Questions & answers
about Cryptshare

From the very beginning, we have designed Cryptshare as a secure digital transfer service.

As such, Cryptshare makes sure your data is protected at all points of risk on the journey from sender to recipient, meaning from the time it leaves the relative safety of your firewall until it reaches its intended destination.

When your data is in transit it is most at risk because this is precisely when it is most vulnerable to third-party attacks.

To secure your data exactly when it needs it most, Cryptshare has much more to offer than simply email security.

Powered by its many innovations, Cryptshare not only enables exchanges between individuals using email in a traditional way, but also facilitates communication for machine-to-machine and application-to-application use cases – challenges that every enterprise are facing.

We recommend you to watch our video on YouTube to see how Cryptshare works.

The price depends on several factors:

• How many employees will use Cryptshare?
• Would you like to make it easier for your employees to communicate securely using our Outlook or Notes integrations?
• Do you want to automate processes and need access to the Cryptshare API?

Our SaaS solution Cryptshare.express, for example, offers smaller companies a somewhat limited functionality and starts at 5 EUR per user per month.

You are welcome to send us a price inquiry using our contact form. 

While keeping a high level of security, Cryptshare is much more intuitive and user-friendly that other methods for transferring large or secure information such as Email, S/MIME, FTP, S-FTP or portal solutions.

Cryptshare combines the following advantages:

• No client software installation required – a browser is sufficient.
• No special know-how required using the system – the user frontend is self-explanatory.
• Attractive, intuitive and simple user interface that everybody can understand and that can be adapted to your corporate design.
• No need to set up user accounts. No forgotten passwords, dead accounts or time-critical creation requests.
• Full audit trail of all transfers. The senders will be informed about the status of their transfers. A log gives information about all transfers in a central place.
• No dead files. Cryptshare deletes all transfer packages after a configurable number of days and thus cleans up itself.
• Integration into Outlook and Notes can be used to further increase the ease of use.
• No file size limits. Cryptshare can exchange files of any size.

Cryptshare is ideal for ad-hoc file transfers in the area of B2B or B2C communication, especially as external parties can send you confidential data without having to fulfill any pre-requisites.

Cryptshare is characterized by the following advantages:

• Cryptshare is under your control, in your data center or hosted as a private cloud service. It can be used as your company’s portal for exchanging your files with your partners.
• Cryptshare is not a public cloud-based file sharing solution but a business server product running under your control. This makes sure that sender and recipient have access to the Cryptshare server URL and are not blocked by their firewall or filter systems from accessing the system. Also you can be sure that no one can read your data but you. There is no backdoor for lawful interception as with many cloud services.
• Security along the entire transfer path without having to exchange certificates or software in advance.
• No user accounts. No time-critical creation of accounts, no resetting of forgotten passwords, no deletion of unused accounts.
• No cost for external users, no matter if they send or receive files.
• No limits or costs for transfer volumes (apart from ISP cost).
• No limits or costs for bandwidth (apart from ISP cost).
• No storage cost in Cryptshare. Only the cost of physical storage you allocate applies.

Cryptshare for Outlook offers several advantages compare to S/MME or PGP:

You can send a secure message ad-hoc to any recipient without any preparation. Recipients do not need to have an S/MIME or PGP installation, nor do you need to exchange public keys with them before you can communicate. You don't even need to have a Cryptshare installation, licence or user account. The only need to have an email address and you need to inform him on a separate way about the password that you have set for the message. In case you forget, the recipient automatically gets your contact details and can get in touch with you. This can be done by SMS, for example.

S/MIME and PGP encrypt your email message, but do not help you with large file attachments. Typically, size limits apply either on your mail server, on the recipient's mail server or on the systems of email providers on the way. Often, these limits are as low as 10 or 20 MB. As a result, large files cannot be attached. With Cryptshare for Outlook, you can attach very large files to your message, up to multiple gigabyte. The files are not transported via email, but via your Cryptshare server, even taking the load off your and the recipient's email system. Only your system administrator can limit the size by configuration.

For technical reasons, S/MIME and PGP can encrypt the email body text, but not the subject line. With Cryptshare for Outlook, you can choose to also send the subject line encrypted if it contains confidential information. Thus, you protect yourself and your recipient from eavesdropping and social engineering attacks. Also, S/MIME and PGP use the same encryption keys every time you communicate. If the private key is compromised, this also applies to every communication exchange that has already been or will be carried out with this key pair. Cryptshare uses another key for each communication between two parties.

Cryptshare will inform you when your message has been delivered to the recipient and will keep a full audit trail about all communications. Your message will not be routed through a series of mail servers of which some are out of your control. Instead, your message is uploaded to your own, secure server and downloaded by the recipient straight from there, using latest transport and storage encryption technology. This allows to provide a full audit trail about all communications, notifications to the users e.g. about successful deliveries or attempts to attack the contents and takes away headaches with data protection legislation in many countries and industries.

One way to share large files with external contacts are cloud-based file sharing services. However, these cloud-based file sharing services often require the recipient to set up a user account, learn using a new interface or even install a piece of software on their device.

Cryptshare for Outlook offers a way to exchange large files bidirectionally without having to meet any of these preconditions. Using Cryptshare for Outlook, you can just attach files of any size to your email message. It makes sure that the files are delivered to the recipient in a secure and auditable way without exceeding file size restrictions on the email server.
External contacts can not only respond to you, but can also initiate new large file transfers to you. When you receive an incoming communication containing files, you can choose to save the files to disk or import them into your Outlook inbox. Using warning thresholds and import size limits, the administrator can make sure that very large files can only be saved to disk, but not into the inbox.

Cryptshare for Outlook can be used with any supported version that is installed locally, regardless of how Outlook was licensed or purchased. This includes all Outlook 365 versions that can be downloaded and installed locally. An integration also exists for the web-based versions of Outlook (Outlook on the Web (OWA)).

Since we as a manufacturer of security technology are subject to certain export limitations, we cannot make the files completely publicly accessible.

However, you can open a user account in our customer and partner area at any time and download the files afterwards.

Click here to visit our portal
 

Yes, this is possible. Please send your change requests to your reseller or by e-mail to support [at] cryptshare.com (support[at]cryptshare[dot]com). We will then provide you with a new license file which you can upload to your Cryptshare server. As soon as you have adjusted your policies accordingly, the new domains can be used. We reserve the right to charge a fee for issuing a new license file.

Yes, you can add more domains to your license key as long as these domains are owned by your company as well.

Please send your change requests to your reseller or by email to support [at] cryptshare.com. We will then provide you with a new licence file which you can upload to your Cryptshare server. As soon as you have adjusted your policies accordingly, the new domains can be used. We reserve the right to charge for the issuing of a new licence file.

No. External communications partner that communicate with you using your company's Cryptshare Server do not need to be licensed. Neither if you send information to them nor when they send information to you. Also, they don't need to create a user account or set up any software.

The use of Cryptshare for Outlook requires an Business Licence Key to be installed on the Cryptshare Server. As a user, you cannot check whether or not Cryptshare for Outlook is licensed on your Cryptshare Server. However, your administrator can check the licence key as described in our admin documentation.

Yes.

We reserve the right to charge for repeated requests of listed name changes.

Please find an up-to-date list of supported browsers here.

A TLS-encrypted connection is used to transport the files from the sender to the Cryptshare Server and from the Cryptshare Server to the recipient. The key length depends on the TLS certificate used on your Cryptshare Server.

The storage of files on the Cryptshare Server is also encrypted.

The Cryptshare plug-ins Cryptshare for Outlook and Cryptshare for Notes also communicate directly with the Cryptshare Server via TLS.

When you decide to use Cryptshare, you will have one (or many) Cryptshare Servers dedicated for your business. Employees of your business can use them to exchange their own files with their external communication partners. No third parties can use your Cryptshare Server(s) to communicate with each other.

It is also possible for you to install Cryptshare on a server hosted by an Internet Service Provider (ISP) on your behalf or in your private cloud with a cloud provider of your choice.

In the meantime, Cryptshare is also available as a public cloud-based Sofware-as-a-Service. Ask about Cryptshare.online if you want to make full use of Cryptshare but do not want to host it yourself.

Since Cryptshare uses cookies, you must configure your browser to accept cookies.

No. Cryptshare does not use any ActiveX components.

No. File transfer via Cryptshare is secured by the following technical measures:

• End-to-end file protection. The transport of the files is TLS-encrypted, the storage of the files on the server is also encrypted.
• Option to integrate a virus scanner on the Cryptshare server, which scans all files to be transferred.
• File type filter to exclude certain file types by rule.
• Logging of all transfer processes.
• Verification of all sender e-mail addresses.
• Possibility of restricting the user group via blacklisting or whitelisting of mail or IP addresses in the policy.

The Internet serves as the medium for the transfer. All security mechanisms that are already used for web traffic in your company today can also be used for Cryptshare.

Compared to conventional transfer methods such as e-mail, FTP or data carriers, these measures represent a significant increase in security and traceability. 

Compared to other encrypted transfer methods such as Secure FTP or S/MIME, the simple interface and high level of interoperability between the sender and recipient systems ensure a high level of user acceptance. In our view, this user acceptance is crucial for users to use secure transfer methods at all.

The decision as to which users may use Cryptshare in your company is still in your hands. This can be controlled via the policy.

Yes. We only provide pre-configured virtual appliances for VMware and MS Hyper-V,  but if you want to use another hypervisor than VMware or MS HyperV, you have the option to manually create a virtual machine using one of the operating systems supported by Cryptshare. Download and install Cryptshare as software on that machine.

If you want to use a hypervisor other than VMware or MS Hyper-V, you can manually set up a virtual machine with one of the operating systems supported by Cryptshare and install Cryptshare as software on this virtual machine. You can obtain the Cryptshare software from your reseller for various Windows and Linux operating systems.

Our preconfigured VMs can only be run on VMware and Microsoft Hyper-V. We do not support automatic conversion for other hypervisors. 

You can find the installer for MS Hyper-V in our portal under product lines.

A file or a transfer package consisting of multiple files can have any size. There is no technical limit in Cryptshare other than limitations of the server hardware for storing the file.

Although there is no technical limit for the size of files transferred via Cryptshare, we suggest to set a size limit which reflects the performance limits of your current IT infrastructure.

The size limit for Cryptshare transfer is not static. Using the Cryptshare policy, you can set individual size limits for certain sender/recipient combinations and tailor Cryptshare to meet different use cases of different user groups in your business.

yes. You can run as many Cryptshare servers as you want without any additional licence cost as the licence is per mailbox, not per server. This way, you can set up for example a Cryptshare Server for each country or continent your company is represented in.

Yes, the license allows you to run as many Cryptshare servers as you want in your company, as the licensing depends solely on the number of mailboxes in your company. For example, you can operate a Cryptshare Server in any country or on any continent where your company is represented.

Yes. The log data are stored in a database on the Cryptshare Server. It is possible to export the log data into central log management / SIEM systems for further processing using the LogBack library.

Every transfer package is encrypted individually. The key is derived from the password set by the user.  This means that every file transfer on the Cryptshare Server is potentially encrypted with a different key, which ensures a high level of security.

To be able to use Cryptshare for Outlook, you need to have

• A Cryptshare Server to connect to. That could be the Cryptshare Server of your own business or of your communication partner's business. The Cryptshare Server needs to be licensed and configured for the use of Cryptshare for Outlook.
• A local installation of Microsoft Outlook (list of supported Outlook clients) and a local installation of the Cryptshare for Outlook Add-In. The add-in can be obtained from your Cryptshare Server Administrator.
• A web-based Outlook client that fulfills the system requirements and the provision of the web-based add-in.

Click here for a full detailed list of system requirements.

No. Currently, we do not offer a version of Cryptshare for Outlook for Microsoft Outlook for Mac. 

Cryptshare for Outlook

• Secures the transport of your data between your computer and the Cryptshare Server as well as between the Cryptshare Server and the recipient's computer using the latest transport layer security (TLS) standards.
• Secures the files using a strong encryption algorithm as long as they are stored on the Cryptshare server. This uses unique keys that are not stored on the server, but are generated using the password specified by the sender/recipient.
• Automatically removes data from the server after a defined interval.
• Performs a virus check of all contents you send or receive via Cryptshare.
• Detects unauthorized attempts to download data and reacts by blocking or deleting the contents from the server and informing you about the incident.
• Keeps a full audit trail of the data you send and receive, including IP addresses of senders and recipients.
• Notifies you about successful and unsuccessful delivery.
• Puts you in control over your data at any time.

There is a large number of MS Outlook Add-Ins on the market interacting with Outlook contents in different ways. Cryptshare for Outlook is designed to be as compatible as possible to any other Outlook Add-In. However, testing it in combination with all of them in different versions and configurations is impossible.

The best way to verify compatibility for your environment is to register for a trial on our hosted demo server and use and test Cryptshare for Outlook in your environment. Of course you can also get in touch with our support team to find out if there any known issues or incompatibilities with the Add-Ins you use.

Cryptshare for Outlook can only be used in combination with MS Exchange Server. Compatibility with other mail systems is not tested and not supported by us.

No. Relaying has to be activated, if you use Microsoft 365.

Yes. You can exchange files in both directions. Neither your employees nor their communication partners need to install software, exchange certificates or set up user accounts in advance. No matter if the transfer is inbound or outbound – the sender opens the URL of the Cryptshare server in his browser and is guided through a few easy, self-explanatory steps.

Thus, anybody can send messages or files securely without having to involve IT staff in advance.

The Cryptshare license covers communication with any number of external contacts, no matter if these use the system as recipients or senders.

To make Cryptshare even easier and more comfortable to use, we offer integration into MS Outlook and HCL Notes. These allow the confidential sending and receiving of confidential messages or large files straight from your email client.

Yes. You only need to license the number of email accounts within your own email domain(s). The number of external contacts you communicate with is not relevant for the license price.

It does not matter for the license if the external users are sending or receiving information.

Yes. The sender of a transfer gets an email that informs about the download of a file transfer. Also he is notified if the download expires without having been downloaded. In addition to that, there is a central log file that only administrative users can access. You can configure logging options to keep track of the details you want to see and hide those you don’t want to log.

It is possible to log the point in time when up- or downloads have been made, the sender and recipients’ IP and email addresses, filenames and sizes as well as texts and subjects entered by the users.

Yes. You can send any number of files per transfer.

Yes. You can enter any number of recipients per transfer.

We suggest exchanging the password on a separate way (out of band), e.g. by telephone, SMS or by agreement in advance.

If you use Cryptshare for Outlook, you can also send the password automatically via SMS if a compatible SMS gateway is connected.

The recipient receives the sender’s contact data as part of the notification message. He can get in touch with the sender to ask for the password if he does not know it already.

Cryptshare itself does not store the password at any time.

You can revoke a transfer anytime.

Yes, this is possible. As the sender, you can revoke transfers at any time with one click. In addition, system administrators can delete transfers directly from the Cryptshare Server.

Besides that, Cryptshare password protection will still keep your file safe. To be able to download the file, the recipient needs to know the password and get in touch with you to ask for it. Until you authorize the recipient by giving the password to them, the files cannot be downloaded. The download link without the password is of no value for a wrong recipient. Cryptshare only accepts a very limited number of unauthorized download attempts and will then either block access or erase the files from the server and notify the sender about the incident.

The duration of a file transfer is depending on the network speed between the participants, i.e. the sender, the Cryptshare Server and the recipient, as well as from the file size and the reaction speed of the recipient.

Files are uploaded to the Cryptshare server first. When they have completely arrived, a download notification will be sent automatically to the recipient. As soon as the recipient downloads the files, the transfer is complete.

Yes. There is a possibility to embed a virus scanner into the Cryptshare Server that can be called using a command line. Our appliances are pre-packaged with a virus scanner. If you install Cryptshare on your own server, you are free to choose which virus scanner you want to use.

An automatic compression of the files during the transfer does not take place. However, the recipient has the option of retrieving all the files together as a ZIP archive.

Using Cryptshare for Outlook, you can set a password or have a password auto-generated for each message you want to send securely. Ideally, you should use passwords which are not trivial. But we all know that it is hard to remember passwords which are not trivial. Cryptshare for Outlook solves this problem for you. The upload manager sidebar will keep track of all the passwords that you have set manually or have had auto-generated by Cryptshare. If a recipient calls you and asks for the password, all you need to do is look up the password in the upload manager. The password history will remember the passwords for all transfers which are still available on the server for download and auto-delete older ones.

The passwords are stored encrypted in your local user profile on your computer.

Using Cryptshare for Outlook, you can exchange confidential email messages, very large files or both with your external contacts. Where file sharing solutions typically only allow you to exchange large files and email encryption solutions can only handle attachments up to a certain size, Cryptshare for Outlook solves both issues for you at once.

Technically, there is no size limit in Cryptshare, so you could potentially send files of any size. However, there are limits that the administrator can (and probably will) set. These limits do not apply per user, but per sender/recipient combination, so they could be different when sending to recipient A or B. This will allow the administrator to tailor the file size to the use case. For example, you might be able to send very large files to somebody in the marketing department that deals with hi-resolution images and videos, but will see a lower limit when sending to HR.

Even though you can send very large files out of MS Outlook now, you don't need to worry about the size of your mailbox. There are warning thresholds and file size limits that allow to customize the solution so that only files up to a certain size can be kept as email attachments in inbound or outbound messages. Larger files can only be saved to disk.

No. The benefit of Cryptshare is that you can send very large file attachments, but these attachments are no longer handled by your email server. Also, they don't necessarily stay attached to the messages in your mailbox. Administrators can define limits beyond which file attachments are automatically detached from sent or received messages and replaced by links to the location in the file system.

As a result Cryptshare reduces the space consumption on the mail server and makes it very easy for users to find the files which were sent or received in the message. 

The QUICK Integrated Cryptshare Key considerably simplifies the use of Cryptshare!

Instead of having to exchange one-time passwords manually, QUICK will take care of password management for you.

You won't have to deal with passwords anymore and can send and receive information with passwordless security.

The Cryptshare Policy allows you to exclude certain mail addresses, mail domains, IP addresses or IP address ranges from using your Cryptshare Server via black- or whitelisting. It is also possible to work with Active Directory or LDAP groups to set up policy rules.

Yes, the administrator can specify a minimum, maximum and standard retention period. The user can change this standard retention period for each transfer within the defined limits. However, transfers that have already been made available are processed with the retention period set at the time of sending.

Yes, Cryptshare has a flexible file type filter that allows you to allow or disallow certain types of files for certain sender/recipient combinations. The file type is identified by the structure of the file and not just by its file name. If you use a content filtering system that scans the data traffic via port 443 (TLS), the content of the files to/from the Cryptshare server is also monitored by this filter.

Yes, click here to learn more about Cryptshare's archiving and DMS interface.

Cryptshare has strong encryption and helps you to comply with standards such as GDPR/DSGVO/AVG, NTA7516, HIPAA and CCPA.

Our development approach is to continuously develop and improve our Cryptshare product. 
Customers benefit from this model as they are always entitled to the latest and greatest version of Cryptshare.

A certification of a product with the scope of Cryptshare would take several months and would only apply to the exact version that was certified.

Any change to this version would require a re-certification of parts or even the entire solution, which entails a similar effort.

Since Cryptshare is a web application, we offer minor fixes and updates on a regular basis. This is done to respond to current security threats that become known in the technology components we use, as well as new developments such as updated browser versions or technologies. Unfortunately, this frequent update policy is at odds with a certification approach. Apart from the impact on our release cycles, the cost of a continuous recertification cycle would force us to significantly increase license costs.

As a result, Cryptshare is currently not certified.

We have customers in many security-related industries such as banking, insurance, government, utilities, defense, etc. who use Cryptshare after they have assessed the product security themselves. In addition to internal automated and manual security checks, we encourage all our customers to share feedback from security checks and assessments with us to keep product security at a high level.

We do not see safety as a one-off achievement, but as an ongoing process.

You can find the different installation types of Cryptshare here.

Yes, you can. You can find detailed information here.

Yes, you can. You can find detailed information here.

Cryptshare for Notes can be installed by the Domino administrator. You can find more information here. 

Yes, the integration of a TLS certificate is a prerequisite for the encrypted transfer of files between the sender/recipient and the Cryptshare Server. The certificate is not part of the Cryptshare product price, but must be purchased separately. There are no specific requirements that Cryptshare places on a TLS certificate. You can choose a certificate from any provider and with any options.
We recommend the following.

1. Choose a provider that issues certificates that are signed by a Certificate Authority commonly used in browsers. You can view the list of known Certificate Authorities in your browser. This ensures that visitors to your Cryptshare installation are not confronted with warning messages.
2. Depending on the provider, there are a number of additional options that you can order with a TLS certificate. None of these additional options are required for the operation of Cryptshare. The simplest certificate is sufficient. However, operation with a certificate that has additional options is also possible without any problems.

Please note that you need a separate TLS certificate for each (sub)domain, i.e. if you want to run another website or web application on the same web server in addition to Cryptshare, you will need several TLS certificates or a so-called wildcard certificate that covers all subdomains of a main domain.

You can find an overview of the system requirements here.

We regularly offer language packs for a number of European languages. You can download the current language packs for Cryptshare Server and Cryptshare for Outlook at https://documentation.cryptshare.com/w/CSSCurrent_en:Language_Packages and https://documentation.cryptshare.com/w/CSOCurrent_en:Language_Package_Download respectively.

It is also possible to modify or create language packs. Information on this can be found at
- Cryptshare Server
- Cryptshare for Outlook 

Yes, detailed information can be found here.