File Access Sits Behind the Policy You Already Run
People sign in to Files.com through Duo, so Duo's MFA and device-trust checks happen before anyone reaches a file. The access policy your security team already runs now covers the file platform too.
Put Cisco Duo MFA in Front of Files.com
Connect Files.com to Cisco Duo over SAML, and Duo's MFA and device-trust checks run before anyone reaches a file. The same access policy your security team already enforces now covers file transfer too — and Files.com 2FA takes strong sign-in all the way down to SFTP, FTP, and WebDAV.
Why Teams Put Duo in Front of File Transfer
Cisco Duo is the access-security layer many security-conscious companies standardize on for strong sign-in and device-trust rules. When file transfer — partner exchange, sending files outside the company, regulated drops — has to sit behind that same policy, Files.com connects to Duo over SAML so file access runs through Duo's sign-in directly.
A Second Factor Is the Default
Duo's MFA runs in front of every sign-in. For outside accounts Duo doesn't manage, Files.com adds its own 2FA — including hardware keys and authenticator apps — and that also covers FTP, SFTP, and WebDAV.
Strong Logins Reach SFTP, Not Just the Browser
Strong sign-in doesn't stop at the website. Files.com can require its own 2FA on the file-transfer protocols too, so a partner connecting over SFTP is held to the same bar as someone signing in on the web.
Connects Over SAML
Files.com connects to Duo through Duo's Generic SAML Service Provider — the standard sign-in method that carries the login flow and, when you turn it on, the automatic SCIM sync alongside it.
Duo Handles the Login; Files.com Handles the Access
Duo handles strong sign-in — who the person is and whether their device is trusted. It was never meant to decide which folders that person touches once inside a file platform. Files.com adds that part on top of the Duo login, with fine-grained folder access and a full record of every sign-in and sync.
Nine Levels of Folder Access
Set access per person or group, folder by folder — with nine levels, the ability to block a folder, and fenced-off admins. Your Duo groups feed straight into it.
Every Event in the Audit Log
Every sign-in, sync, and permission change is captured in the Files.com audit log, with the SCIM sync also written to a detailed log — the record a compliance review asks for.
Hardware Keys and Authenticator Apps First
Files.com leans on hardware keys and authenticator apps as the main 2FA methods, with SMS and email only as backups — the same approach a Duo-standardized security team already takes.
SSO That Plenty of Companies Already Trust
Files.com runs one of the most widely used SSO setups in managed file transfer, relied on by a large base of enterprise customers to keep file access tied to their sign-in policy.
The Details That Matter for Cisco Duo
Duo Handles the Whole Account Lifecycle
With SCIM 2.0, Duo creates, updates, and turns off Files.com users and groups on its own. A change in Duo shows up in file access without anyone touching Files.com.
Hardware-Key 2FA Reaches SFTP Too
For accounts Duo doesn't manage, Files.com 2FA covers Yubikey (WebAuthn and Native OTP), other hardware keys, authenticator apps, SMS, and email. Yubikey Native OTP and authenticator-app codes hold over SFTP, FTP, and WebDAV — strong sign-in on the file-transfer protocols, not just the browser.
Connect Cisco Duo the Way That Fits Your Workload
SSO With SAML
This is the main connection. Add Files.com as an app in Duo through its Generic SAML Service Provider, then point Files.com back at Duo. Now your team signs in through Duo, and Duo's MFA runs as part of that login.
Automatic Provisioning With SCIM
Turn on SCIM to have Duo create, update, and remove Files.com users and groups by itself. This is what shuts off access automatically when someone leaves.
Accounts on First Login (JIT)
Nothing extra to set up — this is what runs when SCIM is off. An account is made the first time a person signs in. Good for getting started fast; it can't remove people, so add SCIM when you need that.
What Teams Build With Cisco Duo on Files.com
Signing In With an MFA Check
A person clicks Sign in with Duo, passes Duo's MFA check, and lands in Files.com — strong sign-in confirmed before any file is reached.
A New Hire Is Set Up Automatically
When you assign someone to Files.com in Duo, SCIM creates their account, drops them in the right groups, and applies their folder permissions — all on its own.
A Departing Person Is Cut Off
Turn someone off in Duo and the next sync shuts off their Files.com account across the web, SFTP, and the Desktop App at once.
A Hardware Key on a Partner's SFTP
A partner account Duo doesn't manage can be required to use a Yubikey for 2FA, and the Yubikey works on their SFTP connection.
Files.com Features Teams Use With Cisco Duo
User Management & Permissions
The folder-by-folder access, with nine levels, that your Duo groups feed into.
Learn MoreAudit Log & Forensic Trail
Where every Duo sign-in, sync, and permission change is recorded, ready to export for a compliance review.
Learn MoreSFTP & Protocol Access
How 2FA and folder permissions reach FTP, SFTP, and WebDAV — not just the browser a person signs into.
Learn MoreData Retention & Governance
Rules that decide how long files stick around once someone has put them in Files.com.
Learn MoreFrequently Asked: Cisco Duo on Files.com
What buyers ask about how Files.com connects to Cisco Duo, what it costs, and what the integration actually does.
Hold File Transfer To Your Duo Bar
Start a free 7-day trial. Connect Duo over SAML, sign in through an MFA challenge, and prove your file-transfer workload sits behind the same access policy as everything else. No credit card required.
No credit card required • 7-day free trial • Setup in minutes