We all have digital lives that need to be protected and safeguarded against hacks and data leaks.
We don’t let strangers into our homes because of privacy. Our data is private too. When it comes time to share it, encryption is the best way to protect our digital lives from would-be hackers. It protects our privacy from people that we don’t want to read, view, copy or disseminate our private data. With encryption, anyone who would try to view it unauthorized, would see only unintelligible random characters.
We use SAS70 type II / SSAE16 compliant data centers to ensure that private data is protected. It is the industry gold standard for the robust delivery and security of data. Not all data centers are able to meet such strict standards. Learn more about SAS70 and SSAE16.
Life Cycle Encryption Keys
We take extra steps with encryption to protect our customer’s data. One of the major security concerns around encryption is managing the keys used to encrypt and decrypt the data.
Key Life Cycle – Best practice calls for rotation of encryption keys. Our encryption process uses unique keys for every transfer and the keys are only valid for the life of the data (defined by the customer). Encryption keys are never re-used.
Key Storage – SendThisFile does not store encryption keys used to encrypt customer’s data. The keys are derived from multiple sources, but never stored.
Key Location – Each encryption key is derived from multiple unique data sources. These data sources for the life cycle keys are maintained in a completely separate data center from any files being transferred.
Automated data handling by our file system ensures that your files remain under your full control. At no time do we view or otherwise access your data. Once a file has reached its expiration date, our system automatically and permanently deletes the file from our servers. All available file storage space is constantly being utilized by the file system, and the storage space that once held your file is rewritten to hold new files as they are uploaded to our servers. We do not back up customer files, so you are in complete control of all copies of your files at all times. Your privacy is ensured.
Proprietary Deletion Process
SendThisFile takes the handling of customer data seriously. From the time the upload of the file starts, we take all means possible to protect the data all the way until it is completely removed from our system. Each data object that the customer sends is encrypted and has a set time to live on our system. When it comes time to expire the data, we utilize a proprietary deletion process to completely and securely wipe the data from our system. Simple deletions of this data would be unacceptable, so we take several steps, including making multiple passes over the data with random data, to render it unrecoverable. There are no tapes or other backups. You can have peace of mind, your transfer was secure, complete and private.
All data transmissions are protected using military grade 128-bit Transport Layer Security (TLS) encryption. This ensures that your data is never exposed during transport from your computer to our data center. In the unlikely event of data being intercepted during transport, our end-to-end TLS encryption ensures your data is unreadable.
Every SendThisFile account holder is required to sign-in using a Hypertext Transfer Protocol Secure (HTTPS) enabled browser, thereby protecting the password and user ID login information from electronic eavesdropping. No user may access an account without a unique, registered user ID and password. HTTPS connections are used to secure web payment transactions, and for other highly sensitive transactions that occur between computer systems and servers. HTTPS ensures a secure pathway is created over the Internet, wherein multiple systems interconnect and pass information between each other.
To further protect your data, every SendThisFile paid plan has the option to password protect file download links. Password protection has the primary advantage of limiting file access to only the party with whom you wish to share the file. With password protection enabled, no one may download your file without the correct password.
We prefer the highest level of data sensitivity, so we encrypt your files while they are stored on our server. This extra security measure protects your data in the extremely unlikely event of unauthorized access to the data servers. Even if an intruder could access your data, it would be encrypted using military-grade 256-bit Advanced Encryption Standard (AES) security.
In addition, our application allows the option to use many advanced security features. Secure Simple Mail Transfer Protocol (SMTP) allows you to use your preferred email system to deliver our automated notification email in a secure manner. Also available are advanced administrator controls for customization, and even isolated file storage to ensure that there is no intermingling of data.