Questions? Look here.  

Truly secure services, including ShareFile, use encryption protocols for sharing and storing files on secure data centers, or the cloud. A good secure file transfer software will have plenty of customizable features to allow you to add as much protection to your data as you need without making the way you work any more difficult.

A lot of industries, such as Healthcare, Insurance, Legal, Financial, Accounting and others, are regulated at a Federal, State or industry level by institutions and laws, including HIPPA, HITECH, FINRA, CFBP, state bar association ethics guidelines and more.

But legal requirements aren’t the only reason a business should consider using a service like ShareFile. Businesses that handle customer or client data should consider their reputation and the damage that could happen as the result of a data breach if they aren’t using a secure solution to protect files where they’re stored and when they’re shared.

You can trust online file sharing services that utilize advanced encryption methods to store and send your files. To select a safe online file sharing site, look for one that protects documents with SSL/TLS encryption protocols and uses multi-factor authentication. If you need to share files and are in a regulated industry, choose a file sharing service that supports your particular compliance requirements, such as HIPAA or FINRA.

This one probably comes up the most often with new customers. We usually say to think about an employee user as an internal user or someone who works for your company. On the other hand, a client user is an external user or someone using your ShareFile account that doesn’t work for your company.

For the most part, client and employee users will have a lot of the same functionality, but there’s a couple of differences. Mainly, client users can’t create root-level folders. But, you should keep in mind that they can still create subfolders if they have upload permissions for the main folder. Additionally, only employee users can use the Send a File and Request a File features in ShareFile.

All ShareFile accounts come with unlimited client users.

Any file type may be uploaded to ShareFile. Note: not all file types may be previewed.

The ShareFile system supports the upload and download of files up to 10GB or 100GB in size, depending on plan level.  If your upload process cannot be completed within 18 hours, ShareFile recommends breaking your upload into smaller segments.

RightSignature seamlessly integrates with ShareFile. You can send files stored in your ShareFile account to others for secure, legally binding electronic signature. With RightSignature, you pick where recipients need to sign or initial, and the simple, easy-to-use interface ensures that documents get every field filled completely. Once signed, documents are saved automatically back to ShareFile, so you never have to follow up with clients or chase down documents again.

The ShareFile Email Integrations allow you to insert links to files, upload and send new files, and request files directly from Microsoft Outlook or Gmail email messages. With ShareFile links you can avoid email bounce back or annoying file-size restrictions.

Our native application available for both Mac and Windows, ShareFile Sync automatically synchronizes a local folder on your computer with folders in your ShareFile account in real time. It’s the easiest way to keep files instantly up to date on all of your devices.

With ShareFile Mobile Apps — available for all iOS, Android, Windows and Blackberry devices — you get seamless access to all the files, folders and features of your account on the go. Whether you need to browse, send, request files or set folder permissions, you can do so right on your smartphone or tablet. You can even edit Microsoft Office files or annotate PDFs.

YES! You can brand your ShareFile account to match the look and feel of your company’s logo, website and colors. That way, it shows off your brand, not ours — everything from the login page to the headers, colors and other details of your account can match your website or logo.

There are a lot of benefits that come with a client document portal. You have a tool on your website where you can share files and storage with people in different locations. You no longer have to worry about losing important attachments or having miscommunication between people working on the same project. With a client portal, you only need to make changes once on a document and everyone will have access to the revised version of the file.

Additionally, a customer portal improves the efficiency between you and your clients. It is a tool you can use to easily exceed your client’s expectations in any given project. For instance, it allows you to provide a central place where all the important documents can be accessed and also a central point for communication between you and clients.

Finally, a client portal is a tool that your business will never outgrow. It will enhance the lifespan of your documents and even after projects are completed, you will have a permanent source of reference in case there are revisions or if you are working on similar projects in the future.

Encryption is a method for transforming data during either transfer or storage so that it requires permission to access. The data is transformed using an algorithm that generates a decryption key that must be used in order to open the data.

When transferring sensitive files, it is important to use encryption to ensure that any outside sources cannot read the data contained within the files. All file transfers through the ShareFile service are encrypted using 256-bit SSL (Secure Sockets Layer).  This is the same security used by banks and many e-commerce sites such as Amazon.com.  SSL works by establishing a private connection and each end of the connection is authenticated before transfer begins. Data traveling between these endpoints can only be decrypted by the intended recipient by using unique decryption keys.

Files uploaded to ShareFile servers are saved with 256-bit AES encryption. Each file saved in our system has a unique encryption key. When a file is uploaded, it is encrypted before being copied to its permanent storage location. Downloaded files are decrypted before their contents are sent to your browser. The file encryption keys are not stored on the same server with the files themselves, ensuring that someone with physical access to our storage servers has no access to the files contained on their hard drives.

Files are uploaded and downloaded between the end user and the storage tier directly over a Secure Socket Layer (SSL) or Transport Layer Security (TLS) encrypted segment using high grade encryption. ShareFile supports TLS 1.0, 1.1 and 1.2. These are the same encryption protocols and algorithms used by e-commerce services and online banking.

On Professional, Corporate, Enterprise, and VDR plans, files are stored at rest using the Advanced Encryption Standard (AES) with a 256 bit key. All uploaded files not pre-Internet encrypted, encrypted by the end user prior to upload, are scanned for known malware including viruses, Trojans, and worms. Files that reflect a known malware signature are flagged with a Red X and end users are subsequently prompted prior to downloading a suspicious file.

Additional customer account preferences are available that would prevent end users from downloading a file until it’s been scanned and  from downloading a file that is suspicious. However, note that these stricter options may affect the overall usability of the ShareFile service.

Each user on an account is given a unique username and password to login. Passwords are hashed so that not even ShareFile employees can access this information. If a user enters an incorrect password five times in a row, the system will lock that user account for five minutes before they can login again.

ShareFile account users will only see folders where they have been granted permissions and are listed in the Folder Access list. Folders where they have not been granted permissions will be invisible to them in the folder view and on any reports that they can access.

By default, client users do not have access to information about other users on the account.

All activity in an account is logged and available to employee users who have access to the Reporting section. Reports can include activities (such as logins, downloads, deletions, etc.), storage contents and user access audits.

The policy to save data older than 90 days for Corporate and Corporate Gold accounts was put in place fall 2009. Activity before this time may not be available.

When logging into the ShareFile web application, you provide your email address and password at your account landing page. After a period of time your session will timeout and you will be prompted to login again. ShareFile Enterprise customers can opt to integrate with Active Directory and redirect this login process.

Apps built using the ShareFile API (ShareFile Desktop Apps, ShareFile Mobile Apps, and third-party apps) are not allowed to capture or store the user’s credentials and typically only need limited access, so the ShareFile API leverages an industry standard protocol called oAuth 2.0. According to the oAuth community site, oAuth is “an open protocol to allow secure authorization in a simple and stand method from web, mobile and desktop apps.” For more on oAuth see the community site and the IETF specification.

ShareFile stores an oAuth token instead of your credentials and then uses that token to access the ShareFile API instead of your credentials. This allows a tool like ShareFile Sync to run in the background happily keeping all your files in sync without needing to prompt you for a password every time a change is made. This token has limited access to ShareFile only, so it is less of a security risk than storing your credentials. The way authenticating with oAuth tokens works is that ShareFile first prompts you for your email address and password using a secure web form that is similar to the one used when you login to the web application.

If using AD integration, we redirect you to configured IdP for the initial authentication. Once you have successfully authenticated, the secure web form provides the application with an oAuth token that is securely stored in the application. All subsequent access is done using this token you will not be asked for your credentials again until the token expires. The expiration for this token can be set by ShareFile administrators in Advanced Preferences.

If you lose access to the device where the ShareFile application was installed, you can manually expire the oAuth token in the ShareFile web application under My Settings. Administrators can also expire an oAuth token on behalf of a user in that user’s profile page in Manage Users. Disabling a user will also expire all tokens for that user. Since these tokens act as a replacement for your password, they are not tied to the password expiration policy (either within ShareFile or to an AD password expiration). You will not need to reauthenticate with a tool when you change your password, but only when the oAuth token expires.

ShareFile accounts are stored on servers maintained by Amazon Web Services in multiple locations across the globe. An account’s data is generally stored at the server location that is geographically nearest to the administrator.

All data centers containing ShareFile servers are SSAE 16 certified, proving that they meet high standards for security. Physical access is tightly controlled, and double verification is required to proceed to any areas housing data. Our servers are firewall protected and regularly updated to ensure that all of the latest security patches and updates are in place.

ShareFile has established operational procedures to maintain the availability of the system and user data, as appropriate and agreed to with users. ShareFile procedures take into account system capacity needs, physical and environmental threats to system resources, and recovery timelines needed to uphold service levels. Servers in the control plane are configured for high availability. Databases automatically fail over to an on-site secondary node, and data is further replicated at a geographically segregated disaster recovery site. Replication delays are monitored and addressed in order to meet recovery point objectives.

For Citrix-managed StorageZones, storage infrastructure is hosted with AWS and Microsoft Azure and availability is monitored real time by the network operations group. Customers managing their own StorageZones are responsible for availability, capacity planning and disaster recovery for uploaded data in these StorageZones.

All ShareFile employees undergo full background checks and sign our handbook prior to beginning employment with the company. The handbook includes an agreement to maintain the privacy and security of account information. Account information and support functions are accessible only from the IP address of ShareFile’s physical office locations. Company policy prohibits employees from accessing accounts or client data except where they have been expressly granted permission by an account administrator for the purpose of support. Any logins or activity by ShareFile Support will be logged in the account activity reports and available for review by account administrators.

In order to upload or download from a ShareFile account, you must access data housed in ShareFile cloud storage. If you are given an error while connecting to ShareFile, please contact your company’s technical support.

ShareFile separates application traffic from file uploads and downloads. ShareFile client applications require access to the ShareFile.com SaaS application as well as access to the storage location for their account. The SaaS application is hosted by Citrix and accessed using a customer-specific URL such as company.sharefile.com or company.sharefile.eu. User account settings, business logic and file metadata are handled by the SaaS application—no files are stored within the SaaS application tier.

Data Storage services (known as StorageZones) may be managed by Citrix or hosted and managed by customers. Files are stored securely within the data storage tier and accessible only by clients who have authenticated to the SaaS application tier. The ShareFile SaaS application authorizes file operations between authenticated users and the appropriate data storage service.

Users must authenticate in order to use ShareFile. Authentication can be performed by ShareFile SaaS application or deferred to a 3rd-party enterprise identity provider using SAML. In this article we assume that SAML is used for enterprise authentication.  To support accounts that use Citrix-managed storage zones, Citrix manages a variety of storage servers that execute in Amazon or Azure public cloud infrastructure. The list of public cloud servers used for Citrix-managed StorageZones is variable based on your account location, scalability requirements, and other factors, and is subject to change.  After successfully authenticating with the SaaS application the client would upload and download files from one of the servers.

Click here for information on CFR Part 11 compliance.

To report a reproducible security vulnerability in a Citrix product, including ShareFile, please send the following information to the Citrix Security Response team:

1. Details on the specific vulnerability, including the detailed setup and reproduction steps used to demonstrate the issue.
2. The versions and any associated configuration details of the components that are thought to be impacted.

The above details should be sent to the Citrix security response team using the secure@citrix.com  email address. Citrix recommends that vulnerability reports are encrypted using the PGP public key (fingerprint: 99FE 91C1 51A0 F7D5 4839 6044 351D 173A 623E 751C) attached to this document. Please note that the security response email address should only be used to report specific security vulnerabilities.

For inquiries about the privacy of your information or concerns regarding illegitimate email notifications or scam / phishing attempts, please contact ShareFile via email at privacy@sharefile.com, or calling 1-800-441-3453. To reach our Global Customer Support department, email privacy@sharefile.com.

Click here to view ShareFile’s Privacy Policy.

Billing cycles vary by country, please reference your location below for specific billing information:

For Customers Located Outside of the UK & Germany:
Billing cycles for locations outside the UK and Germany will start on the 1st of the month. ShareFile will prorate your first charge based on the number of days left in the current month and your billing cycle. All subsequent charges will be billed on the 1st of the month based on your billing cycle. In the event of account cancellation, you will not be billed further.

Fees for extra services or features, such as additional employee licenses, will be billed at the time of the order. You will initially be charged a prorated amount for the upgrade based on the number of days left until your regular billing date. Subsequently, you will be billed for all subscription charges on the normal billing date for your account. If you choose to cancel the extra features after your card has been billed for the month, you will not be reimbursed for the days you did not use the features. If you believe ShareFile has billed you incorrectly, you must contact ShareFile no later than 60 days after the closing date on the first billing statement in which the error or problem appeared, in order to receive an adjustment or credit. Inquiries should be directed via phone or email at support@sharefile.com.

For Customers Located in the UK and Germany:
All billing cycles will start on the day of your order and you will continue to be billed on this same day each month on an ongoing basis. If a month is shorter in duration than your typical billing date, your account will be billed on the final day of that month.  In the event of account cancellation, your account will continue to be active through the final day of your current billing cycle and you will continue to have service through this date. Your subscription will not renew following the end of your current billing cycle.

Fees for extra services or features, such as additional employee licenses, will be billed at the time of the order. You will initially be charged a prorated amount for the upgrade based on the number of days left until your regular billing date. Subsequently, you will be billed for all subscription charges on the normal billing date for your account. If you choose to cancel the extra features after your card has been billed for the month, you will not be reimbursed for the days you did not use the features. If you believe ShareFile has billed you incorrectly, you must contact ShareFile no later than 60 days after the closing date on the first billing statement in which the error or problem appeared, in order to receive an adjustment or credit. Inquiries should be directed via phone or email at support@sharefile.com.

Account administrators or an Employee user with the "Edit Billing Information" permission can modify billing information from within the ShareFile web app. To do so, access Admin Settings > Billing > Edit Billing Info (users that have not been updated to the New ShareFile can do so using the Admin link in the navigation bar, then selecting Edit Billing Information in the sidebar.)

When modifying your billing information, you must re-enter your Credit Card information even if certain numbers/values have not changed.

Your credit card information can also be updated by phone.

ShareFile offers invoice billing to accounts on annual billing cycles. Monthly and annual cycles are available.

To change your billing plan, access Admin Settings > Billing > Request Plan Changes (users that have not been updated to the New ShareFile can do so using the Admin link in the navigation bar, then selecting Edit Request Plan Changes in the sidebar.)

If you wish to switch to invoice billing, please contact ShareFile Support. Only employee users with the request plan changes permission can alter your billing plan.

Only account administrators or users with the request plan changes permission may perform this action. To change your billing plan, access Admin Settings > Billing > Request Plan Changes (users that have not been updated to the New ShareFile can do so using the Admin link in the navigation bar, then selecting Edit Request Plan Changes in the sidebar.)

Select the plan type you wish to use, and enter the amount of licenses you wish to add. Your billing estimate will be indicated at the bottom of the screen. You may also enter your billing information in this menu if converting from a trial to a paid account. Click here for a detailed list of ShareFile plan types and the features available to each.

Once you have requested a plan change, ShareFile support will review your request and email the billing contact on the account a confirmation of the changes. Fees for extra services or features, such as additional employee licenses, will be billed at the time of the order. You will initially be charged a prorated amount for the upgrade based on the number of days left until your regular billing date. Subsequently, you will be billed for all subscription charges on the normal billing date for your account. If you choose to cancel the extra features after your card has been billed for the month, you will not be reimbursed for the days you did not use the features.

To view or print receipts or sign up for Billing Notifications, access Admin Settings > Billing > Receipts and Billing Notifications (users that have not been updated to the New ShareFile can do so using the Admin link in the navigation bar, then selecting View/Print Receipts in the sidebar.)

This link will only be available after your first billing and can only be accessed by employee users who have the "View Billing Receipts" and "Access Account-wide Reporting" permissions. This section will store all receipts for the entire length of your account.

There is an option to receive an email notification every time your account is billed and you can turn it on by selecting the check box for Send email notification when my account is billed.  Select the check box and then click Add additional recipients to add a user that will receive Billing notifications.

Note - The Add Additional Recipients function is only available for accounts that pay via Credit Card. If you pay for your account via invoices, please contact ShareFile Customer Support to arrange for additional billing notification recipients.

Bandwidth is a measure of the total data transfer activity on an account. Every time a file is uploaded or downloaded using your ShareFile account, bandwidth is used. Bandwidth is recorded on your account for any downloads, both complete or incomplete. Uploads count toward your bandwidth if they have been completed. Bandwidth resets to zero on the first of every month. Bandwidth and Storage can be checked in the Admin section of your ShareFile account.

If you exceed your monthly bandwidth, you will be charged a small overage fee to cover the amount of bandwidth used. When you reach 80% of your bandwidth limit for the month, a notification email is sent to the billing contact on your account warning that you are approaching your bandwidth limit. Another notification is sent when you reach 100% of your account’s bandwidth limit. If you exceed your bandwidth limit for the month, your account will continue to function and employees/clients will still be able to upload/download files without interruption. At the end of the month, your bandwidth overage will be totaled and you will be charged a per megabyte usage fee. Please note that the fee is dependent on your plan level. You can also purchase additional bandwidth on your plan, which is more cost-effective than the overage fee. You can purchase additional gigabytes of bandwidth to your account by accessing Admin Settings > Billing > Request Plan Changes.