At Files.com, the security of the data you entrust us with is our top priority.
We believe that the need for information security is greater now than ever before. That’s why we always automatically encrypt every file stored with Files.com.
We also understand that many organizations have even greater security requirements, which is why we offer the additional option of automatic encryption using customer-managed encryption keys, putting you in complete control of your data privacy.
Strong encryption comes standard
As a secure home for your most valuable content, Files.com keeps your files safe by applying strong encryption both while files are in transit, and at rest.
By default, every file uploaded to Files.com - whether sent using the web interface, the Files.com app, or any of our supported protocols - is encrypted in transit using high-strength Transport Layer Security (TLS) or SSH encryption.
Once uploaded, every file is encrypted at rest by Files.com using 256-bit Advanced Encryption Standard (AES) encryption. This is an extremely high level of encryption, and is considered the industry standard for data protection in the cloud.
Take control with customer-managed encryption keys
We know that every organization has unique security requirements when it comes to moving their data to the cloud. If you have regulatory needs or compliance requirements that demand the highest level of encryption security, Files.com has you covered with automatic PGP/GPG encryption using encryption keys that you control.
This powerful feature provides seamless encryption of your data using your own PGP public key, rendering your files unreadable by anyone - even Files.com - without the corresponding private key, so you’re always in full control of your data privacy.
Use of the latest and greatest SSL technologies
Any security expert will tell you that information security is a moving target. An encryption technology that used to be best-in-class might get broken. Flaws are discovered. Technology evolves.
Unlike competitors who take a more lax approach when it comes to the use of modern and secure protocols and ciphers, we keep our customers secure against evolving threats by enforcing the use of modern and secure encryption technology for all connections to Files.com.
Additionally, we are early adopters of cutting edge technologies that make SSL encryption even more secure, such as HSTS, the HSTS preload list, Certificate Transparency, Perfect Forward Secrecy, and more.
As a result, we are one of very few sites that earns an “A+” grade on the Qualys Labs SSL Grader, an automated audit of our implementation of SSL encryption for HTTPS.
However, we also recognize that some organizations have diverse userbases, and no control over the client software used for sending and receiving data. To help such organizations strike a balance between securing their data and maintaining compatibility for their users, we offer the option to opt-out of the strict enforcement of modern encryption ciphers and protocols.
Customers may choose to use this opt-out setting even temporarily, while the Files.com support team assists their users with selecting or upgrading to modern and secure client software.