%20Logos%202022/sharetru-white-logo.svg){kind=logo}
Why Sharetru?
Platform
Sharetru Federal is an Authorized Service running inside a FedRAMP Moderate JAB-ATO boundary across IaaS, PaaS, and SaaS—pre-configured to the NIST 800-53 Rev 5 (FedRAMP Moderate) baseline—so setup is light and you start with the controls auditors expect. Move big CAD/CAE files over SFTP/FTPS/FTPeS with FIPS-validated encryption and audit-ready logs.
Establishes the program and assessment approach for protecting FCI/CUI.
CMMC (32 CFR Part 170):
Allows contracting officers to require a current CMMC level and flow it down to subs.
DFARS 252.204-7021 (CMMC):
Safeguard CUI, report incidents within 72 hours, preserve evidence, and flow down to subs.
DFARS 252.204-7012 (CUI):
Maintain your NIST SP 800-171 score in SPRS and be prepared for Government assessments.
DFARS 252.204-7019/7020/7021 (SPRS & assessments):
FedRAMP Moderate JAB-authorized boundary across IaaS/PaaS/SaaS for durable assurance and cleaner reciprocity to CMMC—no “equivalency” hand-waving.
“We stopped debating paperwork and started shipping CMMC evidence. Procurement noticed.”
Optional unlimited users so primes and subs can participate without license friction.
“Unlimited users meant every supplier touching CUI got onboarded—no license math to slow us down.”
Share and receive .dwg, .dxf, .catpart/.catproduct, .step/.iges .sldprt/.sldas m, .prt, .zip/.7z, .xlsx, .csv, .pdf, imagery, firmware blobs— no “extension banned” surprises.
“Sharetru gave us a file transfer system we could immediately point to in our audit prep. We didn’t need to explain how we encrypt files or manage access — it was all documented and centralized.”
Native SFTP/FTPS/FTPeS integration moves massive CAD/CAE assemblies reliably; teams keep their toolchains and automations.
“Terabyte-scale assemblies move over SFTP without timing out, reconnections occcurred automatically, and even though our CAD workflow changed, it only got better.
FIPS 140-3, TLS 1.3, dual authorization for new user creation, account lockout policies, clickwrap, geo-blocking/IP allowlists, SIEM integration, and exportable activity logs.
“When 7012 came up in a tabletop, we could show the access trail in minutes.”
Fastest path for humans
Drag-and-drop, no extension roadblocks (.dwg, .step, .zip, .xslx, etc.), "Send Files" / "Receive Files" flows, receipt confirmations, comment history, and exportable activity logs.
“No more ‘can’t upload that extension.’ Engineers don’t even think about the platform—which is the point.”
Best for Big, Automated moves
Protocol access for huge CAD/CAE payloads and scheduled jobs; keep your existing scripts; resumable transfers; clean fit with PLM/ERP.
Our large file sets move over SFTP easily now, and our CAD workflow didn’t change at all. We tried using APIs through other tools first, but the failure rate created too many interruptions— the SFTP integration through Sharetru has been far more reliable for large or high-volume transfers.
Registration + TOTP
Invite non-users to send/receive files through a governed flow: TOTP MFA, optional domain allowlists, link expiration, download limits, and a per-link audit trail.
“We starting inviting subs to donwload using guest registrants and TOTP links. Sharetru automatically logged the evidence trail — and compliance stopped asking questions about how our less technical team members were sharing CUI.”
Simple folder entitlements, IP allowlists when needed, and an immutable access history you can export in minutes.
“We onboard subs in hours, not weeks—and we can prove who downloaded CUI whether it's with the link-based file sharing, the web application, or our SFTP automations."
Move big assemblies via SFTP/FTPS/FTPeS; capture comments/approvals with full history alongside the files so the evidence trail writes itself.
“ECOs stopped living in inboxes. We move the assembly over SFTP, capture approvals right next to the file, and the audit trail basically writes itself.”
Timestamped delivery and receipt; zero guesswork when auditors ask, “Who had access and when?”
“CDRLs arrive with a timestamp and a receipt. When auditors asked ‘who downloaded the file and when?,’ we answered with a single export—no email archaeology.”
U.S.-only hosting, U.S.-person admin, optional geo-blocking and IP allowlists to fence access by partner or region.
“US-only hosting and US-person admins, plus geo/IP fences, gave us the export-control posture we needed to include every supplier without losing sleep.”
Centralized logs and SIEM integration for fast, forensics-useful answers if an event ever triggers your plan.
“When CMMC came up in a tabletop, we could show the access trail inside sharetru and all viewers instantly.