SafeShare is a web-based application that offers secure file sharing with zero installation required. Once we received our credentials, we entered them into` the user portal and were immediately on our SafeShare home screen. This home page features a tour option where SafeShare shows the location of everything within the interface and goes into further detail for a few of the available options. This SaaS model is incredibly convenient and has an optional client-based application. Following the intuitive and simplistic design, the user interface is very minimal with drag-and-drop upload functionality.
In terms of the behind-the-scenes encryption, HTTPS is usually utilized and heavily relied upon. SafeShare, however, encrypts the documents themselves and passes them over-the-wire, which is also encrypted. This gives users an additional layer of security.
Encrypted files can be shared with recipients inside or outside the organization while setting the desired level of permissions and a beginning and end date to access the specified file. If a user tries to email an external recipient and the encrypted file is classified as internal only, you will get an error message stating the user does not have access.
When sharing an internal file with an internal user, you can easily see who that document has been shared with, what permissions they have been granted, and when they have accessed the document. Under the sharing and permission view, you can easily stop sharing the file with any or all users, completely revoking their encryption key. Within file details you can also look at history logging. These logs contain version history, every action that has taken place in a file, when that file was shared, who that file was shared with, when each recipient accessed the file, and if any recipients have not yet accessed the file. Versioning is available, and a new version will not be created until the save button is pressed. Synchronization is also done with encryption.
In the administration tab, administrators can quickly switch between the user interface and the SafeShare organization administration interface with two clicks. The dashboard is simple and intuitive. Although administrators have access to all documents within the system and can see every action performed on every file, they cannot see actual file content unless they have been given access. You can see if people are accessing documents, and which ones they are attempting to access, even if they do not have permission to access them. Also located within the administration tab is a centralized kill switch. This revokes all encryption keys for that document and disables file share.
SafeShare can integrate with Active Directory via LDAP, which provides organizations with a centralized management point. Meaning, if someone leaves an organization, they can be deleted from the Active Directory, which will delete them everywhere else in SafeShare in real-time. This prevents these individuals from continuing to have access to files.
Recently, SafeShare has been integrated with Office Online. At the time of writing this article, this feature is in the process of being rolled out to customers. Covata is hosting its own, on-premises server for this. Meaning, the document is still contained. The file is decrypted then securely opened in Office Online. This is a differentiator when compared to other options in the space.
The application version of SafeShare is the dominant choice for the company’s customer-base and connects to its SaaS after installation. There is also an on-premises option for customers that want to host the entire product and service stack themselves for their use, or for their own customers. This is typically the preferred choice of government customers.
Reporting is another big feature with SafeShare. Filters can be built (start date, end date, emails to search, etc.) and these results can be exported as .csv or PDF files for viewing. These results are very detailed and granular, as per customer request, and exporting them somewhere else is recommended and simple to do.
The online documentation covers the user guide for the web browser and Windows client. Other online documentation includes the organization administrators guide, systems administration guide (directed toward customers who have self-managed dedicated instances), and API documentation. The documentation is very intuitive and includes relative screenshots.
Tested by: Matthew Hreben