Files are uploaded and downloaded between the end user and the storage tier directly over a Secure Socket Layer (SSL) or Transport Layer Security (TLS) encrypted segment using high grade encryption with no less than 128 bit key strength. ShareFile supports SSL 3.0 and TLS 1.0. These are the same encryption protocols and algorithms used by e-commerce services and online banking.
When a file is uploaded, it is encrypted before being copied to its permanent storage location. Downloaded files are decrypted before their contents are sent to your browser.
File encryption keys are not stored on the same server with the files themselves, ensuring that someone with physical access to Sharefile storage servers has no access to the files contained on their hard drives.
All uploaded files not pre-Internet encrypted, encrypted by the end user prior to upload, are scanned for known malware including viruses, Trojans, and worms. ShareFile accounts are stored on servers maintained by Amazon Web Services in multiple locations in the US, Europe, and Asia. An account’s data is generally stored at the server location that is geographically nearest to the administrator.
All data centers containing ShareFile servers are SSAE 16 / SOC 2 certified, proving that they meet high standards for security. Physical access is tightly controlled, and double verification is required to proceed to any areas housing data. All servers are firewall protected and regularly updated to ensure that all of the latest security patches and updates are in place.
In case of disaster, ShareFile has multiple backup strategies in place to protect against loss of data. Files are frequently backed up to a disaster recovery data center, and mirrored in real time to a secondary server location to ensure that service can be quickly resumed in the case of a disruption at the primary server location.
ShareFile is certified under the U.S. Department of Commerce’s Safe Harbor program: http://export.gov/safeharbor