Accessing M-Files Vaults without VPN

Organizations have traditionally relied on Virtual Private Network (VPN) technology to secure access to corporate resources (such as M-Files vaults) from outside the private network of the organization. M-Files enables you to provide secure access to the M-Files system without the downsides of the traditional VPN-based approach.

The security of this approach is based on encrypting all network traffic between client devices and the server with HTTPS (SSL/TLS) to ensure that only authorized devices can attempt to connect to the system. Cloud-based servers, M-Files Web, and the mobile applications use the HTTPS protocol by default.

Together, the HTTPS encryption and the use of a strong authentication mechanism by a compatible identity provider (for example, Microsoft Entra ID and Okta) provide similar security as VPN but without the complexity and compatibility challenges of VPN. However, the approach is not identical to VPN from the security point of view. Each organization needs to determine if granting access to M-Files vaults without VPN is appropriate considering the organization's business needs and security requirements.