Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

Tresorit Encrypted Cloud Storage: What You Need to Know

By - Source: Toms IT Pro

Tresorit is among the top companies that compete in secure cloud storage, and it offers lots of flexibility for businesses.

Security is a top concern for any company contemplating the cloud, even sending some business decision makers into a cold sweat. Tresorit is a cloud service that shares and stores files securely that uses client-side encryption to guarantee the security of your files once they leave your computer. The user maintained keys prevent unauthorized decryption of files. With this business product, there is a lot of flexibility to choose who has what kind of access to the files, very similar to expensive Digital Rights Management (DRM) workplace solutions.

Tresorit in Use

You may access Tresorit from a client side application, a browser or mobile apps. It supports Windows, Mac OS, Linux, iOS, Android and Blackberry OS. Tresorit for Windows, about 20 MB downloaded, lets you sync, organize and share files securely. Sign up is easy, and the interface is uncluttered.

The Tresorit welcome screen.The Tresorit welcome screen.MORE: Building a Business Case for Cloud Storage

Like most business file sharing applications, you may send a link to the encrypted files to your friend, who signs up to use the service. They aren’t charged, but it gives the recipient the access you designated. If you only want to share Individual files, you may do so by sending a link, which the recipient could also access using a supported browser, and the password that you send securely.

Tresorit for Business

Collaboration is the new buzzword for smart businesses, but the notion entails some risk if sharing sensitive files with third parties. When using the Tresorit business service (Tresorit DRM), file access may be revoked at any time, similar to other DRM (Digital Rights Management) products that offer very granular control. So even after sharing, security is extended to the shared files. Tresorit DRM works with Windows with Microsoft Office products.

These rights migrate with the file(s), which are encrypted individually, so if a recipient copies the file to a flash drive and subsequently looses the drive, the finder may not view that file without permission. This works because the digital rights are enforced by Microsoft’s Rights Management Service (RMS), which provides file level permission management.

Microsoft can’t read the file because the RMS servers do not have physical access, and the Tresorit DRM uses zero-knowledge design, which means that Tresorit (or Microsoft) never have the key, so they cannot be forced to turn your decrypted files over to any entity. Note that the Microsoft rights protection encryption is on top of the Tresorit encryption.

In the case where a user shares a file, but later revokes privileges for the recipient, there are many steps, but the process is largely transparent: the Tresorit client communicates with the Microsoft RMS servers automatically as needed. Once the DRM module is installed, the user merely selects the appropriate rights.

A user shares a file with a recipient, then revokes access.A user shares a file with a recipient, then revokes access.

How does Tresorit protect data?

Tresorit does two things that combine to form excellent security practice: they are incorporated in Switzerland, which has strict data privacy laws, and they use end – to – end AES encryption. The client does not use Java or other risky extensions. With other services such as Google, Dropbox or Box, the files are decrypted on their servicers when accessed, potentially allowing anyone with access to their servers to see your files. 

Add-on encryption can be difficult to use, may not work for individual files in a container, and may lead to user error – did I copy that file to the encrypted solution or the unencrypted solution? In any case, the person with whom you are sharing must use the same encryption add-on as you are using. With Tresorit, it doesn’t matter. The recipient does not have to have Tresorit installed. 

A variation of add-on encryption, email encryption, is also difficult to use. Not only must you share your public key with those with whom you wish to share, but also files must be manually encrypted and decrypted one by one. You would also need to share keys with the server if you were to use sFTP. Also, sFTP does not allow easy change to recipient’s rights, as it requires administrative action on the server.


For SMBs, the price is quite attractive. For 1,000GB for a company, Tresorit costs $15 per user per month. Individuals pay $25 per user per month.

Bottom line

Tresorit for business is a very good deal for secure storage and easy-to-use rights management. Many of the pain points are hidden, and from a security perspective, Tresorit is among the top companies that compete in secure cloud storage.