Cloud Storage Security Comparison
Every cloud storage service claims that keeping your data and documents safe is their top priority. But can you trust them?
Every cloud storage service claims that keeping your data and documents safe is their top priority. But can you trust them?
Based on publicly available information. If you have an update or suggestion for the comparison table, please let us know at firstname.lastname@example.org.
There are plenty of people who are both willing and able to steal your data for their own benefit. Hackers, scammers, negligent or malicious employees, unethical cloud service staff and snooping government agents have all compromised cloud data in the past.
Dropbox, Box, Google Drive others claim that your data is safe but they don't protect your files the way we do. They may encrypt your data but they also have the decryption key. This means files are decrypted on their server every time they're accessed. Both the Administrators and anyone else with access to their servers can view your data.
Tresorit's end-to-end encryption technology secures your files on your device with some of the highest-grade encryption methods available. Your files can't be decrypted in the cloud. This makes them much safer. As you control the encryption key, no else can access it, not even Tresorit administrators. Only you and the people you choose can access your files.
Is your cloud storage secure?
For all the advantages of the cloud, there are some security vulnerabilities too what you have to be aware of.
Cybercrime is on the rise. Government surveillance programs feature regularly in the headlines. There are now more ways to leak business data accidentally than ever before. Despite all this, not all employees take the necessary steps to protect corporate data. Small businesses are most at risk, as they lack sophisticated protection and rarely implement measures to prevent a breach. According to research conducted by the Ponemon Institute, only 36% of small business owners have data security policies in place.
Use end-to-end encryption
Unlike other services, Tresorit never stores unencrypted files or unhashed passwords.
Tresorit provides a novel approach to secure cloud storage by using end-to-end encryption. We believe you should never have to "trust" a cloud storage provider. With Tresorit you don’t have to.
Tresorit encrypts files and their metadata (such as the filename) on your devices with unique, randomly generated encryption keys. These keys are never sent to our servers unencrypted. Files can only be accessed with the user's unique, private decryption key.
Unlike other services, Tresorit never transmits or stores files, encryption keys and user passwords in unencrypted or unhashed form. Due to the strength of Tresorit's end to end encryption and security, breaking this protection would take hundreds of years. This means we cannot recover forgotten passwords, nor hand over data to a third party without your consent.
Most data management regulations specify a minimum "key strength" for encryption while stored on a provider's servers and while in transit. However, neither of these will guarantee your provider can keep your data safe in the event of a bug, subpoena or data interception by a government agency.
Encrypting data before it leaves your device prevents your provider - or anyone with access to their systems - from viewing the files you store or share. It is the only known protection against your own service provider, ensuring they cannot comply with subpoenas or government surveillance.
Edward Snowden's revelations of government spying showed that storing data with US providers means your data can be accessed without your consent or knowledge. Strict privacy laws in the EU and Switzerland guarantee you much better legal protection. Tresorit's data centers are also disaster proof and are protected 24/7 by physical security. They're compliant with HIPAA, ISO27001:2013 and a number of other certifications.
Access files anywhere securely
Tresorit's mobile apps come with built-in end-to-end encryption and additional control features.
The need to access company files anywhere often motives a move to the cloud. It's entirely down to you to decide if you need to edit and collaborate on documents while traveling or if you're happy just using your office computer.
With Tresorit, you can enjoy enterprise-level data security from any mobile device or browser. Use Tresorit's browser and mobile applications to access and edit files offsite, when no company computers are available.
This allows you to implement a BYOD (Bring Your Own Device) policy, allowing access to devices that aren't owned by your company. The remote wipe feature allows you to take the risk of losing devices containing important data as you can simply remove access to confidential files remotely.
Tresorit mobile apps are available for iOS, Android, Windows Phone and Blackberry. They all have a high user rating which demonstrates their advanced security and ease of use. Some of the advantages of using Tresorit's mobile apps are:
With Tresorit, you can work securely from anywhere: across offices and on the road. Upload and access your files with zero-knowledge encryption from any desktop and mobile device using Windows, macOS, Linux, Android, iOS, Blackberry and Windows Phone.
While some providers don’t allow you to edit files on mobile devices, with Tresorit does allow this on your phone or tablet.
Additional layers of security are added to all Tresorit accounts to prevent unauthorized access in case a device is lost or stolen. This includes 2-Step Verification, a passcode lock and the ability to wipe data remotely.
Share files securely
Tresorit makes secure file sharing easy with anyone inside and outside your company
Some businesses only need to backup their data and access it occasionally on the road. However if you're working on the same file with your colleagues, searching through dozens of e-mail attachments to find the latest version can be very tedious. Tresorit's patented end to end encryption technology protects your files whenever they leave your device. Only you and the those with whom you share content have access.
Granting limited access to a certain number of collaborators can make all the difference between a data breach and simply working with colleagues on a file.
As you can modify or revoke permissions at a moment's notice, you can quickly react to changing circumstances. User roles define the permissions granted by the tresor owner to people with whom files have been shared.
Each invitee can be assigned the role of a manager, editor or reader. These roles determine what actions users can perform with a shared tresor, so you must consider these carefully. User roles can be changed by the tresor owner at any time.
Set up shared team folders and decide who can manage, add to, edit or view your data. Your team can securely access up-to-date files via their browser on any desktop or mobile device - no matter where they are.
Create download links to share files or folders with people outside your company. Maintain control through download limits, expiration dates and password protection. Replace email attachments with secure tresorit links, so you can undo mistakes and revoke access by removing the link itself.
When collaborating with others, seeing who’s doing what at a glance is useful, especially for larger teams. Services often couple this activity history with version history, so you can roll back easily to a previous version of a file.
Tresorit Digital Rights Management (DRM) adds an extra layer of protection to files. DRM enabled tresors prevent Editors and Readers from saving, printing, copying or taking screenshots of DRM protected files. DRM protected files attached to emails also cannot be opened.
Keep control of your files
With Tresorit, you can define when, where, and by whom your business data can be accessed.
Employees often put business data at risk by bringing their own file storage and sharing solutions to the workplace. Use Tresorit to help re-establish your control over critical & confidential files. Tresorit also maintains a data activity & audit trail which ensures you can comply with regulations and/or legal requests.
With Tresorit's administrative controls, you can limit access to business data to certain employees or teams in your company. This works even for team members who are in different locations and/or using multiple devices.
These access policies combined with granular sharing permissions ensure that data relating to staff salaries, for instance, can only be accessed by authorized parties such as HR, Accounts and Management departments.
The dashboard is vital for users managing a team or business. It displays important stats such as recent logins, devices used and accessed documents at a glance.
Assign users to different groups to help control access to business data across your organization.
Decide which devices should be used, and where users are allowed to log into the company account to safeguard business-critical documents.
The main benefit of seeing all users listed in your Admin Center is that you can monitor their activity as well as control what they can and can't do. For example, you can use "GROUPS" and "POLICIES" to restrict which devices can access Tresorit, enforce 2-Step Verification and set up IP filters.
You can also set up policies to create encrypting links, disable the "Remember Me" feature, turn off file sharing altogether, prevent creation of new tresors, deactivate syncing and enforce Timeout policies.
Make sure you take the time to familiarize yourself with this aspect of Tresorit.
Once a policy is created under GROUPS and POLICIES you can assign it to individuals in your account under USERS and DEVICES. Each user can have their own policy. The rules set up under GROUPS and POLICIES can be changed at any time.
You can also use the Admin Center to remove and add users as required in a matter of seconds. If, for instance, a user loses their device you can remove their account by unlinking it. Their account will log out automatically. For mobile devices, removing a user also activates a remote wipe which deletes all locally stored files.
How does Tresorit compare to other cloud storage & sharing services?
Tresorit makes it physically impossible to access your files without your authorization.
Don't let Dropbox and others decide who can see your files. With end-to-end encryption you don't need to blindly trust your cloud provider. It would take over 1000 years to break Tresorit's encryption.
Dropbox, Box, Google Drive and others claim that your data is “safe”, but they don’t protect your files the way Tresorit does. They may encrypt your data but they have the encryption key and the files get decrypted on their servers every time they're accessed.
Tresorit's zero-knowledge end-to-end encryption technology affords maximum protection while still allowing you to comfortably share, collaborate, and stay productive. Without this technology, security is a real problem. Use Tresorit's unbeatable security to remain safe.
Dropbox, Box, Google Drive etc. became popular years ago, when data security threats were not as prevalent as they are today. They claim that your data is safe, but don’t protect your files the way we do. They may encrypt your data but they have the encryption key and the files get decrypted on their servers every time they're accessed.
The administrators of other cloud services can see your files as can anyone who manages to gain access to their systems.
Use Tresorit to ensure your files are completely secure. End-to-end encryption means you hold the keys to your data. You also will have complete control over shared documents.
Another key difference between Tresorit and cloud storage providers like Dropbox is that it can turn any folder on your device into a secure "tresor". This means you don't have to drag and drop files into a special sync folder. Instead, just drag any folder from its existing location into the Tresor app to "tresor" it.
This is especially useful if you keep your digital files in various locations around your machine and don't want to arrange them into a single folder.
Only a few providers offer client-side file encryption. The most popular is SpiderOak. SpiderOak, however, has two main flaws:
Additionally, SpiderOak is not zero-knowledge when accessed via mobile devices or a web-browser. By using so-called convergent cryptography, the company sacrifices confidentiality to save storage space.
Convergent algorithms enable SpiderOak to determine when your content matches the content of others in the cloud. This can leak valuable information about your data. Read more about how Tresorit compares to SpiderOak.
Services like Sookasa, Viivo, BoxCryptor and Ncrypted cloud have three main disadvantages when compared to Tresorit:
Tresorit encryption runs in the background. There’s no margin of error, as users don’t have to lift a finger. It’s also easy to share files securely with others, even if they don’t use Tresorit.