Tresorit

What Is Tresorit?

In 2023, Dropbox disclosed that its electronic signature service had been breached, exposing customer emails, hashed passwords, and authentication tokens. In 2022, a phishing attack compromised 130 GitHub repositories linked to Dropbox employees. These incidents share a common root cause: Dropbox can access your data. Encrypted at rest, encrypted in transit — but decryptable by the provider. If the provider is compromised, your data is exposed.

Tresorit exists because of a single architectural decision: the provider should never be able to read your files. Founded in 2011 in Budapest by Hungarian cryptographers and later relocated to Zurich, Switzerland, Tresorit implements zero-knowledge end-to-end encryption. Files are encrypted on your device before upload. Decryption keys never leave your device. Tresorit's servers store only encrypted blobs that are mathematically meaningless without your keys. A server breach at Tresorit would yield nothing usable.

This is not a feature toggle or an add-on plan. It is the architectural foundation of the entire platform. Every file, every folder, every shared link is encrypted client-side with AES-256 before it touches Tresorit's infrastructure. The company was acquired by Swiss Post (the Swiss national postal service) in 2021, adding institutional backing to its technical credentials. ISO 27001 certification, SOC2 Type II compliance, and HIPAA readiness round out the compliance profile.

The trade-off is real and should be stated plainly: zero-knowledge encryption makes certain features impossible. Tresorit cannot index your files for server-side search. It cannot generate thumbnails or previews from encrypted content. It cannot offer real-time collaborative editing in the browser. Features that Dropbox and Google Drive provide as standard are architecturally incompatible with Tresorit's security model. You gain genuine protection. You lose convenience.

Key Features

Zero-Knowledge Encryption

Every file uploaded to Tresorit is encrypted with AES-256 on your device. The encryption keys are derived from your password and managed locally. Tresorit's servers never see the unencrypted content, the file names (which are also encrypted), or the encryption keys. This means that even under legal compulsion, Tresorit cannot provide the content of your files to law enforcement or any third party — because it does not have the ability to decrypt them.

The cryptographic design has been independently audited, and Tresorit ran a public hacking challenge in its early years offering USD 50,000 to anyone who could break the encryption. No one claimed the prize.

File Sync and Access

Tresorit provides desktop applications for Windows, macOS, and Linux, along with mobile apps for iOS and Android and a web interface. The desktop app integrates with your file system, syncing encrypted files transparently — you work with files normally, and encryption happens in the background.

Selective sync is available, allowing you to choose which folders sync to which devices. This is important for mobile devices and laptops with limited storage. The sync engine is reliable if not class-leading — Dropbox's sync technology remains the industry benchmark for speed and conflict resolution.

Secure Link Sharing

Tresorit's link sharing is among the most granular in the cloud storage market. Shared links can be password-protected, set to expire after a specified date, limited to specific email addresses, restricted to view-only or download-enabled, and configured with download limits. An audit trail records who accessed each shared link and when.

For businesses sharing sensitive documents with external parties — legal contracts, financial reports, medical records — this level of control is a meaningful differentiator. Dropbox and Google Drive offer basic link sharing but cannot match Tresorit's fine-grained permissions.

Encrypted Email Attachments

The Tresorit Outlook plugin allows you to send encrypted files directly from your email client. Instead of attaching files to an email (which sends them unencrypted through email servers), the plugin uploads the file to Tresorit and inserts a secure link. The recipient accesses the file through Tresorit's encrypted sharing, bypassing the inherent insecurity of email attachments.

A Gmail plugin provides similar functionality for Google Workspace users.

eSign

Tresorit includes an electronic signature feature (eSign) on Professional plans and above. You can send documents for signature, track signing status, and store signed documents — all within Tresorit's encrypted infrastructure. The eSign feature supports legally binding electronic signatures under the eIDAS regulation in the EU.

This is not as full-featured as dedicated e-signature platforms like DocuSign or Yousign, but for organisations that occasionally need signatures and want to keep everything within an encrypted environment, it avoids the need for a separate tool.

Admin Console and Team Management

Business and Enterprise plans include an admin console for managing users, devices, sharing policies, and security settings. Admins can enforce password policies, require two-factor authentication, remotely wipe Tresorit data from lost devices, and set data residency preferences (EU or Switzerland).

Integration with Active Directory and Azure AD enables centralised user management, while SSO support through Okta and other providers simplifies authentication for large teams.

Pricing

Tresorit's pricing reflects its positioning as a premium, security-focused service. The Personal plan at EUR 12/month (EUR 9/month annually) provides 500GB of storage for individual users. The Professional plan at EUR 24/month (EUR 18/month annually) offers 4TB with advanced sharing controls and eSign.

For teams, the Business plan at EUR 14/user/month (EUR 12/user annually) provides 1TB per user with admin console, SSO, and compliance tools. Enterprise pricing is custom for unlimited storage and dedicated support.

Compared to Dropbox Plus at EUR 12/month for 2TB, Tresorit's Personal plan offers one-quarter of the storage for the same price. Compared to Google One at EUR 3/month for 200GB, Tresorit is dramatically more expensive. The premium is the cost of zero-knowledge encryption — and for businesses handling sensitive data, it is a premium that pays for itself if it prevents a single data breach.

The total cost of a data breach in the EU averaged EUR 4.3 million in 2024 according to IBM's Cost of a Data Breach Report. Tresorit's annual cost for a 50-person team on the Business plan is approximately EUR 7,200. The economics of prevention versus remediation are not subtle.

EU Compliance & Privacy

Tresorit is headquartered in Zurich, Switzerland, which benefits from an EU adequacy decision for data protection. The company offers data residency options, allowing customers to choose whether data is stored in the EU or Switzerland.

The platform is ISO 27001 certified, SOC2 Type II compliant, GDPR compliant, and HIPAA compliant. For regulated industries — financial services, healthcare, legal, government — this certification stack covers the primary compliance frameworks.

Zero-knowledge encryption provides a compliance advantage that goes beyond certifications: because Tresorit cannot access file content, the platform inherently limits the risk surface for data breaches and reduces the scope of data processing activities under GDPR. The data controller (the customer) retains exclusive control over the data. The processor (Tresorit) processes only encrypted material.

Swiss Post's ownership adds institutional credibility and financial stability, important factors for enterprise customers evaluating long-term platform viability.

Who It's Best For

Regulated businesses in financial services, healthcare, and legal sectors that must demonstrate strong data protection controls and may face audits.

Companies sharing sensitive documents externally — contracts, financial reports, intellectual property — that need granular control over who accesses files and when access expires.

Privacy-conscious individuals and professionals who want cloud storage where the provider genuinely cannot access their files.

European organisations that require EU or Swiss data residency with certifications that satisfy compliance audits.

The Verdict

Tresorit makes you pay for security — in money and in convenience. There is no free tier, no real-time co-editing, and no server-side search. The storage-per-euro ratio is unfavourable compared to Dropbox or Google Drive. But Tresorit offers something those platforms cannot: mathematical certainty that your files are private. Not private because of a policy. Not private because of a setting. Private because of cryptography. For businesses where a data breach would be catastrophic — legally, financially, or reputationally — Tresorit is not expensive. It is the cost of doing business responsibly.

Frequently Asked Questions

What does zero-knowledge encryption actually mean?

Zero-knowledge encryption means Tresorit cannot access the content of your files. Encryption and decryption happen on your device using keys that only you control. Tresorit's servers store only encrypted data. Even in the event of a server breach, a government order, or an insider threat, the file content remains inaccessible without your encryption keys.

How does Tresorit compare to Dropbox?

Dropbox offers more storage per euro, better collaboration features (real-time editing, Paper), faster sync, and a larger integration ecosystem. Tresorit offers zero-knowledge encryption that Dropbox cannot match, more granular sharing controls, and Swiss jurisdiction. Choose Dropbox for convenience and collaboration. Choose Tresorit when data security is the primary requirement.

Is Tresorit suitable for small teams?

Yes. The Business plan at EUR 12/user/month (billed annually) provides admin controls, SSO, and 1TB per user. For a 5-person team, this costs approximately EUR 720/year — comparable to Dropbox Business at EUR 600/year but with significantly stronger encryption. The admin console is straightforward and does not require a dedicated IT administrator.

Can I edit documents directly in Tresorit?

Tresorit supports opening files in local desktop applications (Microsoft Office, LibreOffice, etc.) with changes synced back automatically. However, it does not offer browser-based real-time co-editing like Google Docs or Dropbox Paper. This is an architectural limitation of zero-knowledge encryption — the server cannot render documents it cannot decrypt.

Who owns Tresorit?

Tresorit was acquired by Swiss Post (the Swiss national postal service) in 2021. The company continues to operate independently from Zurich with its founding team. Swiss Post's ownership provides institutional stability and financial backing without changing Tresorit's encryption architecture or privacy commitments.