Layer 1: As a ShareFile user, the first layer of security is in regard to accessing your account. Each user of the system has a unique login and password. All user passwords are hashed in the ShareFile database, meaning that not even the ShareFile support personnel have the ability to view or in any way determine a user’s password. To access your sensitive documents, you are prompted to sign into your account with your email and password. This serves to protect your information from unauthorized users.

Layer 2: The second layer of security is default privacy settings. By default, your files are only accessible if you choose to share them with others. When ShareFile users create folders in the system, only the specified users that are designated by owner of the folder are able to access the contents of those folders. Users who do not have access to the folder will not even see the folder in their view of the system. So, you can rest assured knowing that your information is kept confidential.

Layer 3: ShareFile’s servers are located in facilities that are managed by Windstream Hosted Solutions and Amazon Web Services, trusted providers of secure and reliable data centers. Our data centers feature computer network security measures such as:

• Ballistic-proof exterior, including doors & windows
• Fingerprint scanners and ID checking for all entry and exit of the facility
• Double Man Traps force double verification and provides extra secure data center entry
• Redundant off-site monitoring of all security systems
• Locked Cabinets and Cages

.
Layer 4: Our privately managed server farm is equipped with the latest firewalls and computer internet security updates to help keep your data completely safe. Third-party SAS 70 Type II certification verifies that all data center facilities operate with strict security procedures. Servers are protected with a dedicated firewall, which constantly scans for and protects against malicious threats. The firewall protects ‘zero-day’ protection against any traffic that does not conform to standard Internet protocols, behaviors, or patterns.

Layer 5: All communications between ShareFile and the user are encrypted using the SSL (Secure Socket Layer). This is the same functionality used by banks and popular e-commerce services for secure communication. ShareFile also offers the ability to store your files encrypted when they are at rest on our servers, adding an additional layer of security. Additionally, all uploaded files are scanned by anti-virus software. Any files that are flagged as potential viruses are denoted with a red exclamation point icon within the application, and a warning is displayed before users attempt to download these files.

Layer 6: We also have several corporate policies in place that help protect the security of data in the system. All support functions are conducted by ShareFile employees, and access is restricted by IP address so that support functions can only be performed from within the secure ShareFile physical office facilities. Additionally, it is company policy that ShareFile support engineers only access client data when such support has been specifically requested by a user. All login and upload/download activity by support engineers here at ShareFile is logged in our activity log, which is completely viewable by administrators on each account.

Layer 7: Our latest layer of security features an advanced security set, focused on enterprise-level capabilities, including granular control over password strength requirements and number of failed logins before user is locked out, and forced reset of password after defined number of days to help comply with PCI and other security requirements and best practices.

If you’re interested in learning more about how your data is protected with ShareFile, download our security report.

When creating new employees or editing current employees, you will be given a list of administrative options that can be enabled or disabled for a particular user. This page can be seen below:

More information about these permissions and how to update administrative options for your employees can be found through our Knowledge Base here.

If there are any questions or issues, please contact your Account Manager or our Support staff.

However, lawmakers aren’t so certain about the new proposed legislation, arguing that it would give the government unprecedented access to private data. Critics say that the promotion of shared information about cyber-attacks with the U.S. Department of Homeland Security would violate laws limiting government access to private data. According to an article in Network World, the proposal will take away protection found in laws such as the Wiretap Act and the Electronic Communications Privacy Act, in favor of the proposed broad information sharing.

So what should businesses do to protect against cyber security threats?

The best method to use is a proactive approach to data security. ShareFile’s operational data centers have security measures in place to protect data. Third party SAS 70 Type II certification verifies that all data center facilities operate with strict security procedures. ShareFile’s servers are protected with a dedicated firewall, which constantly scans for and protects against malicious threats. Additionally, encryption technology, password protection, and even the ability to limit the IP addresses that may access a ShareFile account online, keep data secure and available only to authorized parties. By taking a proactive approach, instead of a reactive approach, to data security, businesses can ensure customer data protection.

Businesses usually try to work around this inconvenience by breaking up files into multiple, smaller files. Another common method of file transfer is putting the needed file on a thumb drive and taking it or sending to the intended recipient. Or those that are brave may even try setting up their own FTP server, which may or may not be secure.

Unfortunately these methods of file transfer do not offer the ability to know who the document has been seen by or if it has even been received by the right person. In addition, the delivery method could be very insecure or may even violate confidentiality regulations. File transfer solutions, like ShareFile, reduce the pressure of sending and receiving large files. With ShareFile, users can send files up to 10GB in size. Files are transmitted with 128-bit SSL encryption and a complete audit trail of all activity is provided. Users only see information where specific access is granted, which eliminates the wrong person seeing the data.

So, if you’re tired of seeing that email error or searching for that thumb drive in the pile of papers on your desk; give us a call to learn more about how our service works. We also offer a free trial for your business to explore for 30 days. Our team will be happy to guide you through any of your file transfer needs and also address and concerns you may have about sending large files.

Some concerns involve the possibility of actually limiting progress by writing any specific methods or requirements for protecting data and network systems into law. Any explicit stipulations may force businesses to keep dated measures in place after they have become obsolete, potentially driving resources away from the implementation of newer and more sophisticated security technology. In acknowledgement of these issues, the proposal introduced on May 12th does not recommend specific requirements but instead offers potential incentives to companies for meeting or exceeding standard expectations for security that the Department of Homeland Security will decide.

The reach of the Department of Homeland Security, and even the White House itself, is also a matter of discussion here. CNET reported the following regarding a comment from an unnamed Department of Homeland Security official: “If ‘industry does not come forward’ with an ‘appropriate’ standard, the draft legislation would give the government the power to ‘pick one, to create one, to modify one and choose that one. We believe that won’t be necessary.’” If this line of thinking is incorporated into law, this would leave open the possibility for the Department of Homeland Security to create and promote a standard that the Department determines to be appropriate for corporate information security.

Further, the New York Times reports that the Obama administration announced that under the proposed law, the Department of Homeland Security would be able to identify private organizations that are considered important to national stability and to have increased control over the computer system and networks of these companies, so that federal government could intervene in case of a security breach to prevent the spread of damage.

In this environment, a proactive approach to data security is best. The ShareFile service offers a hosted solution to protect information using the same encryption technology used by online banking and ecommerce companies. Further, SAS 70 type II servers, password protection, and even the ability to limit the IP addresses that may access a ShareFile account online keep account data secure and available only to authorized parties.

ShareFile has recently been able to offer consistent, secure file transfer and storage where other services have failed because of our focus on infrastructure and staying up to date with changes in data protection and migration. The recent interruption in Amazon Web Services which affected many companies did not affect ShareFile clients although our servers are hosted by Amazon, because our worldwide network of servers is designed to allow data to be migrated to the healthiest server on short notice. Further, data is backed up in real time to alternate server locations to allow ShareFile to restore client data as quickly as possible in case of server failure.

European researchers also recently released a report on how some file transfer services compromise information security by using unique ids for files stored on their service which can be predicted and exploited to gain access to files. The method used by the services cited in the report creates ids by making incremental changes from id to id, which makes it possible to determine the pattern used. The ShareFile service employs a random string of characters too long to guess to identify and store each file, and there is always the option to require login to access any files or links created, preventing access to the file by unauthorized users even if they had a file id. If an IP address attempts 20 wrong ‘guesses’ at a file id to try to access a file, the system will lock out any attempts by that IP address to access the account or any stored files for 10 minutes.

For more information on how our world-class large file transfer and storage service can help you keep your confidential files safe, please see our website at www.sharefile.com.

ShareFile makes tax season easy for accountants. With unlimited client users, an accountant can upload clients’ tax returns, and any other information to the portal. Clients can then use their personal log-in to retrieve the information. Files are transmitted with 128-bit SSL encryption and ShareFile maintains compliance with state and federal security regulations. ShareFile is equipped with granular folder-level permissions so that clients only see folders where specific access is granted.

Barbara Wohlegmuth, a CPA with Tax Trailer, says she survived this past tax season with ShareFile.

“I can’t tell you how much using ShareFile made the season go more smoothly. I needed a secure way for clients to transmit information to me, and vice versa, and ShareFile was the perfect solution. My clients uploaded their tax information to their ShareFile folders. I then downloaded the information, prepared their tax returns, and then uploaded completed returns to their folders for them to access. I set up the client folders to notify me when clients uploaded new information for me, and to notify them when I had uploaded their tax returns. This worked great and was a tremendous time-saver for me. Best of all, ShareFile is so easy to use–there’s really no learning curve–and we all loved it. I will definitely continue using ShareFile.”

With traditional storage methods, users worry about running out of space on flash drives and CDs or worry about keeping up with a physical device. However, with ShareFile you can upload files directly to your account, which provides an easy and secure online storage solution, customized for almost any small to medium sized business. All data is transmitted and stored with 128-bit SSL encryption, stored in a SAS 70 audited data center, and is audited regularly by a third-party. Users can store files on their account for a specified period of time and can access this information from virtually anywhere, even on-the-go through ShareFile’s mobile app for Android.

Our Desktop Sync power tool also allows users to easily synchronize files and folders by automating existing file sharing and storage workflows to accommodate the needs of today’s business users.

So, instead of being an April Fool, join over two million users and take advantage of the ShareFile service to take the insecurity and hassle out of data storage and file exchange today!

Try ShareFile for FREE today

We are proud to announce that we have opened up a new data center located in Tokyo, Japan. This brings the total number of data centers that service our customers to five. We now have two centers in the United States, one in the European Union and two in the Asian region. This new data center should significantly improve upload and download speeds for this region, and we are very excited about this server announcement and what it means to our Asian customers.

In addition to this new server, we have also updated our European data center for Virtual Data Room customers. ShareFile’s Virtual Data Room is our premier service and allows customers to setup client users with view-only access, in addition to standard download and upload permissions. This service also allows for custom watermarking, print permissions, full-text searching and advanced audit reporting and click trails. Thanks to this enhancement, ShareFile’s European VDR customers will not have to worry about their files being stored in the United States, and they should see both improved download and upload speeds and quicker speeds for document renderer to view-only capabilities.
With these new international enhancements, our goal to raise the bar for customer service is greatly improved and we are excited about this opportunity to make it easier for our international customers to utilize the ShareFile service. To learn more about these enhancements or to migrate your account to either our newest data center or to our new Virtual Data Room server, please do not hesitate to contact our Support team.

October serves as a national awareness month for a variety of issues in the US. You may already know that this is the month that many organizations make their biggest push to raise funds for breast cancer research and that communities renew their commitment to the arts, and it’s also National Cyber Security Awareness Month. This year, the National Cyber Security Alliance (NCSA) has kicked off October efforts to promote internet security by announcing their new public awareness campaign, STOP|THINK|CONNECT. The campaign strives to help end users remember that their actions on the web can affect their personal and financial security, as well as the security of others.

This message has been crafted and supported by a large and diverse group of government agencies and private companies that are dedicated to promoting a responsible and thoughtful approach to accessing the internet and sending information on the end user level. Efforts aim to increase general awareness of security issues on the web and also to educate users to protect themselves from breaches of privacy or corruption of their computer by malware. For example, participant companies like Microsoft have created pages on their websites with guidelines and resources to help consumers learn how to create stronger passwords and ensure that they have the appropriate protections in place.

While STOP|THINK|CONNECT is directed mainly towards promoting good habits in personal internet use, National Cyber Security Awareness Month is also a good time to remember that responsible internet practices are especially crucial for professionals. When handling private information for clients, it is extremely important that businesses focus on keeping up to date with the most comprehensive security solutions available.

This is one reason that professionals turn to ShareFile for help with transferring sensitive files through email or setting up secure portals to facilitate communication with clients. The ShareFile service provides encryption for transferred and stored files, password protection, audit features, flexible access controls within the account, and virus scan software. To learn more about our service, please visit our ShareFile Feature Overview page.