Built for security from the start

Yarkon is fully integrated with AWS IAM. It will never allow any end user any permission that was not explicitly granted by the AWS Admin of the account. You can apply any access policy in IAM, and Yarkon will follow it.

API keys are never shared with end users; end users only get short lived session based API keys. The system administrator can always promptly revoke a user access to the system, at any time.

User access can be defined at the account, role, group or user level. Permissions can be set at the bucket or folder level, and can be any combination of read-write and read-only.

The admin can optionally enforce strong passwords, and make users change passwords when their account is created. For extra security, users will be locked out after three failed login attempt - the administrator can unlock users at any time.

Enterprise grade security features

Industry standard data security encryption

Yarkon uses AES encryption to secure all account data stored. All user passwords are one-way hashed using the bcrypt algorithm. The TLS protocol is used to secure all network communication between the client and our platform or AWS.

End users only get short lived session tokens

Our proprietary authorization system dynamically generates short lived session based tokens, granting end users only the minimal permissions needed. Your S3 keys are never exposed or shared with end users.

AWS secured infrastructure

The shared edition of Yarkon is hosted by AWS, following all security guidance and best practices.

Single Sign On

Yarkon Server supports SSO using SAML2, so you can integrate Yarkon into your existing infrastructure.

Deployment options for every situation

Different customers have different needs and different security requirements. That's why Yarkon can be deployed to fit every situation.

You can use the shared Yarkon Cloud, hosted by us. Or, you can host Yarkon in your own Virtual Private Cloud, by deploying Yarkon Server from an EC2 AMI or as a docker container.