Secure Send Service
Do you have customers that need to send you files privately and securely?
Do you have a Medical, Financial, or Legal business that has to meet privacy and security compliance standards
of your industry?
Do you need to send files to your customers fully encrypted with password protection?
Tired of waiting on snail-mail, postage and overnight fees, and trips to the post office?
Want to reduce the clutter and cost of physical paperwork?
Constantly dealing with files too large for email, or sending multiple emails just to get them all delivered?
Do you need to know when a file you are sending has been actively downloaded?
Tired of creating user accounts in your cloud system for each and every customer?
Did you know that services like Dropbox and Google Drive only guarantee data encryption AT REST, and not in
transit?
Did you know that even some of the best webforms only encrypt keyed-in data, but not file attachments?
Any customer can now simply upload any type of file to you via your website, encrypted and with password
protection - from any device.
There's ZERO software for your customer to learn, they key-in NONE of their contact or private information.
2GB max filesize, 10GB disk space, 50GB monthly bandwidth, No file download limit, Upload up to 10 files at a
time, Configurable File Retention, No Contract, Cancel Anytime.
No technical server knowledge needed, No software to install and learn, An intuitive simple web dashboard for
website owners.
No need for SSL for your website*, your upload portal is individually secured.
We use strong encryption to protect files both IN TRANSIT and AT REST (storage).
How it works (customer to you):
A customer visits a secure page on your website.
They drag/drop or browse for file(s) to send you.
They set their own unique password to the file(s), and click Submit.
They communicate the file password to you separately via Call, Text, Email, or Webform** - It's up to you.
How it works (you to the customer):
Login to your online dashboard.
You drag/drop or browse for file(s) to send them.
You set a unique password for the download, and click Submit.
You copy/paste a generated unique link and send it to the customer via Text or Email.
You communicate the file(s) download password to them separately via Call, Text, or Email*** - It's up to you.
FAQ:
What happens if the file sender loses the password?
The file will have to be re-sent. We can't crack it open either.
Do I have to first create an account for my customer?
No, anyone can visit your site and upload a file. Files cannot be opened without a password, and the customer
has to communicate that password to you - which in effect authenticates that the file is legitimate.
My company has its own cloud system, can't we use that?
Creating the unique entry point for each new customer in a cloud system, with those customers then aging-
out, or experiencing hardware or data theft themselves - the multitude of unmonitorable connections
becomes a security risk.
What if I need more space/bandwidth?
Contact us and we will evaluate your needs to determine a pricepoint.
How long is the uploaded file available?
It's up to you. You can set by number of days, number of downloads, or delete manually.
Ok, where are the datacenters?
We are an American company- created, hosted, and maintained in the USA. Hosting and file storage is provided
by Microsoft's Cloud Platform, Windows Azure. Encrypted files are replicated and stored in separate secure
data centers located in the Western and Eastern US for high availability.
Isn't my email secure?
If it is provided by us, and configured properly - yes. You have ZERO control over the other person's email
account or their configuration. Often business need to communicate larger than email can handle. Our email
handles an industry leading 36MB per message, but the recipient's servers may not be able to receive files that
large, or you may need larger than even 36MB.
I thought Dropbox and Google Drive were secure?
They are - AT REST (when files are simply sitting on the server). They are not always secured IN TRANSIT (while
the files are being uploaded/downloaded). And the multitude of unmonitorable issued connections becomes a
security risk.
An unruly customer or competitor is spamming my upload portal, what do I do?
Although rare - it does happen, we can employ methods such as captcha prior-to the upload.
My website already has a way for customers to upload files to us as encrypted, why is this better?
You likely don't have a simple way to send large encrypted files back to the customer, our system does.
Technical Features:
Every file (and the filename) uploaded to this service is encrypted with AES 256-bit encryption.
Every file is encrypted with a non-stored unique 256-bit key, the unique non-stored passwords are used to
generate these unique keys - we cannot even decrypt or recover your files, only someone that knows the
password can.
Ensured SSL encryption of transmitted files point-to-point, every time. No worrying if someone is using an
outdated website, outdated operating system, outdated app, outdated/improperly configured software, or
improperly configured email connection. The 100% web-based system is always up-to-date for all users.
Secure hosting facilities, data centers adhere to strict security standards and are powered by Microsoft
Windows Azure.
Redundancy, each encrypted file is stored in multiple instances and across two geo-separated datacenters,
against hardware or network failure.
Hardened, encryption keys and dashboard passwords are created/hashed using the PBKDF2 function, for its
resistance to brute-force attacks (vs SHA256).
Randomness, randomization is utilized throughout the system by cryptographically secure random number
generator.
Best practices are used to protect against SQL Injection, Cross-site (XSS) Scripting, and OWASP Top 10 risks.
Frequency, the system's development team proactively monitors for and applies updates and patches against
known threats.
Footnotes:
*We DO recommend getting SSL for any website, show your visitors you care about their security.
**There may be an additional fee for a webform to collect the passwords, depending on your site package.
***If the recipient of the download link and the recipient of the download password is the same email account
- it is much easier for a data thief to access the file, should they gain access to the recipient's email account.
Secure Send Pricing:
$50 1-time setup
$20 per month