Citrix ShareFile security and compliance
How ShareFile safeguards your data.
Data protection during file transfer
- File transfer – ShareFile employs SSL/TLS protocols to protect client authentication, authorization and
- High-grade encryption – ShareFile secures files in transit with no less than 128-bit encryption using industry-standard
- File integrity – ShareFile employs a keyed hashed message authentication code (HMAC) to authenticate and
ensure the integrity of intra-system communications. ShareFile verifies file size and file hash to
- Link generation – ShareFile download links are uniquely and randomly generated using strong hash-based
message authentication codes. ShareFile provides technical countermeasures to protect links
from guessing attacks.
Data protection during storage
- Datacenters – ShareFile uses SSAE 16 Type II accredited or ISO 27001 certified datacenters to host the SaaS
application and metadata. All files are stored in SSAE 16 Type II (SOC1), SOC2 and ISO 27001
accredited datacenters with high availability and durability ratings.
- Encryption – ShareFile stores client files at rest using AES 256-bit encryption, a Federal Information Processing
Standards (FIPS) encryption algorithm.
- Firewalls – Files are processed using systems protected by securely configured firewalls that effectively limit
and control access to network segments.
- Redundant storage – Files are stored in replicate with leading Infrastructure-as-a-Service (IaaS) providers that ensure
high file durability and availability.
- Backup – Files are backed up according to configurable file-retention and versioning settings.
- Password policy – Clients have the option of configuring password policies, including password history, expiration,
and complexity controls such as length, uppercase and lowercase letters, at least one number,
and at least one special character.
- SAML 2.0 enabled single sign-on – ShareFile supports SAML 2.0 for single sign-on and integrates with most SAML-compatible
identity management solutions.
- Custom SMTP (mail) settings – ShareFile enables clients to route email messages though their own mail servers. When
enabled, all emails sent through ShareFile will be routed through the client’s mail server,
instead of ShareFile mail servers. Clients may optionally configure the connection to support SSL.
- Fill out the form below and let us know how we may assist you: