File Access Sits Behind the Policy You Already Run
People sign in to Files.com through Duo. Duo's MFA and device-trust checks happen before anyone reaches a file. The access policy your security team already runs can now cover the file platform too.
Put Cisco Duo MFA in Front of Files.com
Connect Files.com to Cisco Duo with SAML. Now Duo's MFA and device-trust checks run before anyone opens a file. The access policy your security team already uses can now cover file transfer too. And Files.com adds its own 2FA on SFTP, FTP, and WebDAV.
Why Teams Put Duo in Front of File Transfer
Many security-conscious companies use Cisco Duo for strong sign-in and device-trust rules. File transfer should sit behind that same policy. Files.com connects to Duo with SAML, so signing in to your files runs through Duo too.
A Second Factor Is the Default
Duo's MFA runs in front of every sign-in. Some accounts aren't managed by Duo. For those, Files.com adds its own 2FA, including hardware keys and authenticator apps. It works on FTP, SFTP, and WebDAV too.
Strong Logins Reach SFTP, Not Just the Browser
Strong sign-in doesn’t stop at the website. Files.com can require its own 2FA on the file-transfer protocols too. A partner connecting over SFTP gets the same check as someone signing in on the web, so the protocol nobody usually guards is locked down like everything else.
Connects Over SAML
Files.com connects to Duo through Duo's Generic SAML Service Provider. That's the standard sign-in method. Turn on SCIM and it syncs your users automatically too.
Duo Handles Sign-In, Files.com Handles Access
Duo handles strong sign-in: who the person is, and whether their device is trusted. It doesn't decide which folders that person can open once inside. Files.com adds that part. You get folder-by-folder access and a full record of every sign-in and sync.
Nine Levels of Folder Access
Set access per person or group, folder by folder. You get nine levels, the option to block a folder, and fenced-off admins. Your Duo groups feed straight into it, so nobody sets file permissions by hand and access matches the groups you already manage.
Every Event in the Audit Log
Every sign-in, sync, and permission change is captured in the Files.com audit log. The SCIM sync gets its own detailed log. It’s the record a compliance review asks for.
Hardware Keys and Authenticator Apps First
Files.com uses hardware keys and authenticator apps as the main 2FA methods. SMS and email are backups only. It's the same approach your Duo security team already takes.
SSO That Plenty of Companies Already Trust
Files.com runs one of the most widely used SSO setups in managed file transfer. A large base of enterprise customers relies on it to keep file access tied to their sign-in policy.
The Details That Matter for Cisco Duo
Duo Handles the Whole Account Lifecycle
With SCIM 2.0, Duo creates, updates, and turns off Files.com users and groups on its own. Make a change in Duo and it shows up in file access. Nobody has to touch Files.com.
Hardware-Key 2FA Reaches SFTP Too
For accounts Duo doesn't manage, Files.com 2FA covers Yubikey (WebAuthn and Native OTP), other hardware keys, authenticator apps, SMS, and email. Yubikey Native OTP and authenticator-app codes work over SFTP, FTP, and WebDAV. That's strong sign-in on the file-transfer protocols, not just the browser.
Connect Cisco Duo the Way That Fits Your Workload
SSO With SAML
This is the main connection. Add Files.com as an app in Duo through its Generic SAML Service Provider, then point Files.com back at Duo. Now your team signs in through Duo, and Duo's MFA runs as part of that login. Your people get one less password to manage, and you get one place to enforce the policy.
Automatic Provisioning With SCIM
Turn on SCIM to have Duo create, update, and remove Files.com users and groups by itself. This is what shuts off access automatically when someone leaves.
Accounts on First Login (JIT)
Nothing extra to set up. This is what runs when SCIM is off. An account is made the first time a person signs in. It's good for getting started fast. It can't remove people, so add SCIM when you need that.
How Teams Use Cisco Duo on Files.com
Signing In With an MFA Check
A person clicks Sign in with Duo, passes Duo's MFA check, and lands in Files.com. Strong sign-in is confirmed before they reach any file.
A New Hire Is Set Up Automatically
Assign someone to Files.com in Duo. SCIM creates their account, puts them in the right groups, and applies their folder permissions. All on its own.
A Departing Person Is Cut Off
Turn someone off in Duo and the next sync shuts off their Files.com account across the web, SFTP, and the Desktop App at once.
A Hardware Key on a Partner's SFTP
A partner account that Duo doesn't manage can be required to use a Yubikey for 2FA. The Yubikey works on their SFTP connection too.
Files.com Features Teams Use With Cisco Duo
User Management & Permissions
The folder-by-folder access, with nine levels, that your Duo groups feed into.
Learn MoreAudit Log & Forensic Trail
Where every Duo sign-in, sync, and permission change is recorded, ready to export for a compliance review.
Learn MoreSFTP & Protocol Access
How 2FA and folder permissions reach FTP, SFTP, and WebDAV, not just the browser a person signs into.
Learn MoreData Retention & Governance
Rules that decide how long files stick around once someone has put them in Files.com.
Learn MoreFrequently Asked: Cisco Duo on Files.com
Common questions about how Files.com connects to Cisco Duo and what the integration does.
Put File Transfer Behind Your Duo Policy
Start a free 7-day trial. Connect Duo with SAML, sign in with an MFA challenge, and see your file transfer sit behind the same access policy as everything else. No credit card required.
No credit card required • 7-day free trial • Setup in minutes