Security & Data centers
Is Filecamp reliable, secure, and confidential? Is our data safe? Where is the data hosted?
Bank-Level Security
All communication between you and Filecamp is encrypted using industry-standard SSL/TLS encryption and the HTTPS protocol. This is the same level of protection used by banks and other high-profile e-commerce services. Files and folders are only publicly accessible when they are shared through an explicit Share Link.
Backup
Even though our hosting partner, Microsoft Azure, provides built-in data redundancy across its infrastructure, we perform daily backups of all system data. These backups are retained for 30 days and can be restored (for a fee) if you have accidentally deleted files from your account and emptied your trash.
Trust & Security
Take advantage of secure-by-design infrastructure, built-in protection, and the global network that Microsoft uses to protect information, identities, applications, and devices worldwide with advanced, continuously evolving security technologies.
Data confidentiality
Microsoft Azure data centres maintain strict physical and digital security controls. All facilities use electronic access control systems, multi-factor authentication, and continuous monitoring. Access to secure areas is restricted to authorised personnel only, and all entry attempts are logged and audited, including any unauthorised activity.
Trust & Security
Microsoft Azure’s security model, global infrastructure, and advanced capabilities help ensure your organisation remains secure and compliant, supporting your digital operations with confidence and reliability.
Anti-DDoS protection
Microsoft Azure includes built-in mechanisms to protect its cloud infrastructure and services from distributed denial-of-service (DDoS) attacks. These protections are designed to ensure that no single service can overwhelm the shared infrastructure and to provide strong isolation between customers using the platform.
Network security
Microsoft Azure operates a comprehensive security model supported by dedicated teams of experts in information, application, and network security. These teams are responsible for continuously improving platform protection, identifying emerging threats, and implementing industry-leading security standards across Azure services.
Encryption at rest
Microsoft Azure encrypts all storage by default using 256-bit AES. Data at rest can only be accessed by authorised services, and all key usage is logged and audited. Encryption is applied across all Azure regions and storage types, ensuring consistent protection throughout the platform. Read more.
Carbon neutral
At Filecamp we take responsibility for reducing our environmental impact. Microsoft Azure operates with a strong sustainability programme and has committed to becoming carbon negative by 2030, supported by highly efficient data-centre designs and renewable-energy initiatives. Read more.
VIDEO
Why Microsoft Azure
This short presentation provides an inside look at how Microsoft Azure designs and operates its global data-centres. It outlines the core principles behind Azure’s security, resilience and energy-efficient infrastructure, and shows why Filecamp relies on Azure to host customer data.
VIDEO
Security and Data Protection in a Microsoft Azure Data Centre
This video tour of a Microsoft Azure data centre highlights the security and data-protection measures built into Azure’s infrastructure.
General Compliance & Certifications
Filecamp's data center uses independent third-party examination and audit reports across a wide range of specific compliance requirements.Cloud Security Alliance
Cloud Security Alliance (CSA) standards provide a robust framework of best practices for securing IaaS, PaaS and SaaS offerings. Microsoft Azure supports CSA-STAR attestation and self-assessment, demonstrating its alignment with the CSA Cloud Controls Matrix (CCM) and related security controls.
ISO/IEC 27001 certification
Microsoft Azure is certified under ISO/IEC 27001, covering its information-security management system, infrastructure, services and operational processes across all Azure data-centre regions.
SOC 1, 2 and 3 certifications
Microsoft Azure holds SOC 1, SOC 2 and SOC 3 attestation reports, which affirm that its controls covering security, availability, processing integrity, confidentiality and privacy meet independent third-party audit standards.
PCI DSS Certification
Microsoft Azure maintains PCI DSS compliance, ensuring that the platform meets the security requirements for storing, processing and transmitting payment-card data. This certification provides assurance that Azure’s infrastructure supports compliant handling of cardholder information.
HIPAA Compliance
Microsoft Azure supports HIPAA compliance by providing the controls and safeguards required for the secure processing and storage of protected health information. Azure’s compliant infrastructure allows customers to handle health data securely while managing their own application-level responsibilities.
International data transfers
Azure supports international data transfers through the EU Standard Contractual Clauses (SCCs), which remain a valid and regulator-approved mechanism for protecting personal data transferred outside the EEA. Azure provides the contractual and technical safeguards required to ensure compliant cross-border data processing.
Guaranteed uptime
Filecamp has hosted customer data since 2010, with a strong focus on safety, security and continuity. To support this, we rely on Microsoft Azure, which provides a highly resilient global infrastructure designed for long-term stability and performance.
Microsoft Azure offers a monthly uptime SLA of at least 99.99% for most core services. If you want, I can tune this to match the exact SLA tier you plan to reference.
Global Data Centers
Your data is stored on Microsoft Azure. We use 3 different regions for the storing of your data, chosen based on the location of your signup.Filecamp is hosted on Microsoft Azure, giving customers access to one of the largest and most resilient cloud networks in the world. Azure provides data-centre regions across the Americas, EMEA and Asia-Pacific (APAC), supporting high performance, reliability and regional data-residency needs.
This global infrastructure supports privacy requirements such as the European General Data Protection Regulation (GDPR). Filecamp assigns customers to the most appropriate Azure hosting region based on the geographic location from which their account is created.
