Citrix ShareFile security and compliance

How ShareFile safeguards your data.


Data protection during file transfer

  • File transfer – ShareFile employs SSL/TLS protocols to protect client authentication, authorization and
    file transfers.
  • High-grade encryption – ShareFile secures files in transit with no less than 128-bit encryption using industry-standard
    encryption protocols.
  • File integrity – ShareFile employs a keyed hashed message authentication code (HMAC) to authenticate and
    ensure the integrity of intra-system communications. ShareFile verifies file size and file hash to
    ensure integrity.
  • Link generation  – ShareFile download links are uniquely and randomly generated using strong hash-based
    message authentication codes. ShareFile provides technical countermeasures to protect links
    from guessing attacks.

Data protection during storage

  • Datacenters – ShareFile uses SSAE 16 Type II accredited or ISO 27001 certified datacenters to host the SaaS
    application and metadata. All files are stored in SSAE 16 Type II (SOC1), SOC2 and ISO 27001
    accredited datacenters with high availability and durability ratings.
  •  Encryption – ShareFile stores client files at rest using AES 256-bit encryption, a Federal Information Processing
    Standards (FIPS) encryption algorithm.
  • Firewalls – Files are processed using systems protected by securely configured firewalls that effectively limit
    and control access to network segments.
  • Redundant storage – Files are stored in replicate with leading Infrastructure-as-a-Service (IaaS) providers that ensure
    high file durability and availability.
  • Backup – Files are backed up according to configurable file-retention and versioning settings.

    Configurable settings

  • Password policy – Clients have the option of configuring password policies, including password history, expiration,
    and complexity controls such as length, uppercase and lowercase letters, at least one number,
    and at least one special character.
  • SAML 2.0 enabled single sign-on – ShareFile supports SAML 2.0 for single sign-on and integrates with most SAML-compatible
    identity management solutions.
  • Custom SMTP (mail) settings – ShareFile enables clients to route email messages though their own mail servers. When
    enabled, all emails sent through ShareFile will be routed through the client’s mail server,
    instead of ShareFile mail servers. Clients may optionally configure the connection to support SSL.
  • Fill out the form below and let us know how we may assist you: