Rethinking File Sharing

Modern life entails almost constant file-sharing, whether for personal use or professional obligations. We all send digital images, documents and videos to colleagues inside our business or out in the world with external partners. But while sending tangible items requires two people — a sender and receiver — electronic item exchange is more like posting an object: we need three parties involved — the giver, the middleman (the platform) and the taker on the receiving end!

Sending files via traditional methods may create a digital footprint that opens vulnerability. When relying on a third-party platform, data ownership can be degraded and become subject to their rules and regulations — potentially allowing confidential information to fall into the wrong hands in case of a security breach. The costs associated with this security risk are severe and can result in financial loss and long-term implications on brand trust and confidentiality.

The following questions arise:

1. Do we have to trust other parties to store and handle our files in transition?
2. Can we retain control over our files?
3. Can we do something about it in case one of the platforms we use sustains a security breach?

Most of us accept the current status quo of file sharing because we focus on the mission: TO SEND THE FILE. During this process, we assume that the file is adequately handled, securely stored, encrypted (so the platform does not know the content) and disposed of by the platform after use. In reality, the picture is different. We have all heard of many cases recently where a breach occurs and user data leaks. Why does the data leak? Primarily because of a lack of encryption at rest or transition, mishandling, and lack of authorization.

At SharePass, we understand the importance of ensuring our clients control their data. That's why we provide features to give senders ultimate power and security, from encrypting files to revoking access in case a breach occurs. Our commitment guarantees users have complete ownership and authority when sharing important documents with external parties — because who you choose to share your data with should always be up to you!

• SharePass File Sharing with Security Key Restrictions

How are we doing this differently?

SharePass is revolutionizing the way you share important documents and files. With our innovative service, your information will remain secure while being delivered to its requested destination with user preferences considered. We act as a virtual post office; packages (files) are sent from sender to receiver without risk of tampering or delay — all within an acceptable timeframe provided by the initial sender! SharePass offers multiple controls for increased security that users can use to guarantee their privacy. These are the controls available for SharePass users (you can apply a combination of them):

1. MUST: Client-side encryption using AES256 GCM mode (not all AES are identical). This way, you know your files are encrypted in transition and at rest while stored on SharePass servers.
2. OPTIONAL: Your choice of region to store the files to comply with the privacy regulations of your area.
3. OPTIONAL: Expiry and timeframes — the files you share will be accessible in the timeframes you define and expire beyond that, allowing you to delete, revoke or extend storage.
4. OPTIONAL: IP-based restrictions — allow you to share files with an entity with a specific IP address
5. Lock\unlock — define the default state of the file. The file can be sent locked pending an unlock action from the sender. The file can also be locked even after you send it, given that the receiver hasn't opened it yet.
6. OPTIONAL: Apply MFA (Static or dynamic PIN) or a Physical security key (We support Yubico Keys at the moment) — This way, when you send a file, the receiver must verify his identity, making sure he is the right recipient.
7. OPTIONAL: Policies — apply and enforce different policies within the organization.

*** Given the sensitivity of file sharing, SharePass will only support this feature for enterprise accounts.