Is there any alternative using some third party to upload/store the files with JotForms?

  • Christian Fisette
    Asked on August 24, 2016 at 2:11 PM
     We would like to collect some sensitive files within our forms (like curriculum vitae for exemple). Is there alternatives, like using some third party to upload/store the files ?
  • Kiran Support Team Lead
    Replied on August 24, 2016 at 2:18 PM

    You may consider integrating Google Drive or DropBox to you JotForm so that the form submissions and the attachments will be uploaded directly to your cloud storage account. 

    Hope this information helps! If you have any other questions, please let us know. We will be happy to help. 

  • Christian Fisette
    Replied on August 24, 2016 at 2:38 PM

    That would be better, but are files uploaded ONLY to Google/Dropbox ? As files.jotform.com does not support authentication or encryption, uploaded files stored there are only secured through not knowing its url (i.e. not much at all).

    In some of our usecase, some sensitive information can be inside documents, and we can't have those files stored in files.jotform.com, even for a short period of time. That's sad, because the protection on form data (other than uploded files) is rock solid. 

    I understand that client-side encryption of files can be tricky, but can we have at least authentication on jotform file servers ?

  • Kiran Support Team Lead
    Replied on August 24, 2016 at 2:58 PM

    Please be noted that we use Amazon S3 services to store the files which is secured. You may refer to the FAQs of Amazon S3 services security for more information. The submissions received to the form can be accessed only when you are logged in to your JotForm account. Also, the Form IDs or submission ID are impossible to guess to see any submissions or files uploaded.

    The submissions or the files uploaded will be stored in the JotForm servers and then uploaded to Google Drive or Dropbox. If you do not want the submissions to be stored in JotForm servers, it is required to delete them manually. Unfortunately, there is no workaround for this at the moment. Since the issue with the encryption using the file uploads is forwarded to our backend team already, we hope it will be implemented soon. We cannot provide you any ETA in this regard, but you'll be posted on the other thread if there is any update.

    Thanks!

  • David JotForm Support Manager
    Replied on November 2, 2016 at 12:27 PM

    Update: you can now secure your uploaded files even more by making the links only accessible when you are logged into your JotForm account, please check this post for more information: https://www.jotform.com/blog/259-Keeping-Your-Uploads-Secure