Basic information:
The security of our users and their data is our priority at wflow.
We implement robust, industry-standard security measures to minimize risk, including:
Scanning uploaded files for known threats.
Regular updates to our systems to address emerging vulnerabilities.
Use of up-to-date antivirus programs.
Meeting the requirements for ISO 27001 certification
However, no system is completely immune to potential threats, especially for files shared or uploaded from external sources.
Users must also actively contribute to their own security.
Dangerous files
Dangerous files are files that may contain malicious code, exploit vulnerabilities or pose risks to your device or personal data.
These risks vary depending on the operating system and software you are using.
For example:
Windows:
Executable files: .exe, .bat, .cmd, .msi, .scr
Scripts: .vbs, .ps1, .js
Office files with macros: .docm, .xlsm, .pptm
macOS
Applications: .app, .dmg, .pkg
Shell scripts: .sh
Office files with macros: .docm, .xlsm, .pptm
Linux
Binary files and Scripts: .sh, .run, .deb, .rpm, executable shell scripts
Compressed archives: .tar.gz, .zip, .7z (if they contain malicious content)
Cross-platform risks
Dynamic content files: .html, .htm, .mht (may contain malicious scripts or links)
Media files: some .pdf, .svg, .gif, .mp4 exploiting vulnerabilities in browsers or players.
Compressed archives: .zip, .rar, .7z
These types of files can be used by attackers to:
Execute malicious commands or scripts.
Delivery of malware or ransomware.
Exploit vulnerabilities in your operating system or software.
User responsibility:
While we take measures to ensure the security of files. Users are responsible for the following aspects of security.
Verify credibility: only download and upload files from trusted sources.
Scan files: use antivirus software to scan files before you open or upload them.
Use appropriate software: Work with files using secure, up-to-date applications.
Apply system updates: Keep your operating system and software up to date.
Sandboxing files: Open suspicious files in a virtual machine or sandbox environment.
While we strive to secure our platform, we cannot guarantee the security or integrity of every file shared through our services. We disclaim liability for any harm, loss of data or compromise resulting from handling of dangerous files.
Recommended practices for working with files.
To minimize risks, follow these practices:
Use up-to-date antivirus and security software for Windows, macOS and Linux.
Avoid opening files with known risk file suffixes unless their source is verified.
Back up important data regularly so you can restore it in the event of a security incident.
By using wflow, you agree to this policy and acknowledge your role in maintaining your own safety. We remain committed to doing everything we can to ensure your safety and protect your data.