You aren’t the only one who wants to see your data

There are plenty of people who want to and are able to steal your data for their benefit and your demise. Hackers, scammers, careless or malicious employees, unethical cloud service staff, and curious government agencies have all been caught compromising confidential data in the cloud.

Tresorit keeps unauthorised eyes off your files.
Even our employees can’t peek.

16 million Americans become victims of cyber fraud every year! Don’t be a victim. Know how your cloud data can be breached, and know how to protect yourself, your business, and your customers with Tresorit.
It’s easier than you might think.

Safer than “Safe”: Client-side encryption for Zero-knowledge cloud service

Tresorit's zero-knowledge privacy technology gives you maximum protection and still lets you comfortably share, collaborate, and stay productive. Without zero-knowledge technology security is a real problem. Read on to see how unsecure cloud storage services leave you at risk of harm and how the unbeatable security of Tresorit keeps you safe.

The unsecure
model

Dropbox, Box, Google Drive and others claim that your data is “safe”, but they don’t protect your files the way we do. They may encrypt your data but they have the encryption key and the files get decrypted on their servers every time they are accessed. Their administrators can see your files, and so can anyone who manages to gain access to their systems.

The encrypted
model

Tresorit's client-side encryption technology secures your files on your device with some of the highest grade encryption methods available and your files can’t be decrypted in the cloud. This makes them safer than “safe”. No one else has the decryption key, not even Tresorit administrators. Only you and those who you share with have access.

One or two levels of protection during transfer, which do you think is better?

For your files to be available in the cloud, they first have to get there. During upload, they can be vulnerable to malicious attack.

The unsecure
model

Most major cloud providers use SSL or TLS tunnels to protect files in transit to and from your computer. That’s good, but your files are decrypted on the server side. No server software, especially no server administrator is perfect. Your files are at risk of eavesdropping once it arrives to the server.

The encrypted
model

Tresorit sends files to the server with TLS, the successor to SSL. In addition to that, by using client side encryption first, your data enjoys another level of security, preventing even the slightest chance of spying on files during transfer.

Keeping encryption keys on the server is like storing your car keys in the ignition.

Files on cloud servers are quickly accessible anytime, anywhere. That’s great. But what happens to them when they are no longer under your control? This is the achilles heel of most cloud storage, and the strength of Tresorit.

The unsecure
model

Unsecure cloud storage services either don’t encrypt your data on their servers, or they store the encryption keys or your password on their servers. This is usually referred as at-rest encryption, which is misleading for the end-user, because users might think it is a sufficient encryption method.

Since hackers are more likely to attack the core of a service rather than individual users, this means that if they get in, everyone’s data is exposed.

Non-encrypted storage reduce costs, and allows for searching, indexing, and data mining. For example, cloud services can save space by storing duplicate files just once, even if those files belong to completely unrelated users.
Their costs and convenience comes before your security.

The encrypted
model

By using Tresorit, your files remain encrypted, so no one, not even Tresorit staff, is able to decrypt your files to see, steal, or modify them.

Naturally, we take our core security very seriously, but even if it were to fail, your data would still be safe since all anyone can see on the servers is random bits of data.

We also free ourselves from the hassle, and you from the risk, of local government entities requesting access to your data. We simply have no possible way to open our clients data for government examination.
At Tresorit, your security comes first.

Sharing is caring,
but be sure who you are sharing with!

Sharing and collaborating on files is probably the biggest reason why most people and organizations love cloud storage. But from granting permissions to permanently revoking them, sharing is also a big security and technical problem. Tresorit has solved it.

The unsecure
model

There are scenarios where hackers can masquerade as valid users. This is called spoofing. Two-factor authentication can help, if users choose to use it: it’s almost always optional and you can’t control if the person you are sharing your data with is using it or not.

Furthermore, when you want to stop sharing files, it’s fairly easy to do so with other services, but since they were never adequately encrypted in the first place, the fact that they were shared creates a greater threat of unauthorized access even after the sharing permission is revoked.

For complete security files should be encrypted on the client side, and then re-encrypted on the client with new keys when they are first modified after permissions are revoked.

The encrypted
model

Tresorit uses a complex method of verifying the identity of users who share encrypted files called the ICE protocol. You are effectively verifying the identity of your collaborator before they can securely access the data.

This is a non-optional form of two-factor authentication which uses client certificates instead of the optional methods used by other services where codes are sent to, or generated on, a mobile device.

The Tresorit method gives you the freedom to reliably stop sharing the information at any time.

But revoking permission is not enough. It is also necessary to re-encrypt the data. Tresorit does that. Both at the root level of your account and for each individual file.