This printed/PDF document is a snapshot of the following URL, and is subject to change at any time. For the current version, please visit: https://www.files.com/legal/redundancy.html
Last Updated: March 31, 2020
Physical Servers and Datacenters
All of our server instances, file storage, and database hosting are provided by Amazon Web Services, a subsidiary of Amazon.com.
Amazon Web Services has achieved ISO 27001 certification and has successfully completed multiple SAS70 Type II audits.
Amazon has many years of experience in designing, constructing, and operating large-scale datacenters. This experience has been applied to the Amazon platform and infrastructure.
We store all files uploaded by customers in the Amazon S3 Simple Storage Service. Amazon S3 provides a highly durable storage infrastructure designed for mission-critical and primary data storage.
Objects are redundantly stored on multiple devices across multiple facilities in an Amazon S3 Region. Once stored, Amazon S3 maintains the durability of your objects by quickly detecting and repairing any lost redundancy.
Amazon S3 also regularly verifies the integrity of data stored using checksums. If corruption is detected, it is repaired using redundant data.
We save backups of files that are deleted and retain such backups for a period of time that is customizable by you. Our support staff is able to restore deleted files directly back to your account.
All files are stored by default in the US Standard Region of Amazon S3, which means that they are exclusively stored within the United States. Customers may request to have files stored in other S3 regions by contacting us.
Files are encrypted-at-rest within Amazon S3, with all encryption keys stored in a key-management escrow service operated by Amazon S3. (** Applies to all files uploaded after October 5, 2011.)
Front-End Server Redundancy
Our front-end HTTP and FTP servers are server instances powered by the Amazon EC2 Elastic Compute Cloud. Within Amazon EC2, we maintain at least two separate client-facing HTTP/FTP front-end server instances, each in a separate EC2 Availability Zone.
Availability Zones are distinct locations that are engineered to be insulated from failures in other Availability Zones. By launching instances in separate Availability Zones, applications are prevented from failure of a single location.
These server instances are all monitored every minute on ports 80, 443, 21, 22, and 990 to ensure uptime. Whenever any instance goes down, our server administrators are immediately paged.
We ship pertinent information from system and event logs to separate servers that store our system logs and alert us to any unusual activity.
While we ordinarily operate from the Amazon EC2 US-East Region (Northern Virginia), we have procedures in place that would allow us to migrate our entire service to the Amazon EC2 US-West Region (Northern California) in the event of a major disruption to US-East.
We use Amazon Relational Database Service, a managed database hosting service to host our databases. Amazon RDS ensures that our databases are always patched with the latest updates.
We use the "Multi-AZ" capability of Amazon RDS to ensure that a hot-backup standby database server is always running and available in a separate Availability Zone.
We have Point-in-time Restore capabilities on our database servers for any time in the last 7 days. This means that we can restore our database to its state at any given time in the past 7 days (such as immediately before a service disruption).
Additionally, we take full database snapshots and store them in Amazon S3 every 24 hours. These snapshots are retained for at least 7 days.
Our servers are configured to page and E-Mail our system administrators any time any unexpected event (called an "Exception") occurs in our web application software.
Our engineers respond as quickly as possible to any error states.
We retain these exception reports for at least thirty days.
Service Level Agreement
We recognize that downtime can be costly and reflect poorly on your business. As such, we offer an SLA to customers on the Teams Premier Plan. We will provide compensation in the form of a refund to your credit card (if you have one on file) or a service credit toward future payments (if you do not have a credit card on file) if certain uptime goals are not met and you are a qualifying plan and request a refund.
We define uptime as the percentage of time during a Usage Period HTTP, HTTPS, FTP, FTPS, and SFTP services are available on ports 80, 443, 21, 990, and 22 on at least one server in the IP Pool for your site. The IP Pool for your site is defined as the full set of IPs returned by DNS when resolving your Files.com subdomain or associated custom domain, if any. Please note that you may need to make multiple DNS queries to retrieve the full set of IPs in the IP Pool.
The uptimes of these 5 services as computed by Wormly (or another monitoring system we may choose to engage) will be averaged together to compute an overall uptime.
If uptime during a Usage Period is below 99.9%, you are entitled to refund or service credit equal to 50% of your last Usage Period payment (not including any Usage fees).
If uptime during a Usage Period is below 99.5%, you are entitled to refund or service credit equal to 100% of your last Usage Period payment (not including any Usage fees).
No refund will be given if Files.com determines, in its sole and reasonable discretion, that you breached any part of these Terms of Service. SLA refund requests must be made during the Usage Period immediately following the qualifying downtime.
Scheduled downtime for maintenance and other purposes is not counted against uptime for purposes of this SLA. Scheduled downtime is defined as those times where Files.com notifies you of periods of downtime at least five (5) days prior to the commencement of such downtime.
Files.com™ makes use of the following IP addresses. If you restrict outbound access via a firewall, please whitelist all of these IP addresses for ports 80, 443, 21, 22, and 990, as well as FTP data ports 40000-50000.
184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11
Please make sure that all IP addresses are white-listed, as we may switch between these at any time.
SFTP Host Key Fingerprints
Files.com™ makes use of a 4096-bit RSA SSH host key. The host key fingerprints are as follows:
SHA256: JvS7SrgY9QfsC2otdG0TGo0aWcvvieGg1R2Vx8/5VSw MD5: 79:e1:fc:1c:8d:d7:95:25:84:c5:70:16:4d:07:e0:c5
For maximum security, we recommend verifying the host key fingerprint when connecting via SFTP.
Automatic fire detection and suppression equipment has been installed to reduce risk. The fire detection system utilizes smoke detection sensors in all data center environments, mechanical and electrical infrastructure spaces, chiller rooms and generator equipment rooms. These areas are protected by either wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems.
The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure for critical and essential loads in the facility. Data centers use generators to provide back-up power for the entire facility.
Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Data centers are conditioned to maintain atmospheric conditions at optimal levels. Personnel and systems monitor and control temperature and humidity at appropriate levels.
Changes and Evolution
Files.com LLC strives to stay up-to-date with the latest best practices, and as such reserves the right to change the exact implementation of our technology platform at any time.
This document was last updated according to the date at the top of this page.
Questions regarding this document should be sent by e-mail to us using our online contact form.