Pricing
Free
Premium (individual)
Solo (individual)
Standard (business)
Plus (business)
Enterprise (business)
Tresorit has multiple packages suited to personal, professional, and business users. Pricing covers all ends of the market, with features scaling to match the increase. All tiers include 2-factor authentication, built-in end-to-end encryption, Outlook integration, password protected sharing, and a zero-knowledge policy that means Tresorit promises to keep its hands firmly off the encryption keys.
Personal plans
If you want to keep yourself protected, why not try the premium plan for a fantastic 500GB of storage? Alternatively, you could opt for the more expensive option for 5x more storage and additional control over your documents. While I can't fault the pricing in terms of storage, it's surprising to see maximum file sizes on a premium service, especially on its most expensive (individual) plan. On that note, for the same cash, you may as well opt for one of the business plans and get much more for your money...
Businesses plans
It's clear to see that this is where Tresorit is focusing its efforts – offering fantastic prices and functionality to reel in big businesses. The jump in maximum file size compared to price between the individual and business cloud backup plans is jaw-dropping, to say the least. Add to that features like Content Shield (which gives users more control over their sharing), and it's hard to say no to such a plan.
The good, the bad, and the rather confusing
There's a lot of excellent choices for businesses to take advantage of with Tresorit, and it's definitely a solution I'd recommend for businesses. However, the features offered on such large scales are not available to the individual and come in at pretty much the same price as a personal plan. For $24/month you can get 2.5TB of storage, a maximum file size of 10GB, and a few nice features on your individual plan. Or, you can get loads of features, controls, a whopping 20GB maximum file size with a business plan, and all for the same cost.
Which raises the question: why aren't these options available for individual users if they're the same price?
On the one hand, this is an affordable option for businesses and offers a lot of functionality. But on the other hand, it's an overpriced and under-featured tool for individual buyers looking to secure the best cloud storage solution. It'd be nice to see Tresorit bring these individual prices down, or improve the feature availability for individual users moving forward. The biggest positive for pricing, however, is that Tresorit offers a free trial for almost all of its plans!
Features
- Zero-knowledge
- End-to-end encryption
- Completely cross-platform with folder synchronization
- Compliant with the latest ISO 27001, GDPR, HIPAA, CCPA, ITAR, FINRA, and TISAX Standards
- File versioning
- File sharing support – lets you restrict downloading and printing of shared files
- File Request feature – lets you create encrypted request links for people to use without having a Tresorit account themselves
- Browser and OS integration for Windows, Mac, Linux, iOS, and Android
File versioning
There are a number of reasons a user might need to restore their file to a previous version, from multiple users making unwanted changes to malware threatening your system. Tresorit keeps track of each file's version history, allowing users to regain access to previous iterations. It's worth noting that the feature is on a per-file basis and cannot be done with an entire folder, which could be time-consuming in some circumstances.
Please Note
If a file is deleted permanently, then there is absolutely no way to get it back.
File sharing support
It's incredibly easy to share files with others when using Tresorit. Members can directly invite others to join a folder or gain access with a link. Joining the folder via email requires the recipient to register to Tresorit, but anyone with access to a linked version can view the folder.
Total control over file sharing
As part of the Tresorit Content Shield, administrators can impose a number of restrictions on these links in the name of security, such as making password protection mandatory, requiring emails to be verified before accessing, setting an expiry date, or limiting the usage on the link itself.
I was happy to hear that Tresorit recently increased the level of control offered to users. If you don't want whoever you're sharing files with to have the option to print or download what you're sending them, simply click Link settings and select Advanced settings to take full control over the file you're sending.
Need to edit the link to send it to someone else? Don't worry, just click on Shared links, right-click on the document in question, and select Edit.
To test this new functionality, I sent a photo through Tresorit's share through link functionality to our Head of Commercial, Andor over in Hungary. I edited the settings so there would be a watermark, password protection, and so the image could not be downloaded or printed.
While all of this worked as intended, we noticed that Andor was able to screenshot the image (below) regardless of these protections.
*The circled text at the top says "You don’t have permission to download or print this file."
So, if you're sending sensitive files and/or images, and don't want to risk them being leaked through a screenshot, I'd recommend considering other sharing options. We tested this on both mobile and desktop and found that I could screenshot both linked files.
Cross-platform
Tresorit has an incredibly wide selection of support, each able to synchronize folders and add something to the mix. Desktop applications are available for Windows, macOS, and Linux. Mobile applications include Android and iOS, but Tresorit no longer supports Windows phones. Of course, users can always access the dashboard via web browsers. As expected, notifications are always sent out to the master email address when a new log-in is made, allowing administrators to keep track of accepted devices and users.
OS integration
Tresorit integrates with Windows via right-clicking and Android in its Share menu. The 'Convert to Tresor' option does what it says on the tin, uploading the file or folder straight to Tresorit. 'Share (Create link)' automatically uploads it to the platform as its own Tresor, generating a link for other people to view the folder with. You can set all the different parameters to keep the folder private and secure before finalizing it.
Privacy and security
Jurisdiction
Jurisdiction isn't hugely important to a zero-knowledge company that washes its hands of any compromising data, but it can provide reassurance should anything mess up.
Although Tresorit has a number of secure Microsoft Azure data centers across Ireland, UK, Germany, Switzerland, France, the US, Canada, the Netherlands, Singapore, and Dubai, the company is Swiss and therefore primarily within the jurisdiction of Switzerland. This is deliberate, as the Hungarian founders praise Switzerland's stance on neutrality, privacy, and the protection of customers.
Want to know where you can store your documents?
Tresorit offers data residency options in:
- Ireland
- UK
- USA - East
- USA - West
- Canada
- Germany
- Switzerland
- France
- Singapore
- Netherlands
- UAE - Dubai
- Brazil
Zero-knowledge
The company promises zero-knowledge across the board and was even certified by EY, meaning that even Tresorit can't see the content of your files. For security reasons, Tresorit does not even store passwords. This means that there is no recovery system in place for the master password but, in turn, it provides yet another layer of security.
Business and Enterprise users gain access to Advanced Control, which does allow admins to restore user passwords.
Technical security
Tresorit claims it would "take much more than a human lifetime to crack even one Tresor thanks to its use of industry-standard security algorithms".
The transaction starts by encrypting data with an AES-256-CFB cipher on the client-side, which is then authenticated with RSA-2048 signatures and hashed with HMAC-SHA-512 for integrity.
A TLS tunnel is then established between the client machine and the cloud to ensure complete security when uploading and downloading. Finally, this is authenticated with the user's digital signature, which mimics the remote directory structure on the client-side to prevent remote attacks.
Of course, all of this is further protected when enabling 2-factor authentication on any device with access to Tresorit.
Issues
Browser Cryptography
Correcting a previous version of this review, Tresorit does not use outdated JavaScript cryptography in its browser version but a WebCrypto API instead. The company told us that key generation is handled by platform-native CSPRNG, which is more secure than its predecessor. The client itself verifies resources with Subresource Integrity and mitigates data injection attacks through a measure known as Content-Security Policies.
While this does help to enforce the zero-knowledge policy that Tresorit swears by and makes the browser version similarly secure to its desktop and mobile counterparts, there is one big 'but'.
Although Tresorit has emphasized its legal obligation to uphold encryption standards across all platforms, the web is still not the most secure application delivery platform and requires the user to implicitly trust those in control of a server. The company's willingness for communication is admirable and I am in no way accusing Tresorit of pushing intrusive or malicious code, but without any means of verification and past incidents with other companies colluding with government officials regardless of the law, I prefer applications over browser-based interaction.
Closed-source
Due to the nature of closed-source applications, it's impossible to take a peek under the hood in order to confirm Tresorit's lofty claims. Despite this, the company is often welcoming when it comes to putting its security and privacy to the test, orchestrating numerous competitions that challenge world-renowned experts to crack their data encryption methods.
Ease of use
Using Tresorit is as simple as logging into the web browser version or downloading and signing into one of the supported applications. The user interface is incredibly clean and I especially appreciate that the tutorial checklist is optional and extremely intuitive.
Desktop (Windows 7+, macOS, and Linux)
The first thing that Tresorit recommends is to download the application to the desktop. Regardless of the version, the next step is to create a new "Tresor". This is a cloud-based folder that can be synchronized across connected devices if the user chooses.
Sharing a folder is particularly easy with options showcased to the right-hand side. Alternatively, users can right-click the file or folder within Tresorit and select 'Share'. The layout is identical across all desktop-based operating systems, including the Admin Center tab redirecting users to their default browser.
Mobile (Android and iOS)
The mobile version of Tresorit is similar to its desktop counterpart, albeit slightly simplified. It enables access to all Tresors to upload and download any folder chosen.
Unfortunately, the mobile application isn't currently able to synchronize with folders created on smartphones and tablets, meaning there's a lot of manual work to keep on top of back-ups. It does, however, back-allow uploads from the device's camera automatically.
Browser
Tresorit offers a mostly complete version of its services on browsers, although Sync and Direct File Open are not available at this time. Users can directly access the Admin Center, allowing administrators to see what devices and users are connected, add 2-step verification, customize branding from logos to color schemes and change various settings. As mentioned in the Browser Cryptography section, this isn't as secure as the applications.
Final thoughts
Tresorit is one of the most feature-rich cloud services available, with privacy enthusiasts sure to celebrate its neutral Swiss base of operations. Although the company does manage to cater to most ends of the market, it is undeniably a pricey offering compared to the competition, with some features confined to higher business packages. This is a real shame, and I definitely think it will put off a lot of personal users. However, if you're looking for a cloud storage solution for your business, then Tresorit is definitely a worthy investment.
There is a wide range of support for current and obsolete operating systems, all of which are equally sleek in aesthetic and performance. The lack of mobile synchronization is forgivable when comparing it to the rest of the market, which similarly omits such a feature, but I can't help but hope this changes in the future.
All in all, you certainly get what you pay for – which is a highly secure, highly private alternative to Dropbox and Google Drive. This is backed by a reliable customer support team that endeavors to answer queries in a timely manner. In particular, I recommend pairing Tresorit with a reliable password manager to make the most of securing your files.