Skip to content

Secure credentials transfer to Laavat

Overview

This chapter explains how you can securely upload files using a SharePoint Request File link provided by LAAVAT. The process is designed to protect your data with robust security measures, ensuring safe and controlled file transfers. On our side, access to your data is restricted to a limited number of authorized personnel and is managed under a two-person principle for maximum security.

Preparing Authentication Credentials for Transfer

After generating your authentication credentials (as described earlier in this document), you must securely prepare them for transfer:

  • Entra ID: Copy the client secret and paste it into a text file (e.g., client_secret.txt). Save the file in a secure location with restricted access.
  • Google Authentication: Save the OAuth client JSON and service account JSON files (e.g., oauth_client.json and service_account.json) in a secure location with restricted access.

Preparing MTLS truststore for transfer

Create a .pem file with one or more complete chains of trust, each starting from the issuing CA certificate to the root CA certificate. The maximum length for any single certificate chain is four certificates.

The following algorithms are supported in the truststore:

  • SHA-256 or stronger
  • RSA-2048 or stronger
  • ECDSA-256 or ECDSA-384

After your application credentials are prepared for transfer, request a secure upload link from support@laavat.io.

Follow these steps to upload your files:

  1. Receive the Link: You will be sent a unique upload link via an email.
  2. Access the Link: Click the link to open a SharePoint upload page in your web browser. No Microsoft account or login is required.
  3. Upload Files: Drag and drop your files or click to select them from your device. Once uploaded, the files are securely transferred to our designated SharePoint folder.
  4. Confirmation: After uploading, you will see a confirmation message. You cannot view, edit, or delete the uploaded files, ensuring your interaction is limited to uploading only.

How Your Data Is Protected

The SharePoint Request File feature is designed with security measures to safeguard your files during transfer:

  • Upload-Only Access: The link allows you to upload files but prevents you from viewing, editing, downloading, or deleting any content in the folder. You cannot see other files or identify other contributors, protecting your privacy.
  • Temporary Link: The upload link is valid for 7 days. Once it expires, no further uploads are possible, reducing the risk of unauthorized access.
  • Secure Storage: Your files are stored in a protected SharePoint folder with strict access controls. On our side, only a small group of authorized personnel can access your data, and any interaction requires two individuals to ensure oversight and accountability.
  • Encrypted Transfer: Files are transferred over a secure, encrypted connection, protecting them from interception during upload.
  • Activity Monitoring: All upload activities are logged and audited to ensure compliance and detect any irregularities.

Best Practices for You

  • Verify the source of the upload link to ensure it comes from LAAVAT.
  • Upload files promptly, as the link has a limited validity period.
  • Avoid sharing the link with others, as it is intended for your use only.
  • Contact us immediately if you encounter any issues or suspect the link’s security has been compromised.

By using the provided SharePoint upload link, you can confidently transfer your files, knowing they are protected by industry-standard security measures and handled with strict access controls on our end.