Your privacy and confidentiality is our #1 priority

TitanFile incorporates the best security and privacy practices to keep your sensitive information secure.


State-of-the-art security & privacy features

ISO 27001 certified and SOC 2 Type II compliant

Encryption Key


Encryption in Transit

All communication between client and server is performed over a 256-bit TLS connection. This is the strongest, most secure form of encryption that is generally available in internet browsers on the market today.

Encryption at Rest

All files uploaded and shared through TitanFile are encrypted before being stored in our secure cloud environment. The file encryption uses algorithms and schemes that have been approved for encrypting and storing classified information up to the Top Secret level by all US government departments and agencies.

End-to-end Encryption

End-to-end encryption is a mechanism to encrypt files on the user’s computer before they are sent to a service provider using encryption keys that are owned by the user. With end-to-end encryption, TitanFile does not have access to encryption keys and therefore is unable to decrypt client data.

Data Protection

Data Storage

Certified Data Centers

For data protection, continuity, and retention, TitanFile uses certified Microsoft Azure and Amazon AWS data centers. Our secure cloud infrastructure includes extensive security measures such as physical security, access control, 24×7 security monitoring and alerting. The infrastructure security has been certified by independent parties to meet compliance standards such SOC 2 Type II and ISO 27001, and PCI DSS.

Custom Data Residency

TitanFile clients can choose where they want their data stored. We currently offer data residency in Canada, the United States, or Europe.

Custom Data Retention

TitanFile clients can set their own data retention policy for files uploaded to TitanFile. When files have reached their expiry date, they will be automatically deleted from our servers.



Single Sign-On (SSO) Integration

TitanFile allows single sign-on integration with ADFS, cloud providers such as Azure Active Directory and AWS Directory Service, and any third party provider that supports SAML2 or OATH. Enterprise users can use their corporate credentials to authenticate into the platform.

Two-factor Authentication (2FA)

TitanFile uses Two-step verification to add an additional layer of protection to confidentiality. 2FA can be enabled for both users and their recipients. It can be used to protect your account from a compromised password or to verify the identity of your recipients.

Password Policy

We implement best practices to prevent unauthorized user account access. Passwords must meet minimum complexity requirements and will expire automatically after a set period of time. After numerous password attempts, users will be locked out of their accounts. The password policy can be customized to meet your internal compliance requirements.


Governance & Compliance

ISO 27001 Certified | SOC 2 Type II Compliant

To protect the confidentiality, integrity, and availability of information being managed, TitanFile follows guidelines recommended by the ISO 27001 and SOC 2 Type II standards.

Access Control

TitanFile gives users complete control over who has access to their information with the ability to add recipients to file sharing streams, and add and remove files at their own convenience.

Audit Logs

Comprehensive audit trails capture who did what, when, and where. User can export the audit trails for analysis and compliance.

Email Delivery Reports

TitanFile captures the response code from the recipient’s email server, creating a reliable record that an email notification was in fact delivered to its destination. The delivery reports can be exported as a PDF document and used as a proof of delivery when needed.


TitanFile and its infrastructure complies with:


ISO 27001:2013

International Organization for Standardization (ISO)


SOC 2 Type II

Service Organization Control



Health Insurance Portability and Accountability Act



Personal Information Protection and Electronic Documents Act



Personal Health Information Protection Act



General Data Protection Regulation



Payment Card Industry Data Security Standard


WCAG 2.1

Web Content Accessibility Guidelines

Looking for a security feature that’s not on this list? Contact us at