Compliance: NIS2
Are you ready for it?
In the context of moves to implement NIS2, netfiles helps you minimize risks relating to data storage and exchange. Our certified data rooms are easy to use, highly secure and available anywhere.
Outstanding data availability
Certified and audited compliance with the strictest security standards
Everything is owned, made and hosted in Germany: No backdoors – just full compliance
High failsafe performance thanks to redundancy and backups
State-of-the-art data encryption by default during both storage and transmission
NEW: The end-to-end encrypted netfiles Data Vault

What is NIS2?
Directive (EU) 2022/2555 for network and information security (NIS2) came into force on October 18, 2024, replacing the previous NIS directive from 2016 in order to further improve cyber-resilience within the European Union. The new directive constitutes the EU’s response to a serious cyber-threat situation that has worsened further in recent years.
Who is affected?
The scope of validity has been broadened significantly compared to the previous NIS directive. Companies from both highly critical sectors (“especially important institutions”) and representing critical infrastructures (KRITIS) are affected, as are sectors with lesser criticality (“important institutions”). This scope includes
energy
traffic and transport
water and wastewater
healthcare and pharmaceuticals
financial and insurance sector
information and communication services (ICT)
public administration
postal and courier services
mechanical and automotive engineering
research
NEW: Even smaller companies with upward of 50 employees and total assets of more than EUR 10 million are affected, together with companies along the supply chain. The website of Germany’s Federal Office for Information Security (BSI) provides detailed information on which companies are affected. It is expected that the NIS2 directive will be translated into German law in the course of 2025.
Why you need to act
Although the EU member states are obliged to implement NIS2, the directive has not yet become law in Germany. However, companies are advised to take action quickly because NIS2 compliance also gives them greater security and a sharper competitive edge. This is especially true of their dealings with data. A secure and certified data room helps you:
Exchange data quickly and easily
Minimize security risks and the risk of failures
Reduce the risk of liability and of being sanctioned
Foster greater trust among customers and partners
In Germany, the BSI provides initial assistance in implementing the directive to companies that are likely to be affected.
How netfiles supports you
Secure communication is a key element of modern cyber-resilience. It is vital for companies to always maintain control over their information – internally (in communication between colleagues), externally (in dealings with partners and supervisory authorities), for critical business documents and in the context of incident response.
Secure data processing
Access control and authentication
Reporting obligations/audits
Protection of sensitive information
Business Continuity
Secure data processing
netfiles data rooms meet the strictest standards of security in line with international norms. netfiles is ISO 27001-certified, but also possesses BSI C5 and SOC 2 certifications (type 2) that are regularly renewed. Once a year, netfiles additionally subjects itself to an independent penetration test.
Go here for more information about our various certifications.
Access control and authentication
Detailed access rights at folder level specify which users can read, edit, download, print or not even see which documents. Confidential and sensitive documents thus remain safely protected against unauthorized access.
2-factor authentication (with the option of text message notification or an authenticator app/OTP), single sign-on (SSO), enhanced password guidelines and password-free login with a passkey provide additional security options to guarantee maximum protection and a convenient login experience.
Reporting obligations/audits
Audit-proof logs are kept of all user activities in netfiles data rooms. Administrators can view and export detailed logs at file, folder or user level. Activity logs provide a comprehensive insight into logins, views, downloads and the use of Q&A functions by individual users and user groups.
This facility helps you meet your documentation and reporting obligations, as every activity is fully documented and can be reconstructed transparently.
Protection of sensitive information
All documents in netfiles data rooms are AES-256-encrypted in line with the current state of the art during both storage and transmission. Data communication is protected by SSL/TLS (256-bit). netfiles regularly scores the top grade A+ in SSL Labs security tests.
New: netfiles Data Vault gives you the option of a data room with end-to-end encryption.
In addition, optional functions such as watermarks, the prevention of document downloads and automated virus scans whenever your documents are uploaded allow security to be adapted to your individual requirements.
Business Continuity
Modernste Technologien für Datenverschlüsselung, Authentifizierung und Zugangskontrolle gewährleisten, dass Ihre Daten bei netfiles vor unbefugtem Zugriff sicher sind. Vor Datenverlust schützen zudem unsere redundante Datenhaltung, Backups sowie regelmäßige Sicherheitsüberprüfungen. Und das bei einer garantierten Systemverfügbarkeit von 99,9 %.
Daten, die Sie in einem netfiles Datenraum speichern, stehen auch im Fall eines IT-Ausfalls in Ihrem Unternehmen weiter zur Verfügung und können unabhängig von Standort sowie Endgeräten und Betriebssystemen abgerufen werden. Das macht netfiles zu einem idealen Bestandteil Ihrer Business-Continuity-Strategie.
Für die langfristige Aufbewahrung und Archivierung Ihrer Daten bieten wir darüber hinaus ein Online-Datenraum-Archiv an.
Secure data processing
netfiles data rooms meet the strictest standards of security in line with international norms. netfiles is ISO 27001-certified, but also possesses BSI C5 and SOC 2 certifications (type 2) that are regularly renewed. Once a year, netfiles additionally subjects itself to an independent penetration test.
Go here for more information about our various certifications.
Access control and authentication
Detailed access rights at folder level specify which users can read, edit, download, print or not even see which documents. Confidential and sensitive documents thus remain safely protected against unauthorized access.
2-factor authentication (with the option of text message notification or an authenticator app/OTP), single sign-on (SSO), enhanced password guidelines and password-free login with a passkey provide additional security options to guarantee maximum protection and a convenient login experience.
Reporting obligations/audits
Audit-proof logs are kept of all user activities in netfiles data rooms. Administrators can view and export detailed logs at file, folder or user level. Activity logs provide a comprehensive insight into logins, views, downloads and the use of Q&A functions by individual users and user groups.
This facility helps you meet your documentation and reporting obligations, as every activity is fully documented and can be reconstructed transparently.
Protection of sensitive information
All documents in netfiles data rooms are AES-256-encrypted in line with the current state of the art during both storage and transmission. Data communication is protected by SSL/TLS (256-bit). netfiles regularly scores the top grade A+ in SSL Labs security tests.
New: netfiles Data Vault gives you the option of a data room with end-to-end encryption.
In addition, optional functions such as watermarks, the prevention of document downloads and automated virus scans whenever your documents are uploaded allow security to be adapted to your individual requirements.
Business Continuity
Modernste Technologien für Datenverschlüsselung, Authentifizierung und Zugangskontrolle gewährleisten, dass Ihre Daten bei netfiles vor unbefugtem Zugriff sicher sind. Vor Datenverlust schützen zudem unsere redundante Datenhaltung, Backups sowie regelmäßige Sicherheitsüberprüfungen. Und das bei einer garantierten Systemverfügbarkeit von 99,9 %.
Daten, die Sie in einem netfiles Datenraum speichern, stehen auch im Fall eines IT-Ausfalls in Ihrem Unternehmen weiter zur Verfügung und können unabhängig von Standort sowie Endgeräten und Betriebssystemen abgerufen werden. Das macht netfiles zu einem idealen Bestandteil Ihrer Business-Continuity-Strategie.
Für die langfristige Aufbewahrung und Archivierung Ihrer Daten bieten wir darüber hinaus ein Online-Datenraum-Archiv an.
Compliance
No-gaps implementation of regulatory requirements
netfiles supports companies as they implement central regulatory requirements, laying the foundation for fully compliant data exchange in sensitive contexts. For legal provisions such as the GDPR, NIS-2, DORA and for industry-specific requirements, there is no difference: Certified in accordance with ISO/IEC 27001:2013 and ISO 22301:2019, our data rooms satisfy the very strictest requirements in terms of confidentiality, integrity and availability.
Data is both stored and transmitted in encrypted form. Access controls can be micro-managed to a very granular level. And audit-proof documentation of all activities is guaranteed. Taken together, these measures ensure that your sensitive data is fully protected – and audit-proof – at all times.
A welcome alternative to US providers
No more file sharing loopholes
When it comes to data exchange and virtual data rooms, netfiles gives you an exceptionally secure alternative to US providers. Since our development and hosting activities – and our company headquarters – are all in Germany, netfiles complies fully with the GDPR and helps you realize a sovereign data strategy. All data that you transfer via netfiles is always AES-256-encrypted and stored at ISO-certified data centers in Germany. This practice complies with the EU’s strict data protection directive (the GDPR). It also guards your data against manipulation and access by foreign government agencies and against laws such as the US CLOUD Act.
netfiles is certified in accordance with ISO/IEC 27001:2013 and ISO 22301:2019. It also possesses independent BSI C5 certification and is certified pursuant to the internationally recognized System and Organization Controls (SOC 2) standard. To keep you independent of insecure data protection treaties and the US CLOUD Act, netfiles thus gives you complete control of your data and reinforces your data sovereignty.