Voir en


Computer Security: A "file drop" for confidential data


Do you often find yourself in situations where you would like to share documents with your colleagues, or need to ask people to provide you with documents? Given that many encryption solutions (in particular e-mail encryption) require a certain level of IT skills, such documents invariably end up being requested and sent via e-mail and are therefore unencrypted and hence visible to anyone, as the standard e-mail protocol does not come with any protection. Confidentiality rating: zero. This means only one thing: alternative communication channels are needed…

Rather than using e-mail, why not try CERN IT’s CERNbox service? It encrypts the transmission of documents during the sharing process, avoids the proliferation of copies by offering a single place to deposit a file, and allows revocation of access (useful for example in the case of erroneous attachments or recipients). Even better, for receiving documents it allows you to create a unique web address where anyone can deposit a file for you.

This means that it represents the perfect method to allow anyone to upload files intended to be shared with you in a secure and confidential manner. It is a “file drop” functionality where anyone can “drop” any kind of file into a dedicated folder, which is only accessible to you and to those whom you expressly grant access. Using a web browser, and a secured HTTPS connection, the communication is well encrypted using an established web standard. Via this method, files can easily be dropped from any Internet-connected device. All you need to do is to provide your external clients a unique web address (like https://cernbox.cern.ch/index.php/s/ LnBpPZvmsoFEEWi) where they can upload any file required. Once this is done, no one but you will be able to see it. Overwriting or deleting the information is also impossible.

So if you are working for a service which regularly requests documents from third parties or external collaborators, CERNBox is particularly useful as you can set up a unique web address which can be given to anyone. So, give it a go! Here is the recipe:

1.) Go to https://cernbox.cern.ch and log in;
2.) Create a new folder by left-clicking on the “+” symbol on the middle-top, select “Folder” and give it a name;
3.) Once created, Left-click the “<” (share icon) on the right-hand side of your folder: a menu will open up;
4.) Under “Sharing”, select “Public Links” and click on “Create public link”;
5.) Select “Upload only (File Drop)” and click on “Share” (you can also define a password and an expiration date, but please note that this is not recommended here);
6.) In the right-hand menu, you will then see an entry “File Drop” and below it a unique link/URL. This is the drop box folder you can now securely share with your peers for upload;
7.) Check the folder regularly to see newly uploaded files.

A detailed step-by-step guide can also be found here: https://cernbox-manual.web.cern.ch/cernbox-manual/en/sharing/share_a_folder.html#link-share-upload-only.


Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.