Security

Security that goes beyond storage— built for sharing

DocKosha is designed for teams sharing sensitive documents. We combine encryption with policy controls like watermarking, gated links, and privacy-first analytics.

Talk to us Explore features

Security controls at a glance

This page is a high-level overview for customers and security reviewers. If you need specifics for a questionnaire, contact us.

Baseline

Encryption in transit & at rest

Transport security via TLS and AES-256 at-rest encryption for data stored on our managed infrastructure (Supabase-managed).

Access

Authentication

Passwordless magic links and Google OAuth via Supabase Auth. Session handling is server-assisted for safer public link flows.

RBAC

Role-based access control

Workspace roles (owner/editor/viewer) and workspace-scoped access patterns help prevent accidental over-sharing.

Database

Row Level Security (RLS)

Database policies enforce workspace scoping and role-aware permissions, so users only see what they’re allowed to access.

Links

Secure sharing controls

Granular link controls like access gating (allowlist/blocklist + user groups), expirations, presets, and download restrictions help you ship a least-privilege sharing policy.

Audit

Internal audit logs

Internal audit logs help workspace owners understand member activity inside documents and data rooms.

Deterrence

Dynamic watermarking

Watermarks add accountability during viewing and downloads, reducing the risk of casual leaks or forwarding.

Privacy

Privacy-first analytics

Engagement signals help teams understand what was viewed without defaulting to unnecessary personal data collection.

Ops

Operational monitoring

Production monitoring via Sentry helps detect errors and performance regressions quickly without exposing secrets to the client.

How DocKosha approaches security

We treat secure document sharing as a product capability, not a marketing checkbox. Encryption is important, but preventing leaks often requires enforcing policy at the link, room, and document level.

Policy controls for sharing

DocKosha focuses on controls that stay effective after you click “share”:

Link-level permissions (view/download controls)
Gating (e.g., verification, allowlists/blocklists, NDA)
Expiration and revocable access patterns
Watermarking for accountability and deterrence

Privacy-first analytics

Viewer analytics are designed to surface engagement signals while minimizing sensitive data collection.

We avoid storing raw IP addresses
Identity is collected only when link settings require it
Events focus on viewing, downloads, and time spent

Reporting a vulnerability

If you believe you’ve found a security issue, email us with steps to reproduce and any relevant logs or screenshots.

Email supportPlease avoid sharing sensitive customer data in the initial report.