Internal Identity & Access Management

Identity Management System

Files.com uses the Okta platform as its Identity Management System, managed by our internal engineering team. Okta uses SAML, OIDC, and SCIM to provide Single Sign-On (SSO) and automated user management across all internal and external applications and third-party vendors.

Each user is assigned a unique identifier, and password requirements follow the complexity standards in our Information Security Policy. Two-Factor Authentication (2FA) is enforced for all employees using physical, hardware-based tokens. These controls are reviewed as part of our annual SOC 2 Type II audit.

Role-Based Access Control (RBAC)

Files.com applies Role-Based Access Control (RBAC) to all systems. Access is granted based on the principles of least privilege and need-to-know, with permissions tied to defined roles. Role assignments are reviewed regularly and updated as needed to minimize risk.

Access is revoked upon termination of employment or contract, so that former personnel cannot reach external or internal systems.

Identity Lifecycle & Audit

The Files.com Information Security team conducts formal quarterly audits of all active employee and contractor identities. These reviews confirm that identities and their role assignments are accurate, current, and appropriate for each individual's responsibilities.

The audit also verifies that all access for former personnel has been fully deprovisioned. Any discrepancies are remediated promptly.

VPN Enforcement of Identity Controls

Access to internal systems is gated through our multi-layer VPN infrastructure, which is integrated with our IAM system. VPN access is disabled immediately upon termination.