YouSendIt Security Data Sheet – Secure File Transfer and Data ...

YouSendIt 

Security 

“ 

We saw that YouSendIt 

uses SSL; employs sound 

user authentication and 

password protection 

features; scans all files 

for viruses and has a 

secure physical structure. 

Our network engineers 

didn’t allow FTP for 

security reasons. 

” 

Leon Hampton 

Assistant Vice President 

Information Technology, Macerich 

Protect Your Data with Enterprise-Ready 

YouSendIt Security and Compliance 

Introduction 

© 2010 YouSendIt. All rights reserved. 

Datasheet 

There’s a simple contradiction challenging enterprises today. On the one 

hand, in order to stay competitive, corporations need to share information 

and collaborate, both internally and externally. On the other, they face 

growing concerns about security and regulatory compliance. 

Traditional means of collaboration—email, FTP, and couriers—are 

vulnerable to security breaches. Email is susceptible to viruses, and when 

users send files as attachments, you can’t track or regulate them. FTP is 

an outdated solution that’s confusing to users, so they find compromising 

workarounds like sharing passwords. And FTP files never expire, so your 

intellectual property remains exposed. Finally, when you use a courier, 

you never know who opens the package on the receiving end, or how long 

it remains lying around their office. 

YouSendIt, on the other hand, is an online collaboration tool that is both 

efficient and secure, with built-in systems that allow your organization 

to track and govern all file-sharing activity. 

Why YouSendIt 

YouSendIt is the most trusted, easy to use, and cost-effective secure file 

transfer solution available. Used by 16 million people and over 2500 

corporations worldwide, YouSendIt lets users send, receive, and track files 

quickly and securely, increasing productivity with minimal effort. 

At YouSendIt, we’re committed to delivering the highest levels of enterpriseready 

security and compliance in our data centers, application technologies, 

data-at-rest policies and procedures, and data-in-motion security measures. 

Key Features 

Enterprise-Class Data Center Security 

YouSendIt’s data centers are SAS 70 Type II-certified. YouSendIt’s servers are 

hosted in two data centers—one in California, US, and the second in London, 

England. Each facility is protected by double-wall construction and employs 

biometric and video surveillance, physical security, seismic protection, water 

suppression, and dry-pipe fire protection technologies to prevent damage or 

loss from fire, earthquakes, flooding, and other natural disasters. All servers 

are secured in a locked room with limited access restricted to authorized 

individuals. Access is auditable by password and biometric scan for entry. 

In addition, YouSendIt’s enterprise-class data centers have built-in system 

redundancy and high-performance load balancers.



Network and System Security 

YouSendIt leverages ISP and enterprise-grade 

firewalls that provide IP filtering and DOS 

protection for intrusion detection protection. 

All incoming network ports are blocked except 

for 80 and 443, which are dynamically opened 

and closed to allow HTTP and HTTPS traffic. 

Proactive network scans run at all times, 

and Internet spiders and search engines are 

blocked from files. At-rest encryption ensures 

that your entire system, operating system, and 

data and system files are secured at the highest 

level against cyber threats as well as lost or 

stolen disks. 

Application Security 

In addition to a hardened operating system, 

YouSendIt uses password and privilege 

policies to authenticate and authorize users. 

All passwords and credentials are encrypted 

during transmissions. With Active Directory 

integration, users are deployed and managed 

within the customer network. No passwords 

are stored outside of the corporate network, 

and the administrator can tightly manage the 

entire process. 

Data Protection During Transfer and At Rest 

All data in motion is encrypted using 128-bit 

SSL encryption with class 3 certificates and 

cryptography. File names are dynamically 

scrambled, and data is continuously replicated 

and scanned for viruses. All data in our secure 

data centers is encrypted using 256-bit AES 

encryption. These measures ensure that 

the integrity of the data is maintained during 

transmission, uploading, downloading, 

and storage of a file. 


Application 

• Hardened operating system 

• Proactive vulnerability scan 

• No single point of failure 

• Horizontally scalable modules 

• Advanced access and 

authentication controls 

Data Center 

• SAS 70 Type II certified 

• Video surveillance 

• Highly restricted access 

• Biometric scanning 

• Detailed audit logs 

• Redundant power supplies 

• Seismically protected 


Data 

• Encryption in transit: 128-bit SSL 

• Encryption at rest: 256-bit AES 

• Redundant file copies 

• Virus scanning 

• Dynamic file name scrambling 

• Data confidentiality—No search 

engine or spider access 

• File expiration and password 

protection options 

Network 

• Redundant 10GB bandwidth 

• ISP grade firewalls 

• High performance load balancers 

• IP and protocol filtering 

• DOS protection 

• Proactive network vulnerability scans



Stringent Security Compliance 

• PCI Compliant: PCI Compliant. YouSendIt is PCI 

compliant, meeting the worldwide information 

security standards for processing card payments to 

prevent credit card fraud. 

• SAS 70 Type 2 Compliant. YouSendIt is SAS 70 

Type 2-compliant. Issued by the Auditing Standards 

Board of the American Institute of Certified Public 

Accountants (AICPA), the Statement on Auditing 

Standards Number 70 (SAS 70), as amended, 

provides guidance to auditors for examining and 

reporting on the controls of a service organization. 

• HIPAA Compliant. YouSendIt, by the nature of its 

business, is exempt from being HIPAA compliant but 

is proactive in providing security and assisting our 

clients to achieve HIPAA compliance. 

• GLBA Compliance. YouSendIt complies with the 

privacy provisions of the Gramm-Leach-Bliley Act 

(GLBA), a law that governs certain activities of the 

financial services industry. Under GLBA, YouSendIt 

qualifies as a service provider. 

Summary 


Every business needs to stay productive and competitive through successful collaboration while remaining protected 

against security threats. YouSendIt provides enterprise-level security across your networks, systems, and applications 

during the entire digital communication process, whether you are accessing, storing, or transmitting data. 

YouSendIt, Inc. 

1919 S. Bascom Ave., 3rd Floor 

Campbell, CA 95008 

866.55U.SEND 


Tracking and Auditing of Data Transfers 

YouSendIt offers the ability to track files, obtain return 

receipts, control access to sensitive files, eradicate 

password sharing, set expiration policies for files, allow 

and disallow users, and enforce the most secure password 

policies at the company, group, or individual level. 

YouSendIt also delivers comprehensive user activity 

and usage reports for audit and compliance purposes. 

sales@yousendit.com 

www.yousendit.com

YouSendIt Security Data Sheet – Secure File Transfer and Data ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?