Is it safe to send files with Fileinbox? In short: yes. It's the safest way to transfer files, and way safer than sending files over email.
Hundreds of businesses use Fileinbox to receive the sensitive documents from their clients that they need to run their businesses. Since launching in 2013, Fileinbox has had zero known data breaches.
Are you sending or receiving sensitive health information and need HIPAA compliance? Fileinbox has a great solution for you, it just needs a little more setup. Schedule a call with Christian Genco, founder of Fileinbox, for a free file security consultation.
Want more technical details? All Fileinbox traffic is encrypted with SSL through HTTPS. User accounts and sign-ins are protected with the open source Rails Devise gem, which hashes and salts user passwords (why is that important?).
Credit card transactions are handled through Stripe, which is certified to PCI Service Provider Level 1. Credit card information is never seen by the Fileinbox servers. Even in the extremely unlikely event of a full database breach, user credit card data would remain safe.
Files are transferred through an encrypted connection (Transport Layer Security 1.2 with an AES-128 cipher) to Amazon's S3, then passed through another encrypted connection to the Fileinbox servers, which send them to Dropbox's servers through a final encrypted connection. By default Fileinbox keeps a copy of transferred files for 30 days to make sure they reached Dropbox, then irrevocably deletes them. If you'd like another data retention policy, shoot a quick email to support with what you need and we'll take care of it.