Most MindMup functionality runs directly in your browser. MindMup allows users to store data on Google Drive and MindMup Cloud storage, and publish maps online using MindMup Atlas. In such cases, as directed by the users, data is sent from the browser to the remote service.
- Working with MindMup Cloud storage
- Working with Google Drive
- Remote exports
- Publishing to MindMup Atlas
Working with MindMup Cloud storage
- Where is the content stored?
- MindMup uses Amazon Web Service S3 File system for MindMup storage, in the us-east-1 region (North Virginia, USA). The changes to map content will be sent from your browser directly to S3 using HTTPS (encrypted at transit).
How secure are the files stored to MindMup cloud?
- User data is encrypted at transfer
- Free maps (saved without a MindMup Gold account) are publicly available to anyone with the corresponding URL. Data saved by users without an account is stored unencrypted.
- Gold maps (saved by MindMup Gold users) are private, available to users authorised using the corresponding MindMup Gold account. The authorization is technically implemented using AWS S3 pre-signed URLs. If created/updated since 24 June 2020, it is stored encrypted (encryption at rest).
Working with Google Drive
- Where is the content stored?
- When you use Google Drive to store maps, all changes to map content are directly sent from your browser to Google Drive, using HTTPS (encrypted at transit). MindMup does not send the map data anywhere else or keep additional copies or backups.
- What privileges does MindMup request from Google Apps?
- MindMup requests privileges from Google Drive only to access the data while you are using the application, and does not have any access to your data outside your browser session. For detailed technical information on this, check out the Administrator’s guide
- How secure are the files stored to Google Drive?
- MindMup does not store files, Google Drive does, so normal Google Drive security applies. Users can choose who can see and edit the files using the normal Google Drive sharing mechanisms.
Remote exports
- When are remote exports used?
- Remote exports are used to convert maps to other formats (including PDF for printing, images etc). The files are never uploaded without your explicit permission. Every time MindMup needs to send the file to a conversion service, the users are warned and asked for permission, clearly including the link to this page. The file is then securely uploaded from the browser to our servers, processed, and the result is stored for a short period of time so you can download or share it.
- Where are the files processed?
- For server-side processing, the maps are uploaded using HTTPS to Amazon’s S3 file storage system. The converted files are also stored on the S3 file system. The data is processed in the Amazon Web Service compute cloud.
- How long are the files preserved?
- The map contents on the remote systems are discarded immediately after successful processing. The conversion results are kept on the server for up to 24 hours, so the user requesting the conversion can retrieve them. They are automatically discarded after 24 hours.
- How secure are the files?
- The source files are secured under the standard Amazon S3 access mechanisms, available only to the server-side process that converts the files. After the conversion is complete, the resulting file is stored under the same mechanism, and a unique security key valid for 24 hours is generated so that the user who initiated the conversion can download the results. Only the requesting user gets the security key, and it is transferred to the user over HTTPS.
All links and security keys are transported using HTTPS.
The files are stored secured by Amazon’s standard S3 security mechanisms. User data is encrypted at transfer, and (if created/updated since 24 June 2020) encrypted at rest.
Publishing to MindMup Atlas
- Where is the content stored?
- When you publish a map to MindMup Atlas, the map content will be sent from your browser to Amazon Web Services S3 file storage system using HTTPS. Atlas will store the content using Amazon Web Services S3 Storage system and provide no additional protection, backups or guarantees for the storage of the content.
- How secure are the files?
- We store the content unencrypted. Maps published to Atlas are publicly available to anyone with the corresponding URL.
- Can we block users from publishing?
- Administrators of Organisational MindMup Gold accounts can choose if their users are allowed to use Atlas or not. Blocking Atlas, for example, allows school administrators to ensure that students do not expose private data by mistake.