ShareFile Security Information
ShareFile stores your files in secure, SSAE 16 audited datacenters. Our privately managed server farm is equipped with the latest firewalls and Internet security updates to help keep your data completely safe, and physical security measures from fingerprint scanners to ballistic-proof exteriors protect against theft and natural disaster.
Encryption
Encryption is a method for transforming data during either transfer or storage so that it requires permission to access. The data is transformed using an algorithm that generates a decryption key that must be used in order to open the data. When transferring sensitive files, it is important to use encryption to ensure that any outside sources cannot read the data contained within the files. All file transfers through the ShareFile service are encrypted using 256-bit SSL (Secure Sockets Layer). This is the same security used by banks and many e-commerce sites such as Amazon.com. SSL works by establishing a private connection and each end of the connection is authenticated before transfer begins.
Data traveling between these endpoints can only be decrypted by the intended recipient by using unique decryption keys. Files uploaded to ShareFile servers are saved with 256-bit AES encryption. Each file saved in our system has a unique encryption key. When a file is uploaded, it is encrypted before being copied to its permanent storage location. Downloaded files are decrypted before their contents are sent to your browser. The file encryption keys are not stored on the same server with the files themselves, ensuring that someone with physical access to our storage servers has no access to the files contained on their hard drives.
Secure Uploads and Downloads
Files are uploaded and downloaded between the end user and the storage tier directly over an Secure Socket Layer (SSL) or Transport Layer Security (TLS) encrypted segment using high grade encryption. ShareFile supports TLS 1.2. These are the same encryption protocols and algorithms used by e-commerce services and online banking.
On Standard, Adavanced, Premium, and VDR plans, files are stored at rest using the Advanced Encryption Standard (AES) with a 256 bit key. All uploaded files not pre-Internet encrypted, encrypted by the end user prior to upload, are scanned for known malware including viruses, Trojans, and worms. Files that reflect a known malware signature are flagged with a Red X and end users are subsequently warned and prompted prior to downloading a suspicious file. Administrators can request Technical Support enable additional account preferences that would prevent end users from downloading a file that is suspicious; as well as, set preferences that prevent download a file until it’s been scanned. However, note that these stricter options may affect the overall usability of the ShareFile service.
Secure User Access
Each user on an account is given a unique username and password to login. Passwords are hashed so that not even ShareFile employees can access this information. If a user enters an incorrect password five times in a row, the system will lock that user account for five minutes before they can login again. ShareFile account users will only see folders where they have been granted permissions and are listed in the Folder Access list. Folders where they have not been granted permissions will be invisible to them in the folder view and on any reports that they can access. By default, client users do not have access to information about other users on the account. All activity in an account is logged and available to employee users who have access to the Reporting section. Reports can include activities (such as logins, downloads, deletions, etc.), storage contents and user access audits. The policy to save data older than 90 days for Corporate and Corporate Gold accounts was put in place fall 2009. Activity before this time may not be available.
ShareFile Authentication When logging into the ShareFile web application, you provide your email address and password at your account landing page. After a period of time your session will timeout and you will be prompted to login again. ShareFile Enterprise customers can opt to integrate with Active Directory and redirect this login process. Apps built using the ShareFile API (ShareFile Desktop Apps, ShareFile Mobile Apps, and third-party apps) are not allowed to capture or store the user’s credentials and typically only need limited access, so the ShareFile API leverages an industry standard protocol called oAuth 2.0.
According to the oAuth community site, oAuth is “an open protocol to allow secure authorization in a simple and stand method from web, mobile and desktop apps.” For more on oAuth see the community site and the IETF specification. ShareFile stores an oAuth token instead of your credentials and then uses that token to access the ShareFile API instead of your credentials. This allows a tool like ShareFile Sync to run in the background happily keeping all your files in sync without needing to prompt you for a password every time a change is made. This token has limited access to ShareFile only, so it is less of a security risk than storing your credentials. The way authenticating with oAuth tokens works is that ShareFile first prompts you for your email address and password using a secure web form that is similar to the one used when you login to the web application.
If using AD integration, we redirect you to configured IdP for the initial authentication. Once you have successfully authenticated, the secure web form provides the application with an oAuth token that is securely stored in the application. All subsequent access is done using this token you will not be asked for your credentials again until the token expires. The expiration for this token can be set by ShareFile administrators in Advanced Preferences. If you lose access to the device where the ShareFile application was installed, you can manually expire the oAuth token in the ShareFile web application under My Settings. Administrators can also expire an oAuth token on behalf of a user in that user’s profile page in Manage Users. Disabling a user will also expire all tokens for that user. Since these tokens act as a replacement for your password, they are not tied to the password expiration policy (either within ShareFile or to an AD password expiration). You will not need to reauthenticate with a tool when you change your password, but only when the oAuth token expires.
Servers and Storage
ShareFile accounts are stored on servers maintained by Amazon Web Services in multiple locations across the globe. An account’s data is generally stored at the server location that is geographically nearest to the administrator. All data centers containing ShareFile servers are SSAE 16 certified, proving that they meet high standards for security. Physical access is tightly controlled, and double verification is required to proceed to any areas housing data. Our servers are firewall protected and regularly updated to ensure that all of the latest security patches and updates are in place.
ShareFile has established operational procedures to maintain the availability of the system and user data, as appropriate and agreed to with users. ShareFile procedures take into account system capacity needs, physical and environmental threats to system resources, and recovery timelines needed to uphold service levels. Servers in the control plane are configured for high availability. Databases automatically fail over to an on-site secondary node, and data is further replicated at a geographically segregated disaster recovery site. Replication delays are monitored and addressed in order to meet recovery point objectives. For ShareFile-managed StorageZones, storage infrastructure is hosted with AWS and Microsoft Azure and availability is monitored real time by the network operations group. Customers managing their own StorageZones are responsible for availability, capacity planning and disaster recovery for uploaded data in these StorageZones.
ShareFile Company Policies
All ShareFile employees undergo full background checks and sign our handbook prior to beginning employment with the company. The handbook includes an agreement to maintain the privacy and security of account information. Account information and support functions are accessible only from the IP address of ShareFile’s physical office locations. Company policy prohibits employees from accessing accounts or client data except where they have been expressly granted permission by an account administrator for the purpose of support. Any logins or activity by ShareFile Support will be logged in the account activity reports and available for review by account administrators.
ShareFile Cloud Storage Servers In order to upload or download from a ShareFile account, you must access data housed in ShareFile cloud storage. If you are given an error while connecting to ShareFile, please contact your company’s technical support.
Network Connections used by ShareFile ShareFile separates application traffic from file uploads and downloads. ShareFile client applications require access to the ShareFile.com SaaS application as well as access to the storage location for their account. The SaaS application is hosted by ShareFile and accessed using a customer-specific URL such as company.sharefile.com or company.sharefile.eu. User account settings, business logic and file metadata are handled by the SaaS application—no files are stored within the SaaS application tier.
Data Storage services (known as StorageZones) may be managed by ShareFile or hosted and managed by customers. Files are stored securely within the data storage tier and accessible only by clients who have authenticated to the SaaS application tier. The ShareFile SaaS application authorizes file operations between authenticated users and the appropriate data storage service.
Users must authenticate in order to use ShareFile. Authentication can be performed by ShareFile SaaS application or deferred to a 3rd-party enterprise identity provider using SAML. In this article we assume that SAML is used for enterprise authentication. To support accounts that use ShareFile-managed storage zones, ShareFile manages a variety of storage servers that execute in Amazon or Azure public cloud infrastructure. The list of public cloud servers used for ShareFile-managed StorageZones is variable based on your account location, scalability requirements, and other factors, and is subject to change. After successfully authenticating with the SaaS application the client would upload and download files from one of the servers.
Title 21 CFR Part 11
Click here for information on CFR Part 11 compliance.
Reporting a product security vulnerability
If you believe you have discovered a potential security vulnerability related to ShareFile, please visit Cloud Software Group Trust Center
For inquiries about the privacy of your information or concerns regarding illegitimate email notifications or scam / phishing attempts, please contact ShareFile via email at privacy@sharefile.com. To reach our Global Customer Support department, you may submit requests directly by visiting our ShareFile Help Center.