Features Platform Sovereignty SFTP & API
Enterprise-Grade · Data Sovereign · Compliant

Your data.
Your region.
Your rules.

EidoVault delivers private cloud storage built for enterprises with strict data residency requirements — KSA, UAE, and beyond. SFTP gateway, AI document intelligence, real-time collaboration, and full audit visibility out of the box.

See it in action
AES-256 encryption at rest Regional data residency Full audit trail

Built for enterprise

Everything your security team will ask for

EidoVault ships with the controls, audit trails, and access policies that regulated industries demand — without a year of custom integration.

Envelope Encryption

Every file encrypted with a unique DEK wrapped by your Cloud KMS master key. Unreadable even to infrastructure operators.

SFTP Gateway

Drop-in SFTP access for legacy systems and automated pipelines. Standard port 22 — no client changes required.

Multi-Factor Auth

TOTP-based MFA enforced on every login. OIDC federation available for SSO with your existing identity provider.

Immutable Audit Log

Every upload, download, role change, and login written to a tamper-proof bucket. Exportable for compliance at any time.

Granular Role Control

Six distinct access levels — System Admin, Storage Admin, Uploader, Viewer, Auditor, Support Engineer — with no permission overlap.

File Versioning

Every file version retained and recoverable. SHA-256 hash per version. Accidental overwrites and ransomware handled without panic.

Antivirus Scanning

ClamAV scans every upload before it lands in storage. Infected files quarantined automatically and flagged in the audit log.

Controlled Sharing

Share internally, via password-protected links, or public URLs — with expiry dates, download limits, and per-share access logging.

Real-Time Collaboration

Multiple users edit spreadsheets simultaneously. Live presence indicators show who's in the document. WebSocket sync, no conflicts.

AI Document Intelligence

Ask questions, get summaries, auto-tag documents. Bring your own OpenAI, Claude, or Gemini key — queries run entirely inside your deployment, never outside your region.

REST API & Webhooks

186 endpoints across 21 resource types. Scoped API keys with read/write control. Webhooks for file events and audit log streaming.

White-Label Ready

Custom org name, logo, and brand colour across the entire interface. Deploy under your own domain with your own identity.

Platform Preview

See every control surface

Product screens from the file workspace, real-time editing, security administration, version recovery, and SFTP transfer flow.

vault.yourorg.com
EidoVault main file workspace
Real-time spreadsheet collaboration
Admin policy and security controls
File version history
secure transfer session
$ sftp -i ~/.ssh/eidovault_key [email protected]
Connected to private regional endpoint.
sftp> cd /landing/reports
sftp> put quarterly-risk-report.xlsx
Upload complete · encrypted · versioned · audit logged
sftp> ls -lh
quarterly-risk-report.xlsx 5.7MB ready
Standard SFTP and REST API access, routed through encrypted storage policy with every transfer logged.
SFTP Gateway
No client rewrite
Legacy jobs keep using standard SFTP while storage policy is enforced centrally.
REST API
Scoped access keys
Automate uploads, metadata, sharing, retention, and audit export through controlled endpoints.
Audit Trail
Every transfer captured
Actor, source, file hash, timestamp, and destination path are recorded per event.

Drive-style file workspace

Home, Shared, Recent, Starred, Trash — with a full folder tree and instant search. Grid or list view, drag-and-drop upload, and a storage quota indicator.

Drag & drop upload Grid / list view PDF & spreadsheet preview Storage quota

Real-time spreadsheet collaboration

Multiple users in the same sheet simultaneously. Live presence indicators, in-browser editing, and automatic version save — no checkout flow required.

WebSocket sync Live presence In-browser editing Auto version save

Admin policy and security controls

Toggle public sharing, set link-expiry defaults, restrict upload file types, and review live user metrics and storage usage — all from one dashboard.

IP allowlist Sharing policies Upload restrictions Usage dashboard

Complete file version history

Every file version retained with timestamp, actor identity, file size, and SHA-256 hash. One click to restore any previous version.

SHA-256 integrity One-click restore Actor traceability Retention policies

SFTP transfer workflow

Existing scripts and teams can push files over standard SFTP while EidoVault handles folder placement, encryption, versioning, and audit capture behind the scenes.

Port 22 workflow Legacy system ready Encrypted landing zone Audit logged

Data Sovereignty

Stays in your region. Always.

EidoVault deploys entirely within your chosen cloud region. No data ever crosses a border you haven't approved. Storage, keys, database, and compute — all pinned to the region you specify at provisioning time.

Built for enterprises in jurisdictions with strict data localisation laws, including KSA NDMO, UAE data protection regulations, and GDPR-constrained environments.

KSA Compliant UAE Ready GDPR Compatible CMEK Encrypted
Private
Dedicated infra — no shared tenants
0
Cross-border data transfers
100%
Events captured in audit log
256-bit
AES encryption at rest

SFTP Gateway & REST API

Legacy systems.
Modern security.

EidoVault exposes a standards-compliant SFTP endpoint and a full REST API — so existing workflows integrate without modification, while benefiting from encryption, versioning, and audit controls underneath.

  • Standard port 22 — no client changes needed
  • SSH key and password authentication
  • Per-user home directory isolation
  • All transfers logged to audit trail
  • Bandwidth and file-size limits per account
  • Source IP allowlisting per user
186
REST endpoints
21
Resource types

Full REST API with scoped keys

Bearer token auth with read/write scope control. IP allowlist enforced on API traffic. Webhooks for file events and audit streaming.

Bearer auth Read / Write scopes IP allowlisted Webhooks
# Connect via SFTP with SSH key
$ sftp -i ~/.ssh/key [email protected]
 
Connected to sftp.vault.yourorg.com.
sftp> put quarterly_report.pdf reports/
Uploading... 100% ✓ Encrypted · Versioned · Audited
 
# Or call the REST API
$ curl -H "Authorization: Bearer ssk_…" \
     https://vault.yourorg.com/api/v1/files
 
[{"id":"f_01j…","name":"report.pdf",
 "size":2461184,"version":3,"hash":"sha256:…"}]

Built-in Intelligence

Ask your documents anything

Every file in EidoVault is AI-searchable. Your admin connects your organisation's own OpenAI, Claude, or Gemini API key — queries run entirely inside your deployment, and no data ever leaves your region.

  • Ask any question about a document and get a precise, cited answer
  • One-click summaries for PDFs, spreadsheets, and long-form documents
  • Auto-tag suggestions based on content analysis — accept or dismiss
  • AI-powered full-vault search beyond filename matching
  • Bring your own API key — OpenAI, Claude, or Gemini, admin-configured
  • All AI calls run inside your infrastructure — zero data leaves your region
EidoVault AI
Q3_Financial_Report.pdf
2.4 MB · PDF · version 3
Summarise
AI Summary

This 47-page report covers Q3 FY2024 results across MENA operations. Revenue grew 18% YoY. Operating margin improved to 24.3%. Key risk: currency exposure in UAE projects through Q4.

Ask
Answer

Operating margin reached 24.3%, up from 21.1% in Q3 FY2023. The improvement was driven by reduced logistics costs and higher-margin government contracts in KSA. (p.14, §3.2)

Suggested tags financial Q3-2024 MENA confidential

Deployment

Up and running in days, not months

EidoVault deploys to your own cloud account via Terraform and Helm — you own the infrastructure from day one.

1

Region & account selection

Choose your cloud region and GCP project. All infrastructure will be provisioned exclusively within that boundary.

2

Terraform provisioning

We run the Terraform plan against your account — GKE cluster, Cloud SQL, KMS keyring, GCS buckets, Cloud Armor WAF — fully automated.

3

Branding & identity setup

Upload your logo, set your org name and brand colour, configure your OIDC provider or local admin credentials.

4

Onboard your team

Create users, assign roles, configure SFTP and API access, and set storage quotas. Invite users — they're storing in minutes.

Access Control

Right access. Right people.

Six purpose-built roles with no permission overlap. Assign the minimum access each person needs — nothing more.

System Admin
Storage Admin
Uploader
Viewer
Auditor
Support Engineer

Get started

Ready to own your storage?

EidoVault is deployed to your infrastructure, in your region, under your control. Get in touch and we'll scope out a deployment for your organisation.

[email protected]

Built by

AgentFaKtory

Enterprise AI and data engineering — agentic systems, cloud infrastructure, and intelligent workflows for regulated industries.

Visit agentfaktory.ai →