Business processes with privacy in mind
The GDPR requires that all organizations design and implement workflows and processes with privacy by design and by default. This means that your business should prioritize data protection from the very beginning of setting up new processes. Data protection should be an essential part of all services and not an extra option you add later.
- Tresorit's end-to-end encryption is built-in and automatic. You don't need to bother with add-ons or integrations for client-side encryption or key management. Privacy of your data is guaranteed from step one.
- Protect your data within your team and when sharing information externally. Tresorit’s web-based sharing solution enables sharing files, folders, and tresors securely with anyone. Files and folders sent via link have the very same end-to-end encryption and integrity protection as files synchronized with Tresorit. Password protection, download limit, and expiry date provide further protection for confidential documents. Recipients don’t need to have the Tresorit app installed on their device. Decryption happens in the browser.
- Secure email attachments: With Tresorit, you can replace unsecure email attachments with Share Links and File Requests that are password-protected, have an expiry date and can be revoked at any time, even after sending. This enables more controlled sharing and receiving of personal, confidential data with between your team and external parties.
- Set up and enforce internal security policies with the Admin Center: With Tresorit, you can make sure that everyone on your team is on the same page when it comes to using crucial data security tools and processes such as 2-factor authentication or secure sharing of personal data.
Protect data against unlawful processing, loss & exposure
Tresorit combines end-to-end encrypted file management and data governance tools to help your business protect personal data from exposure and loss.
- End-to-end encryption: Tresorit's end-to-end encryption guarantees security for your personal data in case of a data breach. Even in case of a breach, only unreadable, encrypted files can leak, protecting the personal data stored in them against exposure.
- File restore and versioning: File Restore helps you recover files lost due to a ransomware attack or accidental deletions.
- Client-side integrity protection: ensuring the integrity of files is crucial for GDPR compliance. Tresorit guarantees that the files' content cannot be modified without your knowledge, even if somebody hacks our system. Tresorit clients apply a Message Authentication Code (MAC) to each file’s content, with a key known only to the user’s client and those they share the file with, but not by the server. Tresorit uses HMAC-SHA512 with a random key for each different file, and encrypts local profile files in GCM mode, which provides the same security with higher performance.
Prevent unauthorized access
Unlike mainstream file sync services, Tresorit's built-in end-to-end encryption guarantees that even in case of a server-side breach, personal data stored in the cloud is secure from exposure. As Tresorit doesn't store encryption keys and file contents in plain text on the server-side, even if hackers access your files they will not be able to read their contents. This way, no data breach is taking place, as only the unreadable data is leaked. You don't have to notify your users about this incident.
- Zero-knowledge service. Tresorit never transmits or stores files, encryption keys and user passwords in unencrypted or unhashed form. Due to the strength of Tresorit’s end-to-end encryption and security, breaking this protection would take several human lifetimes.
- Account security with PKI: With Tresorit, your team members accounts are protected with a zero-knowledge authentication method. When you register, your Tresorit client generates a 160 bit cryptographic random salt, which, combined with your password, is iterated 10,000 times with PBKDF2-HMAC-SHA1. Tresorit uses Public Key Infrastructure (PKI) to authenticate each Tresorit user and their devices, without storing any information about their passwords. This enables more secure collaboration and device management.
- Access control with the Admin Center. Beyond encryption, you can easily manage granular permissions to your confidential and personal data.
Tresorit's encryption and decryption are done on the client-side. Unlike with server-side encryption applied by the majority of cloud storage services, no one is able to access and read the stored personal data, except for the owner and users authorized by the owner. This minimizes the risk of decrypting personal data in case it gets to wrong hands due to a data breach. Thanks to these, personal data is not threatened and the GDPR's data breach notification requirements do not apply. Even if the encrypted files including personal data leak from Tresorit's servers, it is infeasible to decrypt them and get access to the personal data.
Tresorit's end-to-end encryption is performed with a fresh, randomly generated 256-bit symmetric key chosen by the client-side application. The encryption algorithm Tresorit applies is AES256 in CFB mode.
Each file version gets a fresh, randomly chosen 128-bit IV in order to guarantee semantic security. Encryption keys of files and directories are changed from time to time, using a so-called “lazy re-encryption” scheme. This means that after the group’s membership changes, the encryption key is regenerated the next time a file’s contents change (see patent US9563783).
This guarantees that if you remove somebody from a group you shared files with, they will not be able to decrypt any new information they did not have access to before their removal. In the meantime, you don’t need to re-encrypt everything right away, saving computing resources and time.
Files & encryption keys separated
The GDPR doesn't specify encryption methods, however, in order to effectively protect personal data against decryption during a data breach, encryption keys should be controlled by the end-user and encryption should be done on the client side and not in the cloud (see ENISA's position). Tresorit's encryption guarantees this.
Tresorit's encryption is based on standard public key cryptography that has been thoroughly analyzed by experts and declared secure. Public key cryptography guarantees that even Tresorit cannot access the shared keys, we don't store them in our servers in an unencrypted format. This key sharing is based on RSA-4096 with OAEP padding scheme (see RFC2437), used in group mode, and PKI certificates, combining it with a tree of symmetric keys. The latter guarantees that public key cryptography calculations, which are thousands of times more resource-intensive than symmetric ones, are minimized to save you CPU power - without weakening the system’s security.
Private keys are generated on the client-side, and encrypted in your profile. Proactively, your client refreshes your keys every 3 months. Public keys are distributed automatically upon sharing by Tresorit, using anonymized PKI certificates.
Anonymized PKI certificates protect your privacy, because they do not contain any personal information except for your email address. Anyone who would like to share a tresor with you will only get access to your personal information if you consent to it by accepting the invitation.
When working together, encryption keys that can decrypt shared files need to be shared between collaborators. Tresorit’s patented protocol ensures keys are shared automatically, without revealing them to anyone who has access to either the network or the servers.
Internal security policies
Tresorit's central Admin Center allows you to set up a range of security policies to maintain control over how your team members manage personal and confidential data. The Admin Center enables you to create groups and every group can have different policies and permissions. Only the Account Owner and Admin(s) of a Business plan can set these permissions.
- 2-Step Verification: The Account Owner can make it mandatory for the members of a group to set up 2-Step Verification. The members can choose the type of the verification, but it is obligatory to choose one for themselves.
- IP filtering: Using the IP filtering you can limit the access from different locations. By default, all the IP addresses are allowed.
- Timeout policies: With the help of the Timeout policies, the session, and login length can get limited.
- Allowed Devices: By default, users in your Business account can access their files stored in Tresorit from all devices. However Admins have the options to remove a type of a platform from this selection.
- Sharing policies: Admins have the right to limit which groups can create, sync or share tresors or Links. With that option you can prevent accidental leaking of personal data to wrong hands.
Granular permission levels
Tresorit allows both business administrators and users to sync & share Tresorit folders and files by setting up granular permission levels to their contents.
- Create Tresorit folders for team collaboration, set up access levels: Access, share and work on team folders and files. The GDPR requires that only those who need to work with personal data should have access to them. Share items containing personal data with only those who require it for their job, e.g. your finance team needs access to email addresses and bank account numbers, but your developers don't. With Tresorit, you can easily control who sees what in your organization.
- Manager, Editor and Viewer permissions: Tresorit enables you to set up different granular access levels for your folders and files: Manager (can share, modify and read the content), Editor (can modify and read the content) and Viewer (can only read the content). This way you can prevent accidental leaks of personal data, and also ensure the accuracy and integrity of data by not allowing certain people to modify data that needs to be protected.
- Create groups with different access with Policy templates: Define a set of users with different access levels to specific features by using Policy Templates. Users on one Policy template will have the same set of permissions and user can only belong to one template. The owner of the Business Account and co-admins can create new templates and change the settings of already existing ones.
Central control over data
Tresorit's Admin Center is a central dashboard to control file management in your organization. It helps you oversee what what happens to files stored in the cloud within your company and thus comply with GDPR's strict requirements on data protection policies. Besides managing the subscription, like inviting new users and taking care of the billing, they also have an overview on how their team uses Tresorit.
- Account overview, audit trail and activity logs: Oversee the most important user statistics such as the number of tresors created and used, devices, web sessions and used space.
- Oversee IP addresses: Access a list of browsers and IP addresses that were used to sign in to Tresorit Web Access. Each session can be unlinked and removed from the list.
- Manage company devices: Easily add or remove company devices in case you have new colleagues or when an employee leaves the company. It also helps mitigate the risks of data loss in case of lost or stolen devices.
- Manage users and roles: Add new users, set up access levels and roles.
- Set up policies: Keep your company data in check by assigning custom policies to different teams and departments.
- Reset user passwords with advanced Control: Advanced Control enables admins to reset user passwords and revoke access from a device, in case it is lost or when an employee leaves the company.