Robust security features

like access controls, audit trails, authentication, file encryption, intrusion detection, data loss prevention, high availability and more

Access & Permissions

M-Files provides a patented and revolutionary approach to managing access control by what the content is.

Dynamic organizational permissions

Supports access control schema changes due to organization changes with a few clicks.

Permissions based content and context

Set access permissions for entire classes of documents and data objects, as well as individual documents and objects, and even for different versions of the same document or object.

Secure content while making it accessible

Permissions are set automatically and dynamically based on metadata. Automate data security and accessibility for everyone and ensure that access control policies are enforced in the repository.

Reduces the demands for IT involvement

Enable those closest to the business need to easily configure the system to meet their requirements.


Fully protection of data transmitted over a network or at rest for no unauthorized access. Encryption of network communication between M-Files clients and M-Files Server via HTTPS, RPC, VPN or IPSec; data encryption of data at rest with AES-256 algorithm; database encryption supporting via Microsoft SQL Server Transparent Data Encryption (TDE).

High Availability
M-Files Cloud Vault servers are hosted in Microsoft Azure datacenters which have no single points of failure. Additionally, M-Files supports vault replication in additional geographic locations to recover from hardware failures with no data loss or downtime. M-Files can also run on common virtualization platforms, such as Microsoft Hyper-V and VMWare vSphere Hypervisor, allowing you to leverage the high availability features of those platforms.
Strengthen data security of the authentication process with federated authentication, multi-factor authentication, and pre-shared key authentication in M-Files. M-Files supports authentication via any SAML V2.0 and OAuth 2.0 compatible Identity Provider (IdP).