A Managed File Transfer (MFT) service is a platform that moves data between systems and people in file format. This description sounds like FTP. However, an MFT includes security measures and action logging.
These two elements are essential for businesses that need to provide compliance to data protection standards, such as HIPAA, PCI DSS, SOX, and GDPR.
Here is our list of the best-managed file transfer services:
- Fortra GoAnywhere MFT EDITOR’S CHOICE This secure, enterprise-level managed file transfer solution automates and streamlines file sharing. It ensures data protection through encryption, compliance with regulations, and extensive integration capabilities for business workflows and connectivity. Get a 30-day free trial.
- JSCAPE MFT (FREE DEMO) This cloud-based, on-premises, or hybrid package provides a long list of protocol options and includes a Web-based client. Available for Windows, macOS, Linux, Solaris, AIX, and z/OS. Get a 7-day free trial following a demo.
- ActiveBatch (FREE DEMO) A job scheduler and task automation suite that includes secure managed file transfer functions. This is a cloud-based service.
- Files.com (FREE TRIAL) A cloud platform for storage and forwarding files that includes distribution tracking and user identification.
- ExaVault (FREE TRIAL) A cloud platform that offers both file transfer utilities and cloud storage – its services can be integrated into automated workflows.
- Coviant Software Diplomat MFT (FREE DEMO) Controls and secures file transfers between zones, sites and platforms. Includes PGP Automation. Compatible with any OS or container, on-premises or cloud.
- Serv-U Managed File Transfer Server A file transfer management system with a Web interface and mobile app for users and the ability to track activities from an administrator account. It runs on Windows Server and Linux.
- Sharetru A cloud-based service that gives your business a virtual private data center.
- Tresorit A cloud platform that provides collaboration and distribution functions and tracks all actions on files.
- Kiteworks A content firewall that offers a range of secure file distribution that can be accessed as a SaaS system or installed on a private cloud.
- Citrix ShareFile A cloud platform for secure file transfers, process automation, and distribution tracking.
It is the record-keeping that is the distinctive feature of MFT because just about all FTP utilities offer secure options such as SFTP and FTPS. Those two secure versions of FTP are the main protocols used in MFT systems as well. Another identifying feature of MFT systems is that they are more than just a file transfer utility. They are usually integrated into a file storage system, so the MFT will store your sensitive documents in an encrypted format and record all access attempts and changes.
About secure managed file transfers
FTP is a very old protocol. In fact, it pre-dates the Internet and the TCP/IP protocol stack that FTP now belongs to. FTP is an application that sits on top of the TCP/IP stack, which, in theory, only goes up to the Transport Layer.
Unfortunately, although it is very well-established and efficient, FTP is not secure. The protocol does not include any provision for authentication or encryption. Therefore, two adaptations of FTP were created: SFTP and FTPS.
SFTP is known as Secure FTP and also FTP over SSH. FTPS is known as FTP/Secure and also FTP over SSL. SSH is the Secure Shell. There is a little difficulty in combining FTP and SSH because FTP uses two simultaneous connections and SSH usually only has one. SSL is the Secure Socket Layer. In truth, SSL no longer exists. It was replaced by Transport Layer Security (TLS) a long time ago. However, tech insiders still refer to SSL when they really mean TLS. This is the secure protocol used to protect HTTP, creating HTTPS.
When you use a managed file transfer system, it is likely that the actual secure transfer protocol at its heart will be either SFTP or FTPS.
MFT advantages
An MFT system can be hosted on-premises or in a private cloud and it is very suitable for delivery by Software-as-a-Service (SaaS).
A common feature of many MFT services, no matter where or how they are hosted, is a Web interface for administration. The user part of the system can also be accessed through a browser-based interface or through an app. It is also possible to find MFT services that are implemented as plug-ins for other well-known interfaces, such as an email system, a productivity suite, or an operating system’s file manager.
MFT can be implemented as a cloud drive that includes collaboration features for file sharing. In this scenario, the main benefit of the MFT system is that users don’t have to attach files to emails. Instead, the user adds the recipient’s email address to a list of permitted recipients and then the system will automatically send out a notification to that recipient with an access link in it. Or it generates a link for the file owner to copy and paste into the body of an email.
However, keep in mind, the important feature of MFT system is activity and file access logging. Other useful features offered by some MFT services are watermarking and distributed copy identification that enables investigators to work out exactly who leaked a confidential document.
The best Managed File Transfer Services
A managed file transfer service doesn’t necessarily need to be a cloud service. However, if it is, there are accountability issues to be taken into account if your specific need for an MFT system is to comply with a data protection standard.
When examining the MFT market we developed a list of selection criteria. These are:
- Secure, encrypted file transfers
- A central management console to control user accounts
- Individual accounts for users to make each accessor identifiable
- File event logging
- A Business Associate Agreement (BAA) that complies with data protection standards
- A free trial or money-back guarantee for a risk-free assessment
- A good mix of services that is priced to offer value for money
Applying these selection criteria brought us to a list of candidate-managed file transfer services, which we then ranked.
1. Fortra GoAnywhere MFT (FREE TRIAL)
Tested on: Windows, Linux, VMware, Docker, UNIX, IBM z/OS, Solaris, macOS, Amazon EC2, & Microsoft Azure.
GoAnywhere MFT by Fortra is a robust managed file transfer solution designed for enterprises seeking secure and efficient file-sharing processes. It supports a variety of secure file transfer protocols, enabling organizations to protect sensitive data, meet compliance standards, and automate complex workflows. Its combination of security, automation, and ease of use makes it an essential tool for modern businesses handling sensitive or high-volume data transfers.
Key Features:
- Secure File Transfer Protocols: Supports SFTP, FTPS, HTTPS, and AS2, ensuring encrypted and secure data transfers.
- Workload Automation: Automates file transfer tasks with scheduling, triggers, and real-time monitoring to reduce manual workload.
- Compliance Support: Helps businesses meet regulatory requirements like HIPAA, GDPR, PCI DSS, and more.
- Document Viewer: Allows users to preview file contents securely without downloading them.
- Activity Logging: Provides detailed logs and audit trails to ensure transparency and facilitate compliance audits.
Why Do We Recommend It?
We recommend GoAnywhere MFT because it combines strong security, extensive protocol support, and powerful automation tools into a single platform. Its compliance-ready features simplify adherence to regulations like HIPAA and GDPR. Additionally, its transparency through activity logging and document viewing makes it an invaluable tool for secure and efficient file management.
GoAnywhere MFT stands out for its ability to handle sensitive data transfers with a high degree of security and reliability. By supporting a range of secure protocols such as SFTP, FTPS, and HTTPS, it ensures that data remains encrypted and protected during transit. This makes it an ideal solution for industries that prioritize data security, such as healthcare, finance, and government. The ability to integrate with existing systems and workflows also simplifies implementation, reducing downtime and allowing businesses to maintain operational efficiency.
The platform’s workload automation capabilities are another major advantage. With tools to schedule, monitor, and manage file transfers, GoAnywhere eliminates the need for manual intervention in repetitive tasks. It enables businesses to set up automated workflows, ensuring that critical transfers occur reliably and on time. This level of automation not only reduces human error but also increases productivity, allowing IT teams to focus on more strategic initiatives.
Compliance is a key area where GoAnywhere MFT excels. By supporting regulations like HIPAA, GDPR, PCI DSS, and more, the tool helps organizations meet their legal obligations with ease. The built-in document viewer and activity logging further enhance its value, as users can quickly inspect files without downloading them and keep a comprehensive record of transfer activities. These features ensure transparency, bolster security and simplify audits, making GoAnywhere MFT a trusted choice for enterprises with rigorous compliance needs.
Who Is It Recommended For?
GoAnywhere MFT is ideal for businesses of all sizes that require secure, automated file transfers. It is especially suitable for industries like healthcare, finance, and government, where protecting sensitive data and maintaining compliance are critical. Organizations seeking a reliable, scalable, and versatile file transfer solution will benefit greatly.
Pros:
- Centralized Management: Provides a single interface for managing file transfers, user accounts, and security settings
- Integration Capabilities: Connects with various systems, applications, and cloud services, including Amazon S3, Azure Blob Storage.
- File Compression: Speeds up transfers through compression with ZIP and GZIP.
- User Authentication: Supports multiple authentication methods, including Active Directory, LDAP, and SAML.
- Mobile-Friendly: Allows secure file access and management from authorized mobile devices.
Cons:
- No Price List: You have to ask for a quote.
GoAnywhere MFT is compatible with Windows, Linux, Unix, z/OS, and cloud platforms, making it versatile for various IT environments. Fortra offers a free demo and a 30-day trial, allowing organizations to evaluate the tool before committing.
EDITOR'S CHOICE
Fortra GoAnywhere MFT is our top pick for a managed file transfer service because it delivers a comprehensive, secure, and user-friendly solution for transferring files across networks and systems. Designed to meet the demands of modern businesses, GoAnywhere MFT ensures that sensitive data is transferred reliably while maintaining compliance with stringent security standards. One of its key strengths is its support for secure transfer protocols, including SFTP, FTPS, and HTTPS. These protocols protect data in transit, ensuring confidentiality and integrity while reducing the risk of interception or unauthorized access. Additionally, its end-to-end encryption safeguards sensitive files, making it suitable for industries such as finance, healthcare, and government that handle regulated data. GoAnywhere MFT excels in automation, allowing users to streamline recurring file transfer tasks. Its intuitive interface enables administrators to set up workflows that automatically execute transfers based on triggers, schedules, or conditions, eliminating manual intervention and saving time. The service also emphasizes compliance with regulations like GDPR, HIPAA, and PCI DSS. Its reliable logging and audit trails ensure organizations can demonstrate accountability and track file activity comprehensively. The integrated document viewer and activity monitoring enhance transparency, allowing administrators to review and analyze operations in detail. Another advantage is its versatility, with capabilities to connect with cloud platforms, on-premises servers, and external trading partners. Its centralized dashboard simplifies management, offering administrators complete visibility over file transfer activities.
Download: Get a 30-day free trial
Official Site: https://www.goanywhere.com/trial
OS: Windows, Linux, VMware, Docker, UNIX, IBM z/OS, Solaris, macOS, and cloud
2. JSCAPE MFT (FREE DEMO)
Tested on: Cloud-based, Windows Server, Mac OS & Linux
JSCAPE MFT offers a long list of protocols that can be used for a range of business functions. As well as providing SFTP, SCP, and FTPS for cross-internet transfers, the system has an implementation of the Trivial File Transfer Protocol (TFTP) and the Accelerated File Transfer Protocol (AFTP) for local use. The package can also transfer files using HTTP, HTTPS, and WebDAV, and it implements EDI with AS2 and OFTP2.
Key Features:Â
- A Wide Choice of Protocols: FTP, TFTP, SFTPO, FTPS, SCP, AFTP, OFTP2, AS2, HTTP, HTTPS, and WebDAV
- Suitable for EDI: With OFTP2 and AS2
- On-Premises Software Package: Runs on Windows, macOS, Linux, Solaris, AIX, and z/OS
- Web-Based Client: Hosted on your own server
- Task Automation: Integrate file transfers into scripts
Why do we recommend it?
JSCAPE MFT is an on-premises package that provides both secure and non-secure file transfer methods. The software bundle includes a Web-based client, which is hosted along with the MFT server and can be accessed from anywhere through any standard Web browser. A no-code system helps create scripts for file transfers that are embedded in automated processes.
The client for the service includes a user credential requirement, which strengthens security. This account authentication service can be linked to your access rights manager and that ARM connection can also be used to set up access rights for files and folders. The client includes a document viewer, which removes the need for users to actually transfer files in order to read them.
The service also lets you create looser security for serving files to outsiders in a DMZ. For example, non-sensitive documents such as sales brochures could be made available for download in this way. The client can be embedded into websites to provide file upload functions.
The service includes a plugin for Microsoft Outlook that controls the files that can be attached to emails. The security services in the package extend to activity logging and that, together with user authentication and file access controls, makes the system suitable for compliance with data protection standards, such as HIPAA, PCI DSS, SOX, and GDPR.
JSCAPE MFT is able to transfer files with a range of protocol options and even offers two EDI systems. The package lets you create automated tasks around transfers, which is useful for data verification and file marshaling. This system is able to run tasks on any operating system and you can host it on your cloud account. Use this tool for all of your admin and business tasks, such as network device configuration backups, payment instruction transfers, eBrochure delivery, and memo distribution. Choose the level of security that you need from tight access controls to open access in a DMZ.
Who is it recommended for?
There are many features in this package and it offers many ways to facilitate and control file movements. For example, there is also a management routine for directory syncing and it is possible to set up task automation scripts with the MFT. All in all, this is a solution for large organizations.
Pros:
- Provides a Workload Automation Editor: A no-coded system for task automation script creation
- Use Existing Corporate User Accounts: Interfaces with access rights managers
- Integrates into Websites: Use to deliver files to the public or accept uploads
- Run on the Cloud: Load it onto your virtual server
- Document Viewer: Provide remote file viewing to eliminate the need for transfers
Cons:
- No Price List: Request a quote
The software for JSCAPE MFT will run on Windows, macOS, Linux, Solaris, AIX, and z/OS. Access a demo to get a 7-day free trial.
3. ActiveBatch (GET DEMO)
ActiveBatch is a cloud-based task automation and job scheduling service that includes a managed file transfer module. The big advantage of the ActiveBatch system is that it makes integrating secure file transfers into wider workflows very easy.
Key Features:
- SaaS Package: Delivered from the cloud
- Workflow Automation: Includes a workload creator
- Secure File Transfer: FTPS and SFTP
Why do we recommend it?
ActiveBatch is a workflow creator that lets you automate data processing between unrelated software packages. This is like recording a series of steps that an administrator goes through to process input data into results. These processes often involve file transfers. Replaying these flows on a schedule creates an active batch.
The console for ActiveBatch is accessed through any standard Web browser and it includes a graphical interface for setting up tasks. You can create a file transfer workflow, integrate a file transfer step into a wider workflow, or create your own file transfer module that can operate as a standalone service or be plugged into other workflows that you set up later.
However you chose to implement your file transfer workflow, you can set up a schedule to get it to run automatically within the ActiveBatch console. This is a great tool for regular transfers for system maintenance, such as managing log files, backing up configuration images, or distributing documents.
ActiveBatch has pre-written processes to integrate with other products, such as ERPs and data warehousing systems. It is also able to interface to other cloud platforms to automate tasks and transfer files to and from. The list of platforms that ActiveBatch will work with includes Azure and AWS.
Who is it recommended for?
Any business can use the ActiveBatch system. The managed file transfer part of this tool is particularly important for businesses that need to verify data before moving it and then reformat it to populate fields in a remote application after the transfer. This is important for security enforcement or compliance management.
Pros:
- Drag-and-Drop Interface for Batch Creation: Can re-use batch modules
- Orchestrates Third-Party Systems: Will integrate into ERPs and other business suites
- Compliance Management: For HIPAA, SOX, PCI DSS, and GDPR
Cons:
- No Free Trial: Access a demo
The secure file transfer utility can transfer files in parallel, send the same file to multiple destinations, pause and restart transfers, and recover from a lost connection in mid-flow. The transfer system offers SFTP and FTPS options and all data movements are logged. The reporting function and security protection make ActiveBatch a suitable managed file transfer service for businesses that comply with HIPAA, SOX, PCI DSS, or GDPR.
ActiveBatch integrates into a wider system of task automation. As with other MFT services, this system includes security for transfers and an activity-tracking feature that makes it suitable for use in businesses that need to follow data protection standards.
Get a demo of ActiveBatch: advsyscon.com/en-us/demo/get-started
Operating system: Cloud-based
4. Files.com (FREE TRIAL)
Files.com is a cloud-based platform built for File Transfer Automation. It is exclusively a B2B platform since it’s early beginning in 2009. It’s designed to accommodate any file transfer workflow in your business and supports a variety of integration patterns.
Key Features:
- Cloud Platform: A SaaS package
- Email Access Links: Scans emails and replaces attachments with links
- SFTP and WebDAV Options: Secure and fast transfers
Why do we recommend it?
Files.com is a multi-purpose platform that deals with files. Each of your users gets an account. The system can be used to sync files as a backup to local drives, store documents and send access invites instead of email attachments, or as the primary working drive for the business.
Each user gets an individual account on the platform, which enables activity tracking. It is possible to add 2FA to account access routines, enhancing. The account space is fully encrypted for further protection. There is an administrator account with the plan that has access to activity data and performance tracking utilities.
The Files.com platform acts as a mediator for all file distribution activities. Files get loaded to the platform over a secure connection and then recipients are sent links to those files in their location on the Files.com server. It provides FTP, SFTP, and WebDAV servers in the cloud, meaning that your clients, vendors, or partners can connect directly to it to drop off or pick up files using any of these common protocols. Second, Files.com can act as a client, connecting outbound to other servers to drop off or pick up files, either on a scheduled basis or on demand.
File owners can decide the level of access to grant to others and it is possible to revoke access rights. All activities on each file are logged. The system administrator can also use the Files.com storage space for automated processes, such as backup and syncing of directories that contain sensitive data. The service is able to give a signed Business Associate Agreement to those customers that are following a security standard that requires it, such as HIPAA or PCI DSS.
Files.com can an directly integrate other cloud-based or on-premise storage providers, such as Amazon S3, Google Cloud Storage, Azure Blob Storage, Box, Dropbox, Wasabi, and more. It can aggregate these remote integrations, providing the opportunity to build workflows that easily span across these systems.
Who is it recommended for?
Files.com is a very flexible system. Companies that operate virtual offices with almost all employees home-based or roaming will particularly appreciate this system. Other great fits for this tool are design offices that need to mail out large files or marketers who send out brochures again and again.
Pros:
- Stores Files for Collaborative Access: Each user has a filespace on the cloud drive
- Empowers Access Control by the User: The file owner has control over access permission
- Compliance management: For HIPAA, SOX, and PCI DSS
Cons:
- Short Free Trial: The free trial only lasts seven days
Files.com is a subscription service with a rate that is calculated on the number of user accounts needed. The base plan gets 1,000 GB of storage space but that can be increased. The Files.com system can be integrated with cloud storage services, productivity suites, and collaboration systems. You can get instant access to a Files.com account on a 7-day free trial which can be extended if you contact them for a demo.
Files.com is a leading managed file transfer service because it includes all of the requirements for security and control of files while also allowing the flexibility to use the system for a range of other business functions, such as team collaboration or folder backups. The Files.com service is suitable for file transfers in environments that need to comply with data protection standards, such as HIPAA, SOX, and PCI DSS.
Start 7-day free trial: signup.files.com/signup3/welcome
Operating system: Cloud-based
5. ExaVault (FREE TRIAL)
The ExaVault cloud platform offers an interesting proposition for businesses that want to develop their own MFT processes. It provides services for file management that can be integrated into any customized application through its API and libraries or Python, PHP, JavaScript, and Java.
Key Features:
- Cloud Storage: Provides a cloud drive
- Secure File Transfers: SFTP and FTPS
- Administrator Account: Provides control over user accounts
Why do we recommend it?
ExaVault is an alternative to Files.com. This is a cloud drive service that can be used to invite access to files rather than mailing them out or to collaborate with colleagues on the development of documents. Each user gets a file space and ownership of the files within it.
The services of ExaVault are a cloud storage area and a file transfer system that will implement SFTP and FTPS. The combination of these two systems allows businesses to control access to data by banning emailing or transferring files to anywhere outside the business. Employees or automated processes upload files to the ExaVault platform instead and then mail out a link for access. When outsiders use those links, their access to files is tracked.
The administrator of an ExaVault subscription can create user accounts, which control access to the storage platform. The user credentials can have password strength enforcement and multi-factor authentication. Users own files and can invite others to share files with read, write, or copy permissions. The system administrator can also revoke any of those rights. This system is the mechanism that is used to allow outsiders access to files, which is implemented by identifying them through email addresses.
Who is it recommended for?
ExaVault stresses its use as a managed file transfer service, although it can also be used as a cloud drive or for backup and syncing. The service provides corporate accounts that allow an administrator to set up subaccounts for users. The lowest package has a minimum order quantity of five users.
Pros:
- API and Code Libraries: For integration into customized code
- Individual User Accounts on the Cloud Platform: Enables file ownership
- Shared Access via Link Invites: The file owner retails access rights controls
Cons:
- No Self-Hosting Option: Only available as a SaaS platform
The ExaVault system is offered in four plan levels and each has different allowances for user accounts and storage space. You can assess ExaVault with a 30-day free trial.
6. Coviant Software Diplomat MFT (ACCESS FREE DEMO)
Diplomat MFT is an on-premises package that manages file transfers between zones on a network and also out to other sites and also to cloud platforms. The key elements of the platform are the management of encryption keys, activity logging, and notifications.
Key Features:
- Based around SFTP
- Key management
- Provides OpenPGP for encryption
Why do we recommend it?
Diplomat MFT is a package that provides a private file transfer controls that include the possibility of installing remote agents on other sites or cloud platforms to coordinate the other side of a transfer. Move files to remote sites or receive them from those locations. All file movements are logged
This package can also be used to move files to a DMZ for public access and also bring in files uploaded by the public to a staging area within the DMZ. The system can be used as a file server for a website. This would be useful for a site that delivers brochures or an employment agency site that receives resumes from applicants.
The MFT can be used to secure email systems within an organization across multiple sites or branches. The problem with most email encryption systems is that it requires the recipients of all emails sent outside the organization to be using the same service. The remote agent opens up the possibility of including associated companies into the corporate secure email system.
The automation feature in the tool can run transfers off a trigger. For example, it can be set up to automatically forward files that are saved to a specific directory. The package can also generate emails to notify a staff member of a transfer. It will also log those activities for compliance auditing.
Who is it recommended for?
This tool can have many applications and so is suitable for many types of businesses. It should be noted that the service is HIPAA compliant, so it will be of particular interest to businesses that operate in the healthcare sector. Coviant Software provides a consultancy service to customize implementations for specific business needs.
Pros:
- Self-managed secure file servers
- A Web interface to access remote locations
- Options for notifications and forwarding
Cons:
- The top plan is very pricey
The software for Diplomat MFT will install on Windows or Windows Server. Coviant Software offers a free demo.
7. Serv-U Managed File Transfer Server
While most of the systems on this list are cloud-based platforms, Serv-U from SolarWinds is a package that you install on-premises and manage in-house. This option is suitable for businesses that don’t want to let their sensitive data held outside their premises because most of the cloud platforms include an element of storage for the files being transferred.
Key Features:
- Self-Hosted: You keep control of the system
- Receives Files from Desktops, Cloud Platforms, and Mobile Devices: Can forward them
- Secure Transfer Protocols: SFTP, FTPS, and HTTPS
Why do we recommend it?
Serv-U Managed File Transfer Server lets you run your own managed file transfer system because it is an on-premises package. You can use this system to create your own file server and automate functions such as syncing. You can just use the system to move files around or create full file management services.
Although the package is a system you host yourself, its interface operates as a Web system. Users get a browser-based interface and mobile apps to access the file transfer service, so it looks and feels like a cloud service.
A big advantage for those following a data protection standard is that there is no need for a BAA because all of the responsibility for data storage and control is kept in-house. The system logs all file transfer activities, which is important for compliance auditing. The system can also be used to manage workflows that implement automated file transfers.
The secure transfer protocols available with this service include SFTP, FTPS, and HTTPS. The system can operate with IPv4 and IPv6 addressing. The service will also manage the receipt of files from external sources and it is particularly efficient at managing the transfers of very large files.
Who is it recommended for?
This is a solution for large businesses. The SolarWinds solution is a good choice for businesses that want to create an in-house file server. There are free FTP servers available, so you should look at the extra features of this package to see its value.
Pros:
- Automation Possible: Build task automation scripts around file transfers
- Access Rights Management Standardization: Integrates with Active Directory and other LDAP services
- Multiple Platforms: Runs on Windows Server or Linux
Cons:
- Not a SaaS Package: Only available as a downloadable software package
The Serv-U MFT software installs on Windows Server or Linux and it is available for a free trial.
8. Sharetru
Sharetru is a secure file transmission system that has all of the features needed in an MFT. Users access the service through a Web interface and mobile apps and require individual user accounts. Those interfaces can be white-labeled for use by managed service providers. The administrator console has control over user activities and all file functions are logged.
Key Features:
- Transfer Encryption: 2048-bit RSA
- Storage Encryption: 128-bit AES
- Secure Transfer Protocols: SFTP, FTPS, FTPES, and SCP
Why do we recommend it?
The Sharetru system provides storage space on a cloud server that is divided up for individual user accounts. The base plan gives you 10 employee accounts. The system is similar to files.com because it can be used for file transfers or for in-place file collaboration between colleagues.
The security services of Sharetru are excellent. The system employs 2048-bit RSA encryption to protect files in transit and 128-bit AES encryption for files at rest on the Sharetru service – this is a cloud platform that mediates transfers. The service is certified under ISO 27001 and its data centers are SSAE18 SOC2 audited. Transfer protocol options include SFTP, FTPS, FTPES, and SCP.
The file space of Sharetru is protected by a managed intrusion detection system. Security measures that this service deploys include hacker blacklisting. Account administrators can impose extra controls, such as tied devices to identify each user access location and geo-fencing that restricts access. So, valid users can be automatically blocked if they go out of the country and try to access the service.
If you are working to HIPAA or PCI DSS standards, you will need a signed BAA from Sharetru. This is only available with the Premium plan. Other benefits of that higher plan are 2FA for user access control and the ability to link accounts in Sharetru to a Single Sign-On system.
Who is it recommended for?
The lowest plan for Sharetru provides 10 user accounts, so that shows you the smallest business that would be interested in this system. The top end of the plans will allow 250 users but there is also a custom plan that has no user limit.
Pros:
- Access Apps: In a web interface and in a mobile app
- Cloud Platform Security: Includes a managed intrusion detection system
- A Signed BAA is Available: For HIPAA and PCI DSS compliance
Cons:
- Not the Strongest Encryption Standards: AES-256 and RSA 4096 encryption would be better
You can get a live demo version of the system. You have to contact the Sales Department to request a 14-day free trial of Sharetru.
9. Tresorit
Tresorit is a cloud-based file sharing service that is G-Cloud 9 approved. It has all of the security and control mechanisms that qualify it as an MFT. This system can be used for file transfers or for collaboration within its secure environment.
Key Features:
- Encryption for Transfer and Storage: An end-to-end system
- Built-In Authentication Module: Based on 2FA
- G-Cloud 9 Approved: A UK government procurement framework
Why do we recommend it?
Tresorit is a cloud drive system on which you create individual accounts for your users. From that space, users can invite others to view, edit or download files, thus you can avoid having to transfer them by FTP or as attachments. Users can upload files to their accounts.
Files are encrypted on the user device before they are transferred. The owner of the file, which could be an administrator account, is the only person able to decrypt it. The transmission to the Tresorit server is also secure and access to the company’s file space is governed by authentication procedures.
The entire file space is also encrypted, with the decryption key embedded in the 2FA access procedures needed by the holders of user accounts. Users gain access through a Tresorit Web interface or a mobile app, which ensures end-to-end security for the transmission of data from the drive to the viewer.
Each user on an account with Tresorit can be identified and all actions on files are recorded for audit purposes. It is possible to withdraw previously granted access and it is also possible to blacklist a device.
Who is it recommended for?
Tresorit charges per user, so it is a scaleable system that is accessible for any size of business. The minimum number of users you can get the service for is three. Each user gets 1TB of storage space, which makes this a good plan for businesses that store a lot of large media files.
Pros:
- End-to-End Protection: Encrypts individual files on the endpoint before upload for
- Accountability: Activity logs identifying the user account of each action
- A Signed BAA is Available: For PCI DSS and HIPAA compliance
Cons:
- Possible Security Weakness: Mobile app for access could be a security weakness
Tresorit provides a BAA to its business customers and the service is available on a 14-day free trial.
10. Kiteworks
The Kiteworks system is a cloud platform that is termed a “content firewall.” The platform includes a number of specialized tools, including a managed file transfer service. This system offers accountability through recipient identification that is implemented with a copy serial number embedded in the metadata of a transferred file.
Key Features:
- Secure cloud file storage
- File copy watermarking
- Integrates with Microsoft 365
Why do we recommend it?
The Kiteworks platform offers several ways to move files securely. The package includes email protection and a managed file transfer service. The MFT imposes its own encryption on file transfers. The platform provides opportunities for scheduled transfers and linked data processing. It is also possible to set up triggers.
There are a number of configuration options for Kiteworks. The cloud platform is one of those and customers who are working with HIPAA or PCI DSS get a signed BAA. It is also possible to get the service as a software package for installation onsite or on a private cloud. In these two circumstances, a BAA is not needed.
Kiteworks uses 256-bit AES encryption for transfers and when files are at rest. This service doesn’t automatically include cloud storage. If that option is used, the file space is protected by AES encryption as well. Accellion Kiteworks has ISO 27001 certification and is validated to FIPS 140-2 Level 1.
The Kiteworks system can be used for sharing files if they are held on the Accellion server. Team members can be granted access to individual files and it is possible to set up shared folders. Each user can comment on a file or communicate through a messaging system. The original owner of the file is notified if any actions occur on it.
The administrator gets an event feed on all files, which creates an audit trail. The Kiteworks system can be integrated into Office 365 or Outlook and even when in this mode, all file actions are logged.
Who is it recommended for?
A company that requires regular file transfers that involves processing would get the most out of the MFT system. The option for encryption is a standard utility in any file transfer system, so it isn’t a standout feature to set this tool apart from the other SaaS packages on this list.
Pros:
- File Commenting System for Collaboration: Each user is identified with an account
- User Controls Access by Others: Can revoke access rights to a document
- Offers a Signed BAA: For PCI DSS and HIPAA compliance
Cons:
- No Free Trial: Get a demo
Kiteworks is a subscription service with a rate per user per month. You can get a demo to assess the system.
11. Citrix ShareFile
Citrix ShareFile is a cloud-based platform that offers a range of secure file services that include file storage, collaboration, and transfer options. The security, tracking, and access control features of the secure FTP module in this platform qualify it as an MFT service.
Key Features:
- A Cloud Drive: A file space for each user and for automated processes
- Transfers with SFTP: Can construct workload automation around transfers
- Collaboration Features: Shared files or user-owned files with link invites
Why do we recommend it?
Citrix ShareFile is another cloud service that includes both collaboration opportunities and file transfer features. This service is good for moving large files because its size limit for a transfer is 100 GB. However, it is a cloud drive and so files can be created and stored in that file space directly.
This service is an implementation of FTPS. By mediating its transfers through its servers, acting as a proxy, ShareFile is able to simplify the complexities that you would face managing your own FTPS service. This is an adaptation of FTPS that has an easy-to-use browser-based interface for users and a controlling console for administrators.
The ShareFile service integrates into Outlook as a plug-in. In this mode, the service uploads attachments separately to its own server and then places a link to the stored file in the email. The recipient is then able to view the file over a secure connection or, if the sender allows it, download the file.
Who is it recommended for?
Media companies, engineering services, and design offices would benefit from the ability of this system to transfer large files. The service is easy to use because it is accessed through a Web browser, so users don’t need technical skills to access file spaces or upload files.
Pros:
- Link Invites for Access: Replace email attachments
- Email-Centered Automation: Build emailing into workloads or trigger workloads from email receipts
- Provides a Signed BAA on Request: For PCI DSS and HIPAA compliance
Cons:
- Not All Editions include MFT: The lowest plan is storage only
Citrix will provide a signed BAA for clients that are operating a HIPAA or PCI DSS compliant environment. ShareFile is available for a 30-day free trial.
Related post: Best solutions for large file transfer list