Today I’m thrilled to announce Restricted StorageZones, a major advancement in the ShareFile Enterprise product offering which offers increased privacy controls and data protection for the Citrix Enterprise.

A File Sync & Share (EFSS) Solution.

Two years ago, Citrix introduced ShareFile StorageZones, which allowed customers to choose where their data is stored. IT departments everywhere wanted to be clear on the extent to which governments could tap into service provider data—triggering important questions and customer conversations about data privacy, service provider trust, metadata, blind subpoenas, the NSA and the US Patriot Act.

Based on those conversations, we can conclude that there are some new rules for service providers in the Enterprise File Sync & Share market.

Five New Rules For EFSS Service Providers

Rule #1: No visibility to files or metadata.

Having metadata—file and folder names—visible to the service provider is not okay. File names can convey sensitive information.

Rule #2: No user impersonation.

Service providers must not be allowed to access files that belong to their customers. Enterprise single sign-on with SAML may be convenient for end users, but we mustn’t forget that SAML enables service providers to impersonate the users. That’s like having a one-way domain trust from your enterprise out to the cloud.

Rule #3: Data must be encrypted with the customer’s key. 

Encryption is almost meaningless when the service provider owns the keys and/or the servers that perform encryption. Encryption is a service that must be under full control of the customer.

Rule #4: User experience has to be consumer-grade.

File encryption and data protection must not come at the expense of application compatibility or a seamless user experience. If users have to think about encryption keys, certificates or plug-ins across all their devices in order to unlock their files, they will find a way to use a friendlier, less secure service.

Rule #5: Data sovereignty is mandatory.

Service providers can no longer dictate where customer files are stored. To comply with local regulation and protect intellectual property, customers must have the option to keep their data inside their country, their city, or even behind their firewall.

New from Citrix: ShareFile Restricted StorageZones

Until now, SaaS-based EFSS offerings have not been able to satisfy all of these rules.  As a result, organizations have resorted to fully on-premises solutions that incur high opex and can’t keep up with the user experience or pace of innovation offered by cloud file sharing solutions.

With Restricted StorageZones, Citrix ShareFile is the first SaaS-based solution that can satisfy all the new rules for EFSS. It provides the security benefits of an on-premises solution while still offloading the costs and headaches of maintaining the user experience as a service.

So what makes a ShareFile Restricted StorageZone different?

  • A secure data enclave – Unlike Citrix-managed storage zones in the cloud or standard customer-managed storage zones on-premises, files in a Restricted StorageZone are accessible only to authenticated domain users within your enterprise. Citrix has no ability to impersonate users or access files in a Restricted StorageZone.
  • Metadata encryption key ownership – File and folder names are encrypted with your private key using AES-256 before being written to the ShareFile cloud. Encryption is performed by your on-premise StorageZone Controller server. Authenticated access to that server is required to unencrypt the metadata, so Citrix employees have zero knowledge about file and folder names.
  • Zone authentication – In addition to ShareFile cloud authentication, users must also authenticate to the StorageZone Controller. This gives IT organizations more options in how to control user access.
  • Network access restrictions – A restricted StorageZone need not be exposed to the Internet. When configured with an internal-only address, users must be on the company network or VPN in order to access, sync or share documents.
  • Governed sync and sharing – Authenticated employees still get the benefits of ShareFile including mobile access, web browser access and file sync across multiple devices. But files in a Restricted StorageZone cannot be shared with anyone outside your organization’s domain.

ShareFile’s Restricted StorageZones is an exciting new storage option that allows IT organizations more choice about where and how user data is accessed and shared. For added flexibility, customers can deploy a mix of restricted and non-restricted zones within the same ShareFile account.


Restricted StorageZones will be generally available as a feature of ShareFile Enterprise in December 2014. Existing ShareFile Enterprise customers will be entitled to this new benefit at no additional cost. More details and documentation are coming soon, so please stay tuned!