Data Security

How Tresorit ensures data security and compliance for PayePass

Tresorit – Secure cloud collaboration, made easy

Tresorit, used by 10,000 + businesses, is a global class leading and multiple award-winning file sharing provider which means all PayePass clients can be safe in the knowledge their data is secure.

Try Tresorit with PayePass to see how easy it is to use then consider using it for your business, or just go straight to Tresorit for a free trial to experience its benefits. Even with all its features, pricing is not all prohibitive even for small businesses.

Awards

End-to-end encryption

Using end-to-end encryption, Tresorit encrypts every file and relevant file metadata on your devices with unique randomly generated encryption keys. These keys are never sent to our servers in an unencrypted format. Accessing files is only possible with a user’s unique decryption key.

Zero-knowledge authentication

Tresorit uses an authentication scheme in which your password never leaves your device, keeping you in control of your most confidential security information.

Cryptographic key sharing

Tresorit is based on industry-standard public key cryptography that has been thoroughly analysed by experts and declared secure. Public key cryptography guarantees that even Tresorit cannot access the shared keys. This key sharing is based on, among others, RSA-4096 with OAEP padding scheme (see RFC2437) and PKI certificates, combining it with a tree of symmetric keys.

Client-side integrity protection

Tresorit guarantees that a file’s content cannot be modified without your knowledge, even if somebody hacks our system. Tresorit clients apply cryptographic authentication (in the form of HMAC or AEAD) to all encrypted data. The key is only known to the user’s client and those they share the file with, but not the server.

Swiss privacy laws

Tresorit handles data under Swiss privacy laws that provide more substantial protection than similar laws in the US or even the EU.

Non-convergent cryptography

Only a few providers offer end-to-end encryption, but some of these sacrifice confidentiality by using so-called convergent cryptography. The non-convergent cryptography used by Tresorit makes it impossible to determine when your content matches others’ content in the cloud, which could leak valuable data about you to outside observers.

Compliance

ISO 27001

Tresorit has certification for compliance with ISO 27001:2013. Tresorit was audited and certified by TÜV Rheinland, an independent third-party auditor. Our compliance with this internationally recognized standard and code of practice is evidence of our commitment to information security at every level of our organisation.

GDPR and DPA

The GDPR highlights encryption as one of the technologies to ensure data protection and compliance. With Tresorit’s end-to-end encryption technology, your encryption keys that unlock your data are stored on the client-side, on your device. Unlike in-transit or at-rest encryption, only you and those you share with have access to the information.

HIPAA

With its zero-knowledge, end-to-end encrypted technology, Tresorit offers a HIPAA compliant cloud storage solution. Tresorit signs HIPAA Business Associate Agreements (BAA) with customers seeking HIPAA compliance to safeguard Protected Health Information (PHI).

CCPA

The California Consumer Privacy Act is the newest regulation in a world-wide push for increased data security. The CCPA is the first such law in the US and came into force on January 1, 2020. Any entity that handles the data of residents of California must abide by its guidelines. As a champion of privacy, Tresorit has supported the CCPA since its inception and can help companies remain compliant.

Control

Define security policies

The owner and admins of a Tresorit Business Account can apply policy templates to a set of users and create different policies for each template. Also, the admins can modify these policies at any moment. Policy templates include 2-Step Verification, IP filtering, Timeout policies, Allowed Devices, and Sharing Policies.

Monitor devices and user statistics

Admins can monitor and decide which devices are allowed to be used to access files within your company, and where users are allowed to log into their company account from to safeguard business-critical documents.

Revoke access from users and devices

Tresorit Advanced Control enables Tresorit Business admins to enhance their organization’s security by resetting their users’ lost passwords and revoking access from lost or stolen devices.

Productivity

Making remote work safe

Tresorit includes several functionalities to safeguard your data when teams work from home or anywhere else. Access to files and tresors can be controlled at a granular level, ensuring only those files are only accessible to those that need them. Previous versions and deleted files can be restored quickly, ensuring no information is lost. Detailed reporting allows admins to see who had accessed files and when.

Secure external collaboration

Secure external collaboration with partners, especially in privacy-critical industries, such as law or healthcare, is vital. Tresorit ensures all data remains encrypted even when shared with partners. Support productive collaboration with shared data rooms. File downloads can be limited, and access revoked at any time. Tresorit also helps ensure that all external communication remain compliant with data privacy regulations.

Single sign-On

With a massive increase in the number of cloud services used by organizations, there is an increased security risk associated with the reuse of passwords and the differing security of the solutions used. SSO integration with Azure AD and Okta allows one-step sign-in to Tresorit for your employees and streamlined administration for your admins.

Integrations

Tresorit includes a range of integrations to support your productivity. Replace risky email attachments and generate end-to-end encrypted secure links directly in Outlook with the Tresorit plugin. Or connect your directory service to our Active Directory integration to synchronize users and Tresor memberships.

Using Tresorit for your business​

Try Tresorit with PayePass to see how easy it is to use then consider using it for your business, or just go straight to Tresorit for free trial to experience its benefits. Even with all its features, pricing is not all prohibitive even for small businesses.

* PayePass does not receive any financial incentive for making its recommendation to use Tresorit, nor any click through via this website.