Tresorit is one of the top-rated cloud storage solutions available, with privacy and security firmly at the forefront.
Based in Switzerland, the service offers near-unparalleled levels of privacy across the board thanks to the country’s strict federal laws and regulations. According to the company itself, Tresorit’s security is unbeatable, gaining the trust of 10,000 organizations across the world. This is regularly tested with the experts from the most renowned institutions, with each unable to break the encryption.
- Zero-knowledge encryption
- Based in Switzerland
- Client-side integrity protection
- GDPR compliance guides for businesses
- 2-factor authentication
- Good cross-platform support
- File versioning
- Not open-source
- Can’t access the Admin Center from mobile
- Some features are locked behind a large price tag
Tresorit has multiple packages suited to personal, professional and business users. Pricing covers all ends of the market, with features scaling to match the increase. Fortunately, all tiers include zero-knowledge, 2-factor authentication and built-in end-to-end encryption. Tresorit promises to keep its hands firmly off the encryption keys.
The premium personal tier is the cheapest, granting access 200GB of storage space for up to 5 separate devices, version recovery up to 10 versions and activity history spanning 90 days. The Solo package, aimed at freelancers and professional users removes the caps for version recovery and activity history while increasing encrypted storage to 2,000GB across 10 devices. This tier also allows the user to control permissions, share files with password-protected links, integrate Outlook and access logs for tracking.
Teams of users will want to turn their attention to the Business offerings, which include all features outlined above and more. Administrators are able to recover passwords, integrate the active directory, add digital rights management, wipe the system remotely and customize their brand. There's even a handy guide that prepares companies for General Data Protection Regulation (GDPR) compliance. Stepping up to the top tier, Enterprise users can even add admin APIs and play about with custom features.
Tresorit offers a free 14-day trial with a 7-day money-back guarantee on its Premium, Solo and Small Business packages. Those wanting to go all-out for the Enterprise tier will have to contact the company directly. Sadly, Tresorit doesn’t accept cryptocurrencies, payment methods include credit cards (Visa, MasterCard, and Amex) or PayPal.
- Zero knowledge
- End-to-end encryption
- Completely cross-platform with folder synchronization
- Compliant with the latest ISO Standards
- File versioning
- File sharing support
- OS integration(Windows only)
There are a number of reasons a user might need to restore their file to a previous version, from multiple users making unwanted changes to malware. So long as these files aren’t outright deleted, Tresorit keeps track of each file’s version history, allowing users to regain access to previous iterations. It’s worth noting that the feature is on a per-file basis and cannot be done with an entire folder which could be time-consuming in some circumstances.
File sharing support
It’s incredibly easy to share files with others when using Tresorit. Members can be directly invited to join a folder or gain access with a link. Joining the folder via email requires the recipient to register to Tresorit, but anyone with access to a linked version can view the folder. Administrators can impose a number of restrictions on these links in the name of security, such as making password protection mandatory, requiring emails to be verified before accessing, setting an expiry date or limiting the usage on the link itself.
Tresorit has an incredibly wide selection of support, each able to synchronize folders and add something to the mix. Desktop applications are available for Windows 7, 8, 8.1 and 10, macOS and Linux. Mobile applications include Android, iOS and, surprisingly, Windows Phone. And users can always access the dashboard via web browsers. As expected, notifications are always sent out to the master email address when a new log-in is made, allowing administrators to keep track of accepted devices and users.
Tresorit integrates with Windows via right clicking and Android in its Share menu. The ‘Convert to Tresor’ option does what it says on the tin, uploading the file or folder straight to Tresorit. ‘Share (Create link)’ automatically uploads it to the platform as its own Tresor, generating a link for other people to view the folder with. You can set all the different parameters to keep the folder private and secure before finalizing.
Privacy and security
Jurisdiction isn’t hugely important to a zero-knowledge company that washes its hands of any compromising data, but it can provide reassurance should anything mess up.
Although Tresorit has a number of secure Microsoft Azure data centers across Ireland and the Netherlands, the company is Swiss and therefore primarily within the jurisdiction of Switzerland. This is deliberate, as the Hungarian founders praise Switzerland’s stance on neutrality, privacy and the protection of customers.
The company promises zero-knowledge across the board, meaning that even Tresorit can’t see the content of your files. For security reasons, Tresorit does not even store passwords. This means that there is no recovery system in place for the master password but, in turn, it provides yet another layer of security.
Tresorit claims that it would, "take much more than a human lifetime to crack even one Tresor thanks to its use of industry-standard security algorithms".
The transaction starts by encrypting data with an AES-256-CFB cipher on the client side, which is then authenticated with RSA-2048 signatures and hashed with HMAC-SHA-512 for integrity.
ATLS tunnel is then established between the client machine and the cloud to ensure complete security when uploading and downloading. Finally, this is authenticated with the user’s digital signature, which mimics the remote directory structure on the client-side to prevent remote attacks.
Of course, all of this is further protected when enabling 2-factor authentication on any device with access to Tresorit.
While this does help to enforce the zero-knowledge policy that Tresorit swears by and makes the browser version similarly secure to its desktop and mobile counterparts, there is one big ‘but’.
The web is still not the most secure application delivery platform and requires the user implicitly trust those in control of a server. This allows Tresorit to act on its own interests instead of the user’s, able to push intrusive or malicious code without detection. Of course, we are not accusing Tresorit of this behavior, but simply pointing out that companies have complied with similar requests from governing entities in the past.
Due to the nature of closed-source applications, it’s impossible to take a peek under-the-hood in order to confirm Tresorit’s lofty claims. Despite this, the company is often welcoming when it comes to putting its security and privacy to the test, orchestrating numerous competitions that challenge world-renowned experts to crack their data encryption methods.
Ease of use
Using Tresorit is as simple as logging into the web browser version or downloading and signing into one of the supported applications. The user interface is incredibly clean and I especially appreciate that the Explore tutorial checklist is optional and non-intrusive.
Desktop (Windows 7+, macOS and Linux)
The first thing that Tresorit recommends is to download the application to the desktop. Regardless of the version, the next step is to create a new “Tresor.” This is a local folder which will be backed up to the cloud and synchronized across all devices.
Sharing a folder is particularly easy with options showcased to the right-hand side. Alternatively, users can right-click the file or folder within Tresorit and select ‘Share’. The layout is identical across all desktop-based operating systems, including the Admin Center tab redirecting users to their default browser. Currently, it seems as though Windows is the only platform to house OS integration.
Mobile (Android and iOS)
The mobile version of Tresorit is similar to its desktop counterpart, albeit slightly simplified. It enables access to all Tresors to upload and download any folder chosen. For security, the application prevents screenshots from being taken on mobile but we have snapped a picture to showcase what to expect.
Unfortunately, the mobile application isn’t currently able to synchronize with folders created on smartphones and tablets, meaning there’s a lot of manual work to keep on top of back-ups. The Admin Center is also a no-show on the application, requiring users to access the control panel via desktops.
Tresorit offers a complete version of its services on browsers, identical to its desktop applications. Users can directly access the Admin Center, allowing administrators to see what devices and users are connected, add 2-step verification, customize branding from logos to color schemes and change various settings. As mentioned above, this isn't as secure as the applications.
Tresorit is one of the most feature-rich cloud services available, with privacy enthusiasts sure to celebrate its neutral Swiss base of operations. Although the company does manage to cater to most ends of the market, it is undeniably a pricey offering compared to competition with some features confined to higher packages.
There is a wide range of support for current and obsolete operating systems, all of which are equally sleek in aesthetic and performance. However, the lack of mobile synchronization could be seen as a make-or-break feature that could turn some away.
Still, you certainly get what you pay for, which is a highly secure, highly private alternative to Dropbox and Google Drive. This is backed by reliable support that endeavors to answer queries within a timely manner. In particular, we recommend pairing Tresorit with a reliable password manager to make the most of securing your files.