Initial Certification: 01/2020
TeamDrive Systems GmbH provides TeamDrive, a cloud service for data storage and data exchange. All data is encrypted prior to its upload to the cloud on the part of the user and cannot be decrypted by the service provider / any sub-processors (end-to-end encryption). Users are provided with meaningful information on how to make use of the service in compliance with EU data protection law. Altogether, TeamDrive clearly facilitates its data protection compliant use.
Function as provided in December 2019
Qualification: IT-based service (processor service)
Version of Certification Criteria
20/01/2020 – 31/01/2022
TeamDrive Systems GmbH
TeamDrive provides for true end-to-end encryption. The encryption methods used meet all state-of-the-art requirements.
Data that is stored / exchanged by means of TeamDrive may contain personal data. In this respect, users of TeamDrive are controllers whereas TeamDrive Systems GmbH acts as a processor on their behalf. This means that users of TeamDrive must ensure that this processing of personal data complies with all relevant requirements of EU data protection law. TeamDrive Systems provides their users with detailed information on this topic in a data protection leaflet.
TeamDrive is a “collaboration tool” that enables the exchange of data (files of all types) between two or any number of clients via the Internet or internal networks. During operation, users act in groups to access a shared database, the so-called “SharedSpace” (“Space”). The service has an authorisation concept, which allows for the differentiated assignment of read and write rights. The “Space” and the users of the respective group are managed via an administrator function.
Physically, the “space” is then located on a TeamDrive server. A copy of the space is stored with the individual users of the space on the systems on which the clients used are installed. With Windows, MacOS and Linux, the data is stored in a file directory. With mobile clients, the data is stored in a database. The files stored in this way can then either be opened via the client. In the case of a workstation, however, access can also take place directly from the file system.
Changes are recognised by the client and files are automatically uploaded to the server space as a new version and made known to other users. Once a file is stored in a space, all members of the group have access according to their permissions (read or change).
The service provider uses data center services of Microsoft Corporation and Amazon Web Services Inc. to provide TeamDrive. In addition, they have commissioned T-Systems International GmbH as a data trustee for the Microsoft Cloud.
Initial Cert 2020/01
The target of evaluation (ToE) is the cloud version of TeamDrive 4:
When selecting the server (“host”) for TeamDrive, the user has three options:
- a server selected by TeamDrive (“Cloud Service”);
- a WebDAV Server; or
- a TeamDrive Personal Server.
In the standard setting, the first option (“Cloud Service”) is selected. Only this version is covered by the ToE.
The ToE comprises the following editions of the service:
- The registration of a TeamDrive account, the creation of “SharedSpaces”, the creation and administration of users, the storage and exchange of data by and to authorised users;
- The TeamDrive Client (TDC) for the operating systems Windows, Linux, MacOS, iOS, and Android;
- The TeamDrive Registration Server (TDRS);
- The TeamDrive Hosting Server (TDHS);
- The SMTP Mail Server (SMMS);
- A referral programme for the service;
- Legal and technical interfaces with Microsoft Corporation, Amazon Web Services Inc,. and T-Systems International GmbH.
The ToE does not include
- WebDAV Server and TeamDrive Personal Server (cf. above);
- The TeamDrive website including the shop functionality for the service;
- Payment processes and accounting issues that are related to the provision of the service;
- The (optional) sending of newsletters that are related to the service;
- If a user opens a document with another application than TeamDrive on a mobile device, a local copy of the document or file is created, which is then no longer located in the protected area provided by TeamDrive: This is not a function of the TeamDrive client, but of the respective operating system.
- When creating a Space, the user can specify whether it should be assigned with a browser release. This is a functionality for access via a web client that is still in its beta phase and that is therefore not part of the certification;
- Further add-ons and plug-ins offered by the service provider (such as the Outlook plug-in) .
The evaluation showed that TeamDrive 4 meets all applicable EuroPriSe requirements. Further information can be found in the short public report that is available here:
Im Tal 10a
B³ | Informationstechnologie