In the digital age, safeguarding data integrity and security is a top priority. To ensure that files uploaded by clients during data collection are free from malware and other malicious content, Cellosign has integrated advanced file cleansing technology into its platform.

This integration acts as a robust layer of security, meticulously scanning every file uploaded into forms. The process involves real-time inspection and sanitization of documents, ensuring that only clean, safe files are accepted before being archived. This proactive approach mitigates risks associated with file-based attacks, protecting both users and the system from potential vulnerabilities.

Beyond security, the integration enhances user trust, offering peace of mind that their data and interactions with Cellosign are handled securely. It also aligns with industry compliance standards, reinforcing Cellosign’s commitment to delivering a reliable and secure document management experience.

This seamless file cleansing feature empowers businesses to collect data confidently, knowing that every document meets stringent security requirements. With this integration, Cellosign continues to set a benchmark in secure, efficient, and trustworthy digital solutions.

How it works?

File cleansing integration does not work by default. You will need to activate it. See “Setting up File Cleansing integration” below.

Couple of points before explanation on how this works.

1. Files and images in Cellosign retained as base64 encrypted files. They are never stored as file objects when collected from clients and users. Also when shipped to your endpoints via API (archive) files are delivered in base64 as well.
2. Cellosign has co-browse extension, so user and an agent can sync data in between. For example client can upload a file and an agent can download it for inspection
3. Data collected in form is preserving its state. As such files and images are stored in Cellosign DB until form is submitted or expired.

Our approach for securing and validating the files is by allowing only clean filles to be uploaded into our database, while exposing as little as possible to a potential attacker.

In case a file was successfully uploaded, it will be stored in Cellosign DB and be available to sync any which way, given the appropriate permissions. In this manner we are ensuring that only validated data is stored and ready to sync and distribution.

What is not covered in file cleansing integration?

There are a few endpoints in which Cellosign accept files and images for which File cleansing integration is not covered. All the endpoints below require authenticated user

1. API. Inbound files and Images from your application API to Cellosign.
2. Management application when constructing new template
3. Agent app when uploading a PDF for ad hoc transaction

Setting up File Cleansing integration

To setup file cleansing integration, log in to application console and click projects page.Locate pane “Secured file upload”.

In addition please note the switch “Allow upload if service is not available” (Default to false). Because we are using 3rd party provider service for file cleansing, we need to be ready for events that are beyond our control. Having that we are leaving to your disposal the option to allow upload in case file cleansing service is not available. We recommend that it will remain switched off. Rest assure that we have taken our stand to monitor the service and take action as needed.

Audit log

Each file uploaded to cleansing is recorded in Audit log. Log is preserved in case of success as well as failures. Following are audit details.