Cloud Storage Security Comparison

Every cloud storage service claims that keeping your data and documents safe is their top priority. But can you trust them?

Google Drive
Encryption & security
Encryption at rest and in transit
End-to-end encrypted storage
End-to-end encrypted sharing
Zero-knowledge authentication
2-Step Verification
HIPAA Compliance
Server location
Storage & file management
Sync any folders
Desktop sync app
Linux sync app
Network Drive
Selective Synchronization
Edit files on mobile devices
Automatic Camera Upload
Remote wipe of mobile devices
Passcode Lock on mobile devices
Cross-Device Support
Android & iOS only
Mobile App Rating
Zero-knowledge access from browsers
Unlimited file versioning
120 days only
5 versions only
Deleted file recovery
Coming in 2017
120 days only
30 days only
Outlook integration
Live, in-app collaboration
Controlled sharing
Granular permission levels for collaborators
Password protection for links
Expiration date for links
Download limits for links
Digital Rights Management
Admin console
Company-managed groups
Device restriction policies
IP-restrictions policies
Active directory integration
Support center
Live chat support
Deployment support for SMBs
On-premise deployment
Custom branding

Based on publicly available information. If you have an update or suggestion for the comparison table, please let us know at

Protect confidential files in the cloud with end-to-end encryption

There are plenty of people who want to and are able to steal your data for their benefit and your demise. Hackers, scammers, careless or malicious employees, unethical cloud service staff, and curious government agencies have all been caught compromising confidential data in the cloud. Dropbox, Box, Google Drive and others claim that your data is “safe”, but they don’t protect your files the way we do. They may encrypt your data but they have the encryption key and the files get decrypted on their servers every time they are accessed. Their administrators can see your files, and so can anyone who manages to gain access to their systems.

Tresorit's end-to-end encryption technology secures your files on your device with some of the highest grade encryption methods available and your files can’t be decrypted in the cloud. This makes them safer than “safe”. No one else has the decryption key, not even Tresorit administrators. Only you and those who you share with have access.

Decide how much security you need

Is your cloud storage secure? Is your cloud storage secure?

Is your cloud storage secure?

For all the advantages of the cloud, there are some security vulnerabilities too what you have to be aware of.

Cybercrime is on the rise. Government surveillance programs fill headlines. There are more ways to leak business data accidentally than ever before. All the while, your employees don’t take the necessary steps to protect company data. Small businesses face the biggest risk. They lack sophisticated protection, and rarely take necessary steps to prevent a breach. According to a Ponemon Research, only 36% of small business owners have data security policies in place. All major cloud storage services claim to be secure. But they don’t tell you that there can be huge, practical difference between one method of security and another. Cases in point are the difficulties Dropbox faced recently, when millions of account details were allegedly breached through its integration with third party apps. Google Drive itself has had trouble ensuring user privacy. Its privacy policy states Google can “use, host, store, reproduce, modify, create derivative works, communicate, publish, publicly perform, publicly display and distribute (your) content”.

When do you need security in the cloud?

  • If you store strategic documents, high-value intellectual property
  • If you store information which, if leaked, could affect your reputation
  • If you handle sensitive client data like health records or card information
  • If you work in an industry which regulates how data should be managed
  • If you work in an industry frequently targeted by cyber criminals
  • If you feel government agencies should not be able to access your data

Protect your files with encryption

Use end-to-end encryption

Use end-to-end encryption

Unlike other services, Tresorit never stores files and passwords in unencrypted or unhashed form.

Tresorit provides a novel approach to secure cloud storage by using end-to-end encryption. We believe you should never have to ‘trust’ a cloud server. With Tresorit you don’t need to.

Using end-to-end encryption, Tresorit encrypts every file and relevant metadata on your devices with unique, randomly generated encryption keys. These keys are never sent to our servers in unencrypted format. Accessing files is only possible with a user’s unique private decryption key. Also, unlike other services, Tresorit never transmits or stores files, encryption keys and user passwords in unencrypted or unhashed form. Due to the strength of Tresorit’s end-to-end encryption and security, breaking this protection would take several human lifetimes. This is why we can never recover forgotten passwords, or hand over your data without your consent in case of a legal inquiry.

  • Strong encryption at rest and in transit

    Most data management regulation sets a minimum “key strength” of encryption at rest on the provider’s servers and in transit. However, neither protective layer guarantees your provider will keep your data safe in case of a bug, subpoena or the data collection by a government agency.

  • End-to-end encryption during storage and sharing

    Encrypting data before it leaves your device prevents your provider - or anyone with access to their systems - from viewing the files you store or share. It is the only known protection against your own service provider, ensuring it cannot comply with subpoenas or government surveillance.

  • Data storage outside the USA

    Edward Snowden’s revelations about government spying showed that storing data with US-based providers opens ways to access your data without your consent or knowledge. Strict privacy law in the European Union or Switzerland grants you much higher legal and practical protection. Being disaster proof and protected by 24/7 physical security, Tresorit's datacenters are also compliant with HIPAA, ISO27001:2013 and a host of other certifications.

Work from anywhere and edit files on the go

Access files anywhere securely Access files anywhere securely

Access files anywhere securely

Tresorit's mobile apps come with built-in end-to-end encryption and additional control features.

The need for accessing company documents anywhere often motivates the move to the cloud. The question is – do you need to edit files or collaborate on the road? Or are you content with only working from the office computer? With Tresorit, you can enjoy enterprise-level data security from any mobile devices or browser. Using Tresorit's browser version and mobile applications, you can access and edit files offsite, where no company computers are available. This also lets you support a Bring Your Own Device policy to provide access on devices that don’t belong to the company. With the remote wipe feature, you are able to run the risk of losing devices which store important data, by remotely deleting any confidential files store in Tresorit.

Tresorit mobile apps are available for iOS, Android, WindowsPhone and Blackberry and have a high rating by users highlighting the advanced security and ease of use. Use Tresorit's mobile apps, to:

  • Applications available for all platforms you use

    With Tresorit, you can work securely from anywhere you want, across offices, and on the road. Upload and access your files with zero-knowledge encryption from any desktop and mobile device using Windows, macOS, Linux, Android, iOS, Blackberry and Windows Phone.

  • Edit and sync files from mobile apps

    While some providers don’t allow you to edit files on mobile devices, with Tresorit you can open and edit any files on your phone or tablet.

  • Account security for mobile devices

    Additional layers of security is added to all Tresorit accounts to prevent unauthorized access in case a device is lost or stolen. This includes 2-Step Verification, a passcode lock and the ability to wipe a data remotely.

Why to use Tresorit on mobile?

  • Access all your data from Tresorit on the go.
  • Browse the folders and view files directly from Tresorit.
  • Save photos and videos automatically to Tresorit, using your devices' built-in camera
  • Star your favorite files for offline access. Starred files will be always available.
  • Share folders or files. Send file links using email, text messaging or other channels.

Share files and collaborate with others

Share files securely Share files securely

Share files securely

Tresorit makes secure file sharing easy with anyone inside and outside your company

Some businesses only need to backup their data and access it occasionally on the road. But when you work with colleagues on the same file, looking through dozens of email attachments to find the latest version can get old. Tresorit's patented end-to-end encryption technology protects your files whenever they leave your device. Only you and those who you share with can access the content.

Granting limited access to some collaborators can mean the difference between a breach and smooth collaboration. Modifying or revoking permissions at a moment’s notice ensures you react to changing circumstances. User roles define the set of permissions granted by the owner of the tresor to invited users with whom the tresor is shared. Each invitee can be granted a role among the set of manager, editor or reader. As different roles allow rather different user actions in relation to the shared tresor, it is vital to think carefully about what role a user might be granted. In order to maximize customizability, user roles can be changed by the owner of tresor at any time.

  • Collaborate in encrypted team folders

    Set up shared team folders and decide who can manage, add, edit or view your data. Your team can securely access up-to-date files via browser, any desktop or mobile device - no matter where they are.

  • Share easily with clients, partners and other teams

    Create download links to share files or folders with people outside your company. Keep control with download limits, expiration dates and password protection. Replace email attachments with these secure links, so you can undo mistakes and restrain access by revoking the link.

  • Check activity feeds and version history

    When collaborating with others, seeing who’s doing what at a glance is useful, especially for larger teams. Services often couple this activity history with version history, so you can roll back to any previous version of a file easily.

Pro Tip

Tresorit Digital Rights Management (DRM) adds an extra layer of protection to files stored in Tresorit. From DRM enabled tresors, Editors and Readers are prevented from saving, printing, copying or taking screenshots of DRM protected files. Further, to prevent accidental disclosure of confidential DRM files, a DRM protected file attached to an email cannot be opened.

Control your whole organization in the cloud

Keep control of your files Keep control of your files

Keep control of your files

With Tresorit, you can define when, where, and by whom your business data can be accessed

Employees often put business data at risk by bringing their own, uncontrolled file storage and sharing solutions to the workplace. Using Tresorit can help you re-establish your control over critical & confidential data. Tresorit also lets you to have an activity & audit trail to your data to make sure you can comply with regulations or legal requests.

With Tresorit's administrative control, you can limit access to business data for certain employees or teams in your organization, while working with a team distributed across locations and active on several devices. The access policies combined with the granular sharing permissions let you ensure, that for instance, salary files can only be accessed by HR, accounting and the management, and it won't get to unauthorized hands.

  • Admin dashboard

    When managing a team or business, it’s imperative to see important stats like logins, devices used and accessed documents at a glance.

  • User groups

    Assigning users to different groups can help to control access to business data across your organization.

  • Access policies

    Deciding which devices should be used, and where users are allowed to log into the company account helps you to safeguard business-critical documents.

  • 2-step verification

    In addition to your password, 2-step verification provides a second, randomly generated, password. As your password is the key to your confidential files and data, it is highly recommended to secure it with an extra lock. Adding 2-step verification using voice call, text message, a dedicated authentication app, or email provides an additional layer of security that makes it way harder for hackers.

    As the administrator of your team's Tresorit account, you can make it mandatory for everyone in the team to set up 2-step verification when registering their Tresorit profile.

  • IP blocking

    Using IP filtering, your system administrators can define wanted or unwanted access locations to business data. That way, he can limit data access to your office WiFi connection and block IP's from foreign countries. This can help in preventing staff accessing work accounts via insecure WiFi connections as well as malicious access from stolen devices or user credentials.

    As the administrator of your team's Tresorit account, you can whitelist the IP addresses of your company premises, to make sure, that files in your Tresorit account can't be accessed outside your office.

  • Unlink devices

    You can’t find your device but remote wipe is not an option? Then unlink it from your most important business and social media accounts. Unlinking a device gives you the peace of mind that nobody can access your accounts and cause additional damage from it. Usually, you can find this setting in the security management of your online accounts.

    As the administrator of your team's Tresorit account, you can unlink devices what will make the Tresorit account remotely logged out, to make sure people are not able to access it.

The key benefit to having users in your Admin Center is that you can monitor their activity, while controlling what they can, and can’t, do. For example, under GROUPS and POLICIES, you can restrict devices used to access Tresorit, enforce 2-Step Verification, setup IP filters, turn off the ability to create Encrypted Links, deactivate “Remember me,” turn-off Sharing, prevent tresor creation, deactivate synching, and enforce Timeout policies. New settings are regularly being added to GROUPS and POLICIES, so be sure to familiarize yourself with this aspect of Tresorit.

Once a policy is created under GROUPS and POLICIES you can assign it to individuals in your account under USERS and DEVICES. For every user there can be a unique policy. The rules set up under GROUPS and POLICIES can be changed at any time.

Additionally, from the Admin Center you can remove and add users as needed, and within seconds. If a user loses a device, you can remove their account by unlinking it; this immediately results in the account being logged out. For mobile devices removing a user also performs a remote wipe, deleting all locally stored files.

How does Tresorit compare to other cloud storage & sharing services?

Switch to end-to-end encryption

How does Tresorit compare to other cloud storage & sharing services?

Tresorit makes it physically impossible to access your files without your authorization.

Don't let Dropbox and others decide who can see your files. With end-to-end encryption you don't need to blindly trust your cloud provider. It would take a 1000 years to break the encryption of Tresorit.

Dropbox, Box, Google Drive and others claim that your data is “safe”, but they don’t protect your files the way Tresorit does. They may encrypt your data but they have the encryption key and the files get decrypted on their servers every time they are accessed. Tresorit's zero-knowledge end-to-end encryption technology gives you maximum protection and still lets you comfortably share, collaborate, and stay productive. Without zero-knowledge technology security is a real problem. Unsecure cloud storage services leave you at risk of harm and how the unbeatable security of Tresorit keeps you safe.

Tresorit is more secure than Dropbox, Google Drive, OneDrive and others

Dropbox, Box, Google Drive and others became popular years ago, when data security threats were not as prevalent as they are today. They claim that data is “safe” with them, but they don’t protect your files the way we do. They may encrypt your data but they have the encryption key and the files get decrypted on their servers every time they are accessed. Their administrators can see your files, and so can anyone who manages to gain access to their systems.

Using Tresorit your files will be completely secure. End-to-end encryption means you hold the keys to your data. You have total control over shared documents.

Tresorit’s main difference compared to Dropbox, and other mainstream cloud storage services, is the ability to turn any folder on your device into a secure “tresor.” What this means is that you do not have to drag and drop files into a special sync folder. Instead, you can drag any folder from its existing location on your computer into the Tresorit app to “tresor it.” This is especially convenient if you’re digitally organized and you’d prefer not to rearrange your files into one sync-able folder.

Tresorit is easier to use than other encrypted cloud services

Only a few providers offer client-side file encryption. The most popular is SpiderOak. But, SpiderOak has two main flaws:

  • It is universally hard to use. This is attested to by reviewers on major tech sites and app store reviews.
  • It cuts corners when it comes to security.

Additionally, SpiderOak is not zero-knowledge when used on mobile devices or a web-browser. By using so-called convergent cryptography, they sacrifice confidentiality to save storage space. Convergent algorithms enable SpiderOak to determine when your content matches the content of others in the cloud. This can leak valuable information about you to outside observers. Read more about how Tresorit compares to SpiderOak.

Tresorit provides you with built-in protection

Services like Sookasa, Viivo, BoxCryptor and Ncrypted cloud have three main disadvantages when compared to Tresorit:

  • Your users need to use two different services for adequate security, which often leads to accidental mix-ups that reveal sensitive data – e.g. copying documents in or to the basic cloud storage folder instead of the encrypted one;
  • As complete encrypted folders need to be downloaded before a single file can be accessed, there’s no way to share securely with someone who doesn’t have exactly the same bolt-on encryption setup. For example, you can’t share a Viivo encrypted folder with someone using Boxcryptor, even if you both use Dropbox for storage, so someone will need to change providers if you want to share securely;
  • You need to pay for, and maintain, two services instead of one.

Tresorit encryption takes place in the background. There’s no margin of error, as users don’t have to lift a finger. It’s also easy to share files securely with others, even if they don’t use Tresorit.