I have read some questions and answers about uploading images specifically:
Have I done enough not be compromised through image uploading
Risks of a PHP image upload form
Uploading images safe of XSS, php code and virus
Antivirus for scanning anonymous file uploads
Use PHP to check uploaded image file for malware?
So I understand the issue has been talked about many times.
My situation is a bit different. I need to create a service like Google Drive or DropBox only that in this case it allows people to safely store sensitive data. The issue is that we are allowing anyone to subscribe and upload any kind of file much like in other web storage services. The only difference is that we need to protect the data from other users and protect ourselves from the data as well as possible.
I am looking for the most secure best practices for allowing file uploads and storage. Is there some reliable resource that provides information about handling an online file services?
