reviewed before going through approval gates by a software architect, QA manager and senior management prior to production release.


Updates and patches

Couchdrop's web and file servers run the Ubuntu Linux operating system distribution (currently, version 18.04 LTS) which is delivered via Docker containers. 


Couchdrop subscribes to the security announcement mailing lists for Linux, Ubuntu and Python, as well as other platform dependencies. Critical security updates are deployed as soon as possible once they are released, this is done by using the automatic package upgrade installation system.


Couchdrop utilises Docker Hub's vulnerability scanning platform and Datadog's SCIM platform for security event monitoring.

Security and Compliance Certifications


SOC_CPA_Blue.              Cyber-Essentials-Badge-High-Res

Request a copy of our security pack

The Couchdrop Security pack contains everything your organisation needs to get started on a security assessment of Couchdrop.


Contact us