Your files don't pass through us in plaintext
Files are encrypted before they reach Nomia's servers. We operate with zero access to your content by design, not by policy.
Independently audited, not self-certified
Third-party auditors verify our controls every year. Audit reports and data processing agreements are available to customers on request.
SOC 2 Type II
Annual audit covering security, availability, and confidentiality controls, performed by an independent CPA firm. Current audit period: July 2024 - June 2025. The full report is available to any customer from your account settings page.
Request audit summaryGDPR
Data processing agreements are available for all EU customers. Choose between data residency in Virginia (US-East) or Frankfurt (EU-West). Your DPA can be signed directly in account settings with no sales call required.
Download DPAISO 27001
International standard for information security management systems. Certified by BSI Group. Surveillance audit completed March 2025. Renewal certification scheduled for November 2025.
View certificateEnd-to-end encryption, no asterisk
Every file is encrypted client-side using AES-256-GCM before it is transmitted. The encryption key is derived from your workspace credentials and is never sent to Nomia's servers. In transit, all connections use TLS 1.3. Connections that do not meet that requirement are rejected at the load balancer, not silently downgraded.
What happens when you upload a file
key = derive(workspace_creds, pbkdf2_sha256)
ciphertext = aes_256_gcm.seal(file_bytes, key)
# Step 2: transfer (TLS 1.3 only)
upload(ciphertext) # key never transmitted
# Step 3: at-rest storage (3 zones)
store(ciphertext) # Nomia cannot decrypt
# Step 4: download and decrypt
plaintext = aes_256_gcm.open(ciphertext, key)
# decryption happens on your device
Authenticated encryption. Keys rotate per workspace on a 90-day cycle.
TLS 1.0 and 1.1 are disabled. Older clients receive a connection error, not a downgrade.
Key derivation uses 600,000 iterations. The derived key never leaves your device.
Every file open, download, and share event is timestamped, attributed to a user session, and stored for 12 months.
Availability zone redundancy per stored file
Virginia (US-East) and Frankfurt (EU-West)
Uptime SLA, backed by a financial credit guarantee
Point-in-time recovery with 30-day retention window
Infrastructure built for durability
Every file write is confirmed in three independent availability zones before Nomia returns a success response to your client. A zone failure does not trigger downtime. You do not need to configure anything for this protection to apply.
Geographic data residency lets regulated customers keep file data within a specific jurisdiction. Metadata and control-plane services run in US-East; customers who select the EU region store all file content and encryption blobs in Frankfurt.
View live system statusControls that give administrators real authority
Security policy should not require a support ticket to enforce. Every control below is configurable by any workspace admin, without contacting Nomia.
TOTP authenticator apps and hardware security keys (FIDO2/WebAuthn). Enforce 2FA organization-wide from admin settings. Members who have not enrolled are blocked from access until they do.
Connect Okta, Azure AD, Google Workspace, or any SAML 2.0 identity provider. SSO is available on Professional and Enterprise plans. Just-in-time provisioning is supported.
Configurable session duration (1 hour to 30 days). Automatic timeout after inactivity. Force re-authentication before bulk download or permission changes. Admins can revoke individual sessions immediately.
Tamper-evident log of every file access, download, share link creation, permission change, and login event. Retained for 12 months. Exportable as JSON or CSV. Forwarding to a SIEM is available on Enterprise.
Restrict dashboard and API access to approved IP ranges. Supports IPv4 and IPv6 in CIDR notation. Attempts from outside the allowlist are rejected with a 403, not redirected to login.
Four roles per workspace: Viewer (read-only), Editor (upload and edit), Admin (manage members and settings), and Owner (billing and deletion). Roles are per-workspace, so the same person can have different permissions in different spaces.
What we protect against, and where responsibility lies
Zero-knowledge design eliminates an entire category of risk. But no vendor eliminates every risk. Buyers who are evaluating a storage vendor for sensitive data deserve a clear picture of both.
Protected by Nomia's design
- Unauthorized access to file contents from a server-side breach of Nomia's infrastructure
- Interception of file data in transit between your device and our servers
- Insider access to file contents by Nomia employees or contractors
- Data loss from a hardware failure or availability zone outage (3x zone redundancy applies to all stored files)
- Session hijacking via expired or revoked credentials, enforced at the platform level
Outside Nomia's scope
- Client-side malware or keyloggers on the user's own device, which can capture plaintext before encryption occurs
- Account takeover via credential sharing, phishing, or password reuse on unrelated services (mitigated but not eliminated by 2FA enforcement)
- Compelled disclosure under lawful legal process targeting your jurisdiction (Nomia complies with valid legal orders; zero-knowledge means we cannot produce plaintext file contents)
- Deliberate deletion or destruction of files by an authorized user or admin with sufficient workspace permissions
- Content-level compliance screening or DLP scanning (Nomia does not inspect file contents; customers requiring content scanning must apply it before upload)
Questions about our threat model or penetration test results? Contact our security team.