en_US / Resources / Articles

Sharing Files Online the Secure Way

As convenient and efficient as the Internet is for sharing files, it can be equally unsafe, untrusting and downright scary. It’s easy to give in to the temptations presented — speed, ease of use, free — and let the most important aspect take a back seat. With so much sensitive data being transferred on the web, what we really need is secure online file sharing.

A file-sharing slipup can cost a company a client or a job. The entire business could fold. Even worse, you could end up with penalties such as fines and even jail time.

According to a study of IT professionals and end users in 100 countries around the world, the most common reasons for sensitive data leaks include:

  • Unauthorized use of applications
  • Misuse of corporate computers
  • Unauthorized access of networks or facilities
  • Files transferred between company and personal devices
  • Shared passwords
  • Insecure backup locations

Funny how we lock up our office doors at night and require employees to carry identification badges but skimp on security when sharing sensitive data to people we’ve never actually met. As the business world continues to push toward a global enterprise, it’s imperative that we all upload and download information in a safe and secure way.

Citrix ShareFile is the preferred choice for thousands of companies around the globe for secure online file sharing. We serve the accounting, legal, financial, engineering, architecture, construction, healthcare, insurance, real estate and manufacturing industries that include Fortune 500 companies. And we’d love to serve you, too.

Secure online file sharing is a sum of many parts. Let's review the different ways we ensure the safety of our client’s files, by providing best-in-class alternatives to Secure FTP.

Encryption: Writing the code for safe file transfers

Among the many ways files can be kept safe when sharing online is through encryption. Encryption is like code, or a scrambling of the data that makes the file unreadable to unapproved recipients.

How encryption works

When you create a document, it is made up of plaintext — in other words, the data as it appears on the screen as you see it. When the document is sent to storage or securely transferred across the web to another user, that plaintext data is converted to ciphertext, or a series of seemingly random characters that make the document unreadable. Encryption is the process of converting plaintext to ciphertext.

Users that have been granted permission to access the file have a special key that decodes, or decrypts, the scrambled data. When the file is downloaded by an approved user, the ciphertext is converted back to plaintext and made readable again.

Types of encryption

The file encryption method used by ShareFile is symmetric key encryption. In symmetric key encryption, each computer (the sender as well as the receiver of the file) has the key required to decipher the text.

In a very basic example of symmetric key encryption, the letter "A" would be replaced by the letter "B," the letter "B" would be replaced by the letter "C" and so on. Each computer (sender and receiver) knows that the key to the encryption is “shift by one” or shift each letter of the alphabet by one character.

So the plaintext word “ShareFile” might appear in ciphertext as “TibsfGjmf.” If this document was intercepted by a third party, the individual would not have the key to the encryption (“shift by one”) and therefore not be able to convert “TibsfGjmf” to “ShareFile.”

Levels of encryption

The previous example is a very basic and low level of encryption. But encryption comes in many different levels, measured in bits. The higher the bits, the more difficult it is to decrypt.

Most encryption systems use 128 bits. At ShareFile, we use 256 bits of Advanced Encryption Standard (AES). This is the same type and level of encryption used by the U.S. government for files of top secret classification.

Datacenters and backup datacenters

When files are uploaded to the Internet, where exactly are they kept? The Internet or "the cloud" sounds like an intangible space with no real location. But the truth is that files stored online actually live on servers in brick-and-mortar buildings in many locations around the globe. These places are called datacenters.

If your file didn’t have anywhere to live, you would lose it the very second you sent it to another user. And if that place where the file lives was compromised, there's a chance that neither of you would see that file again.

Natural disasters such as storms or fires can destroy a datacenter’s servers and wipe out files for good. Or thieves who successfully intercept sensitive data — namely personal or financial information — could become the sole owners of those files.

That’s why most files that are stored and shared online are backed up to other datacenters. In the event that a file’s primary location is compromised, the data still exists on a secondary server in another datacenter.

Levels of datacenter security

The standards for auditing and reporting protocols update as technology — and newfound risks — evolve. Currently, SSAE 16 is the standard datacenters observe, and we at ShareFile take that seriously with our cloud backup services for business.

The actual definition of SSAE 16 is: “A standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) that addresses engagements taken by a service auditor for reporting on controls at organizations that provide services to user entities, for which a service organization’s controls are likely to be relevant to a user entities internal control over financial reporting.”

Passwords and password settings

Password protection is standard protocol for just about any online file-sharing provider. But as iFusion Labs CEO John Pozadzides points out, hacking passwords is easier than you might think.

That’s precisely why we escalate our efforts to keep your passwords safe and secure. With ShareFile, you have total control over:

  • Expiration dates
  • Password history
  • Complexity specs such as length, uppercase/lowercase and use of numbers and special characters

Clients may also set up a multi-factor authentication wall, requiring users to submit a password along with a secondary identifier such as an SMS text message in order to access a file. There’s also an account lockout feature that will lock an account after five invalid login attempts.

Remote wiping

Files that are shared online often end up being downloaded and saved to a device. This presents a security risk for laptops, tablets and smartphones that are lost or stolen.

What if the file was open at the time the device changed hands? Or what if your files are not password protected and thus easy for anyone to open?

One way to combat this risk is through a feature called remote wipe. This entails wiping files clean from a device that has been stolen or misplaced. Or the files can stay put, but your password can be changed.

Remote wipe is similar to canceling a credit card after you realize your wallet is missing. Perform remote wiping by using another device or by calling our 24/7 technical support team.

Attachments out, links in

Files shared online are most often sent as an attachment to an email. This leaves documents as vulnerable as the email itself.

When sharing online files with ShareFile Encrypted Email, there’s no email attachments that can be intercepted. Instead, the body of the email message contains a link to the file. Upon clicking the link, the user will have to provide a password, and any requested secondary identifier before the file can be accessed. Plus, by using links, ShareFile enables you to send large files and avoid cumbersome attachment restrictions.

Folder permissions

When a file is shared online, who knows where else it might end up? A document intended for one person might then be passed on to another.

With ShareFile, administrators of a file can customize folder permissions so that only select users can gain access to a specific file.

File self-destruct

They say that everything shared online is there to stay. Not with ShareFile they aren’t.

A file self-destruct feature allows an administrator to select the number of days that a file can remain stored on a device before being automatically removed following a lapse in login or file access.

Activity tracking and alerts

Security concerns are not limited only to unauthorized users. Sometimes, documents are compromised by internal, intended personnel. How many co-workers, colleagues and clients are granted access to one of your files? Can they all be trusted?

An activity tracking feature records details of all changes to a file. Every edit, modification or update that is made to a document is traced back to the user that acted on it and the time that the change occurred.

It doesn’t stop there. When changes are made to a file, the administrator receives an email alert notifying them that a change has been made. Oftentimes, an inaccurate file change is in no way malicious but rather an honest clerical mistake.

Either way, activity tracking and alerts raise the level of accountability for both your team and your client. It’s just one more security feature ShareFile users enjoy.

File versioning

Being alerted that a change has been made to a document is great. And being able to see the details of those changes is even better. But although it holds the person accountable, it doesn’t fix the problem.

That’s where file versioning comes into play. File versioning allows users to view and revert to a previous version of a file. So if you see that an incorrect change has been made, there’s no need to backtrack and fix the mistake. Simply revert to the version of the file prior to when the change was made.

Many online file sharing providers allow users to only access the previous five to ten versions of a file. At ShareFile, we allow for all versions of a file that have existed within the last 30 days to be accessed. In addition, our file access logs date back a full year.

HIPAA compliance

Healthcare professionals will especially benefit by using ShareFile as our security measures set the tone for HIPAA-compliant file-sharing practices. We’ll even provide and sign a HIPAA Business Associate Agreement upon request. HIPAA compliance is up to the user, but we make it easier.

Mobile security: taking safety with you

Today’s business professionals work from everywhere, and it’s important your file sharing security is with you at all times. We make sure our clients stay safe no matter where they are by deploying such mobile security features as:

  • File self-destruct
  • External application interaction (the ability to choose whether files can be opened outside the ShareFile application)
  • Offline access (the ability to access downloaded files when offline)
  • Permissions management
  • PIN or password lock
  • Restrictions of modified devices
  • Remote wipe

24/7 support

One of our best security measures is a round-the-clock customer support team that is ready to help in a time of need. Should you ever suspect that a file has been tampered with, just pick up the phone and call one our representatives at any hour, on any day.

Experience what real security feels like by sharing your files online with ShareFile for the next 30 days. Our trial period is free and requires no credit card or further obligation. Check it out, and change the way you do business by changing the way you share files online.

Ready to try ShareFile? It's free for 30 days. No credit card required.

Related Information