Security is paramount at Cloudsmith, and we take pride in taking every precaution to secure the service. All communication and storage is encrypted in-transit and at-rest (with 256-bit or hardware-based encryption). Checksums and GPG signatures are provided to detect tampering. For increased trust you can also provide your own GPG key for signing.
Get detailed insight into all actions and events across your account, and get them in an auditable and exportable format. If you have strict requriements around regulation, compliance, and/or security, audit trails will ensure you have ultimate insight into how your account changes over time.
Drop Copy / Sync
Although Cloudsmith takes care of all your storage and distribution needs, sometimes it pays to have an offline or secondary Cloud backup of your entire package portfolio. With drop copy, we'll synchronise the raw content for all of your repositories to a target destination of your choice.