Security at a glance

Our georedundant servers are located at two highly secure data centers in Munich and Nuremberg. Both data centers are operated by German provider noris network AG. Go here for detailed information.

German technical service provider TÜV has certified our compliance with ISO/IEC 27001:2013 and ISO 22301:2019 , while an independent auditor has certified our compliance with the internationally recognized SOC (System and Organization Controls) standard. netfiles also meets the requirements for C5 certification as promulgated by Germany’s Federal Office for Information Security (BSI). To learn more about netfiles’ independent certifications, go here.

Access to the data room in netfiles is possible only with a valid combination of user name and password or with a valid passkey. After login, all data communication between the user’s web browser and our data servers is encrypted over the Internet using 256-bit SSL. In addition, 2-factor authentication is available (via text message or the Authenticator/OTP app) as an extra security option for logging into the data room.

netfiles uses the 256-bit Advanced Encryption Standard (AES) to securely encrypt your data as soon as you upload it to the data room. This algorithm provides excellent security and is widely regarded as one of the most secure encryption algorithms in the world. It is the solution of choice for governments and banks.

All data communication between the user’s web browser and the netfiles application servers is protected by 256-bit encryption based on the SSL/TLS protocol. SSL/TLS is also used to handle authentication, check for data integrity and transmit data securely using swapped keys. The security of the netfiles servers can be validated at any time via the well-known Qualys SSL Labs Test.

To reliably prevent all forms of malware, files are scanned for viruses, ransomware and/or any other malicious software when they are uploaded to netfiles data rooms. To maximize security, virus signatures are updated on an hourly basis.

netfiles GmbH is subject to the strict regulations of the EU’s General Data Protection Regulation (GDPR) and Germany’s Federal Data Protection Act (BDSG) to ensure the protection of personal data. netfiles guarantees a GDPR-compliant way of working and the highest level of security in the processing of personal data.

The netfiles application undergoes rigorous security checks that are carried out by SySS GmbH in Tübingen, Germany. SySS GmbH specializes in security and penetration testing.

netfiles GmbH is a member of TeleTrusT – Bundesverband IT-Sicherheit e.V. (the IT Security Association Germany) and bears the TeleTrusT quality seal "IT Security made in Germany". TeleTrusT, a wide-ranging network of excellence for IT security, is committed to the goal of promoting and strengthening IT security in Germany.

To qualify for TeleTrusT’s “IT Security made in Germany” seal, a company must be domiciled in Germany and operate its IT security research and development in this country. Solutions or products must not contain “backdoors”, and the company must commit to compliance with the requirements of German data protection law.

By satisfying all these criteria, netfiles guarantees its customers and users the highest standards of security, transparency and data protection.

netfiles Enterprise gives users the option of the single sign-on (SSO) feature. SSO is a secure but simple and user-friendly method of authentication. Users require only a single set of registration data with which they can then log into different applications or systems.