Zurich, September 16, 2025 – Tresorit, data security specialist of Swiss Post, is proud
to announce that it has successfully passed its NIS2 compliance audit, conducted by
the globally renowned consulting firm Ernst & Young. With a remarkable score of 95%,
Tresorit ranks among the first organizations in Europe to undergo and pass the audit
under the newly implemented NIS2 Directive.

This achievement marks a major milestone in Tresorit’s commitment to top-tier security
and regulatory excellence, giving clients greater confidence in the protection of their
data.

About the NIS2 Directive and the audit requirement

The Network and Information Security Directive 2 (NIS2) is the European Union’s
updated cybersecurity framework aimed at raising the level of cyber resilience across
critical sectors. Under the NIS2 framework, designating a primary jurisdiction allows
multinational companies to undergo a single, comprehensive compliance audit, the
results of which are recognized across the EU.

Why it matters

Compliance with the rigorous NIS2 framework reinforces Tresorit’s position as a
trusted solution provider for secure digital collaboration, particularly for
organizations in highly regulated sectors.

While Tresorit already holds ISO 27001 certification, NIS2 required a more
granular, demanding approach — with over 2,000 elementary requirements in
different domains defining exact, step-based procedural operation and – even
low level, system-based configuration settings, drawn from more than 3,000
pages of regulation, laws, and guidance documents.

Ernst & Young concluded that Tresorit was exceptionally well-prepared, noting that the
company’s methodology was exemplary and that it is significantly ahead of peers in
terms of readiness and implementation.

What's next?

During the audit, both Tresorit and the auditors identified areas for further development,
underscoring that compliance is an ongoing journey rather than a one-time event. As
with ISO 27001, NIS2 will require continuous monitoring and regular audits, establishing
it as a permanent component of Tresorit’s information security management system.

About Tresorit

Tresorit provides trusted content collaboration solutions that are intuitive and secure by design. Its seamless, all-in-one platform offers end-to-end encrypted data storage, file sharing,
collaboration, data rooms, and e-Signatures — enabling teams, departments, and solopreneurs
to work efficiently with colleagues, clients, and partners. To support compliance across regions and industries, Tresorit offers flexible data residency options, allowing organizations to choose where their data is stored.

Trusted by over 11,000 organizations worldwide, Tresorit holds a range of internationally
recognized certifications — including ISO 27001 and Common Criteria — underscoring its
commitment to the highest standards of information security and privacy. Tresorit is part of Swiss Post.