Preparing secure exchange

01 Anonymise02 Shard03 Restore

Initialising protected session

Secure file sending for named users only

Send files securely, with proof built in

Move contracts, financial packs, client records and large project files through a controlled exchange designed for known recipients. MX combines AES-256 protection with a quantum secure patented methodology, configurable access rules and a complete audit trail, so each handoff remains visible and explainable.

Start my free trial
No credit card. Up to 5 users. 7 days.
Named-user access No public links Every action logged No fixed size limit
MX secure sendREADY
TOpriya.n@merrion.co.uk NAMED USER
FILEQ3_Board_Pack.zip
2.4 GB · NO COMPRESSION REQUIRED
NOTEFinal pack for Thursday. Access expires after download.
150K+Files exchanged each week
10K+Active platform users
0Public sharing links
Fixed file size cap
The life of a sensitive file

After you press send, visibility should begin.

Email attachments and open links can make it difficult to explain who received a file, whether it was forwarded and how long it remained available. MX turns each secure send into a controlled sequence with named access, clear events and evidence afterwards.

EMAIL ATTACHMENT OR OPEN LINKSTATUS: UNCERTAIN

Sent

A COPY LEAVES YOUR CONTROL

Opened?

LIMITED OR NO RELIABLE EVIDENCE

Forwarded?

THE RECIPIENT MAY PASS IT ON

Downloaded?

ACTIVITY MAY BE HARD TO TRACE

Still available?

ACCESS MAY REMAIN OPEN TOO LONG

MY MX DATA CONTROLLED EXCHANGESTATUS: ACCOUNTED FOR

Protected

AES-256 PLUS PATENTED ASR METHODOLOGY

Delivered

RESTORED FOR A NAMED RECIPIENT

Opened

USER AND TIME RECORDED

Every action

ACCESS AND DOWNLOAD EVENTS LOGGED

Expired

ACCESS CLOSES ON YOUR RULES

A secure file send should give you more than delivery. It should give you a process your organisation can explain and defend.

A different job from everyday storage

Useful tools move files. MX controls the handoff.

Google Drive, Dropbox, SharePoint and WeTransfer are useful for many everyday tasks. MX is designed for the exchanges that need tighter access, stronger traceability and a clear answer when someone later asks what happened to a sensitive file.

Layered file protection

MX combines AES-256 with its quantum secure patented methodology, known as Anonymise, Shard, Restore.

End-to-end audit trails

Sending, access, download and expiry events create a traceable record for governance and review.

Compliance-supporting controls

Named access, expiry rules, regional options and activity records can help facilitate regulated workflows.

General platforms can be appropriate

They may still suit broad productivity and storage, provided your organisation configures and governs them correctly.

Simple enough to become the normal route

A controlled file send in three clear steps.

Security works only when people use it. MX keeps the sender and recipient experience direct, while the platform handles the controls, evidence and protection in the background.

STEP 01

Upload the file

Add a PDF, archive, design package, video or dataset. There is no need to create multiple parts simply because the file is too large for email.

IN THE BACKGROUND: PROTECTION STARTS BEFORE THE HANDOFF PROCEEDS

STEP 02

Choose the recipient and rules

Assign the exchange to a named user, then set expiry, download and access conditions that reflect the sensitivity and purpose of the file.

IN THE BACKGROUND: IDENTITY AND PERMISSIONS DEFINE WHO CAN RESTORE THE FILE

STEP 03

Send and retain the evidence

MX records the relevant delivery and access events, giving your team a clear timeline instead of relying on assumptions or manual follow-up.

IN THE BACKGROUND: AUDIT EVENTS ARE WRITTEN AS THE EXCHANGE PROGRESSES

Controls on every sensitive exchange

What makes secure file sending easier to defend.

The value is not one feature in isolation. It is the way identity, encryption, expiry and traceability work together around the file.

Named recipients

Restrict each exchange to authorised individuals instead of relying on an open link that can be forwarded.

ASR methodology

Files are anonymised, split into protected shards and restored only for the intended recipient.

Detailed activity records

Build an evidence trail around sending, opening and downloading rather than piecing events together later.

Expiry and limits

Close access when the exchange has served its purpose and restrict how the recipient can use the file.

Conversations and context

Keep relevant messages with the transfer so external handoffs are easier to understand and review.

Custom white labelling

Apply your branding, colours and domain to create a professional recipient experience under your organisation's identity.

Compliance, facilitated through evidence

Controls your governance team can point to.

My MX Data does not make an organisation compliant on its own. It provides practical tools that can support compliance objectives, including named access, encryption, expiry, sovereignty choices and detailed file activity records.

GDPRUK Data Protection ActISO 27001ISO 27018Cyber Essentials PlusSOC 2 principlesFSQSFCA-aligned processes
Careful compliance language matters. MX helps facilitate and evidence stronger data handling. Your organisation remains responsible for its policies, lawful basis, people, configuration and wider technical and organisational measures.

Accountable recipient control

Named-user workflows reduce ambiguity about who was authorised to receive and access the information.

Evidence for review

Activity logs help organisations answer client, auditor and internal risk questions with a recorded timeline.

Purpose-limited availability

Expiry settings can reduce the time a sensitive file remains available after the exchange has finished.

Regional data options

Data sovereignty controls can support workflows that have jurisdictional or client-specific location requirements.

Security layered around the handoff

AES-256, ASR, access controls and identity checks work together around the movement of the file.

Rated by business users

Less uncertainty at the moment that matters.

Users value a sending process that remains straightforward while giving security, compliance and operations teams more control over sensitive exchanges.

Before MX, we hesitated whenever sensitive material had to leave the organisation. The encryption and access controls now sit behind a process that staff actually use consistently.

Data Protection OfficerProfessional services

We no longer have to choose between a file that is too large for email and a link that is difficult to govern. MX gives us one controlled route and a record afterwards.

IT AdministratorEngineering business

Clients receive a professional, branded experience and our team can see when files have been accessed. That makes sensitive document handoffs far easier to manage.

Legal Services AdviserClient-facing practice

See the workflow before you try it

Watch a sensitive file move through MX.

The walkthrough shows how named access, protected transfer, audit activity and recipient controls fit together in the platform.

2:25 · Full product walkthrough

Frequently asked questions

Questions to settle before changing the process.

Secure file sending affects IT, compliance, operations and the people receiving the files. These answers address the practical points each group is likely to raise.

Browse all FAQs

01. How does MX ensure secure file sending?

MX secures the full file handoff rather than relying on a password attached to an email or an open sharing link. The sender assigns the exchange to a known recipient, applies the relevant permissions and keeps visibility over what happens afterwards. This creates a more controlled route for contracts, client records, financial packs and other sensitive business information.

Protection is applied through several connected controls:

  • Named-user access: The file is assigned to an authorised recipient rather than anyone who obtains a public URL.
  • Layered protection: AES-256 is combined with the quantum secure patented ASR methodology, which anonymises, shards and restores the file.
  • Transfer rules: Expiry dates, permissions and download limits help match access to the purpose of the exchange.
  • Recorded activity: Relevant events are written to an audit trail so the organisation can explain the handoff later.

The ICO's encryption guidance explains why encryption should sit within a wider approach to information security. MX follows that practical principle by combining technical protection with identity, access and evidence.


For a closer look at the underlying approach, visit the encrypted file sharing page.

02. Can I track who receives and accesses files on MX?

Yes. Traceability is central to the MX exchange model. The platform is designed to help organisations move beyond the vague status of an email attachment or forwarded link by maintaining a record of the key events around each transfer.

Depending on the workflow and controls applied, teams can retain visibility over:

  1. Who the file was assigned to: Recipient access is tied to a named user rather than a reusable public link.
  2. When the exchange progressed: Delivery, access and download events can be time-stamped.
  3. What happened afterwards: Audit records provide evidence for operational follow-up, client assurance and internal review.
  4. When access should end: Expiry controls help prevent a file remaining available without a continuing business need.

This evidence does not replace an organisation's wider governance responsibilities, but it can make sensitive exchanges more accountable. The ICO accountability principle emphasises the need for appropriate measures and records that demonstrate how personal data is handled.


These controls are especially useful when teams need traceable file sharing with clients and external advisers.

03. What protection does MX use during a file transfer?

MX uses AES-256 protection alongside its quantum secure patented methodology, known as Anonymise, Shard, Restore. The important point is not a claim of invulnerability. It is the way MX reduces exposure by changing how a file moves and how it becomes readable to the recipient.

The ASR process works in three stages:

  • Anonymise: Identifying context is separated so the protected data is less useful if encountered outside the authorised workflow.
  • Shard: The file is divided into protected fragments rather than travelling as one complete readable object.
  • Restore: The fragments are brought back together only for the named, verified recipient.

This approach adds another layer around conventional encryption and supports a future-focused security posture without making careless or absolute promises about being impossible to compromise. The NCSC secure communication principles provide useful context for assessing identity, service security and communication risks more broadly.


Organisations can also use MX for controlled B2B file exchange where the same protection must extend across company boundaries.

04. Does MX make secure file sending compliant?

No platform can make an organisation compliant by itself. Compliance depends on the data involved, the lawful basis for processing, organisational policies, staff behaviour, supplier management, configuration and wider technical measures. MX should therefore be described as a platform that helps facilitate compliance, not one that guarantees it.

MX can support compliance objectives by giving organisations practical controls around sensitive exchanges:

  • Access restriction: Named recipients and identity checks help reduce uncontrolled distribution.
  • Audit evidence: File activity records can support reviews, client questions and regulatory audits.
  • Expiry management: Access can close when the transfer has served its defined purpose.
  • Data sovereignty options: Regional controls can assist workflows with jurisdictional requirements.
  • Layered security: AES-256, ASR and permissions contribute to stronger information governance.

The official ISO/IEC 27001 overview frames information security as a combination of people, policies and technology. That is the right context for evaluating MX as part of an organisation's wider control environment.


Read more about how MX can support GDPR-aligned file exchanges without overstating what software alone can achieve.

05. What types of files can I send securely with MX?

MX can support everyday business documents as well as files that are too large or sensitive for email. The platform is not limited to one sector or format. What matters is that the file needs to move between known parties through a controlled and auditable process.

Common examples include:

  • Legal and professional services: Contracts, disclosure bundles, case material and confidential client documents.
  • Finance and accounting: Board packs, working papers, transaction records and regulated reports.
  • Engineering and manufacturing: CAD assemblies, BIM models, drawings, specifications and supplier packages.
  • Healthcare and research: Imaging datasets, research archives and information that requires careful access handling.
  • Media and technology: High-resolution video, software builds, project archives and large source files.

MX does not impose a fixed upper file size limit, so teams do not need to divide a large package solely to fit a consumer service cap. The NCSC cloud security guidance also highlights the importance of identity, access control, observability and ongoing protection when cloud services handle business information.


For especially heavy payloads, see how MX supports secure large file sharing without turning the exchange into a storage project.

Make the next sensitive handoff easier to explain

Send the file. Keep the control and evidence.

Try the complete MX workflow for 7 days with up to 5 users, including named recipients, audit trails, expiry controls, large-file transfer and custom branding.

Start my free trial
No credit cardUp to 5 usersEvery feature included