In a post PRISM world why your Company needs joined up File Sharing and Governance

The recent controversy with regards to Prism and data snooping has brought the security of corporate data to the fore however the biggest threat to corporate data lies not with the corporate nemesis that is Prism but with the number of data leaks that occur every day in companies.

These include new phenomena such as Bring Your Own Device (BYOD) and Bring your Own Cloud (BYOC) as well as the thorny issue of what files are shared over email.

Data is any companies biggest asset and not controlling how corporate data is disseminated is a ticking time bomb waiting to explode in your company. Why? Take your pick, Legislative reasons, fraudulent reason, competitive reasons. There are many reasons why not controlling data dissemination could trip your company up.

Companies need to consider how to build an Effective data governance serves ACROSS their enterprise data silos. Doing so will define a cohesive set of parameters for data management, data usage, as well as the ability to create governance processes for a companies internal use, and for their supply chain, which ultimately leads to information assets that are well managed.

SME Data Governance framework

In the world of Cloud it is key that Data Governance and data policies work not only with data behind the corporate firewall but also cloud data and cloud services.

So what should you consider as a company to manage your data assets ?

1. Understand what information is sensitive across all data silos, have a federate access control mechanism that works with your user across this private and cloud data silos. Storage Made Easy provides such a federate mechanism to assign and control user permissions and access at a very granular level that overlays one or more data stores.

SME federate permissions

2. Set policies for data access and enforce them through common tools. For employee sharing of data through tools such as email, make it easy but also set policies that can define expiry time and password protection. Storage Made Easy has plug in’s for Microsoft Outlook and Mac Mail that enables productive file sharing across all cloud / private data but which has built in support for policy enforcement.

Mac Mail large file sharing

These policies should also ripple through to the mobile Applications used in a company:

iOS secure file sharing

3. Use Cloud Encryption for sensitive data and ensure that you control the private key. See our previous post on encryption and securing data for further information.

Cloud File Encryption

4. Audit all your company data. Irrespective of the policies set you should get in the habit of auditing your company data. SME enables the setup of an automated email to a specified user of the previous day file events such as sharing, files updated etc.

Cloud Storage Audit Log

5. Set BYOD policies and device access policies that work like your company works. For example, have a contract firm that you gave access to a specific folder ? Then designate that they can only access the folder using a web browser and only from a specific IP address.

BYOD GEO Restrictions

Summary

Companies need to connect disconnected information to enable corporate governance.

Cloud Corporate Governance

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Why must all Team Storage Accounts charge monthly ? – Meet the SME Lifetime Option

Storage Made Easy Lifetime Pricing

Most cloud storage plans that offer team pricing do so on a monthly basis using the typical SaaS pricing model where the simple calculation is:



No of Users * Monthly Price

Storage Made Easy also offers this plan but we realised when talking with customer that many companies would prefer to have the option of an alternative of what they term “perpetual” licensing.

This is the “old” software model in which licenses were procured on a one-time pricing “capex” basis and the only recurring costs was a monthly recurring “open” support and maintenance cost.

After numerous requests for such pricing for our online hosted team service we thought why not ? We can surely construct a model that works for companies who want a pricing model where the majority of the costs is up front in capex and the longer you use the service the more money you save.

Support enables access to SME support and Maintenance enables access to future product versions and this payment is mandatory for continued use of the service.

Support and maintenance is 22% of the initial purchase in year 2 and then year 3 and the thereon.

So how do we calculate this ? The algorithm used to calculate this yearly pricing for business team users is simply:

No users * $5 (monthly Price) * 12 (industry average customer churn)

This results in companies who use the service for longer than 12 months effectively using it for free thereafter other than the one time recurring annual 20% payment for support & maintenance.

Now lets look at some practical examples

Company with 15 users:

SaaS Cumulative Spend

12 Months 24 Months 36 months
      $900         $1800          $2700

Initial Payment (15*$5) = $75
Monthly Payment thereafter $75

Lifetime Cumulative Spend

12 Months 24 Months 36 months
      $900         $1098          $1296

Initial Payment (15*$5*12) = $900
Monthly Payment thereafter $0
Yearly Payment thereafter $198

Savings over 3 Year period

1 Year savings = 0
2 Year savings = $702
3 Year Savings = $1404

Savings go up the longer the time period and the more users deployed !

Are there any differences between the accounts ?

There is only one difference.

In the SaaS service each users gets access to 10GB storage per user (hosted on Amazon S3)

In the Lifetime service each user gets access to 5Gb storage per user (hosted on Amazon S3)

In each case the cumulative storage for all users can be used as a ‘pool’ and spread between users as per the Administrator quota policy.

Also each Company can add additional storage or services from any of the 40+ clouds that SME supports.

Features also included for The team service also includes in both lifetime and SaaS pricing options:

    - Encrypt sensitive data stored on remote cloud services with a private key
    - Integration with Active Directory (optional)
    - Full Audit and event history of all files
    - Access via FTP, WebDav or the S3 protocol to any cloud or service added
    - File versioning and locking
    - Folder permissions and ACL
    - Joined up collaboration
    - Secure file sharing

More details on features can be found on the SME features page.

All pricing information is on the SME Pricing page.

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to encrypt, secure and access sensitive cloud storage data

The recent PRISM Data snooping controversies have heightened almost every companies awareness of the potential vulnerabilities of data stored off-premise in the Cloud. Many Cloud Storage companies talk about encrypting data ‘at rest’ but the real issue is that the storage companies control the encryption rather than the company whose data is stored controlling the private key.

Amongst many other, one of the services that the Storage Made Easy Cloud service provides is an encryption service that can encrypt data uploaded to remote Cloud Storage. As SME supports around 45 cloud storage vendors this means that all of these are able to take advantage of private key encryption for some or all data. This private key is not stored by Storage Made Easy. If you lose it, or forget it, you cannot get access to your data.

SME uses AES-256 encryption using the Rijndael cipher, with Cipher Block Chaining (CBC) where the block size is 16 bytes. The cipher Rijndael consists of:

- an initial Round Key addition
- Nr-1Rounds
- a final round.

The chaining variable goes into the “input” and the message block goes into the “Cipher Key. The likelihood of recovering a file that has been encrypted using our encryption is fairly remote. The most efficient key-recovery attack for Rijndael is exhaustive key search. The expected effort of exhaustive key search depends on the length of the Cipher Key and for a 16-byte key, 2127 applications of Rijndael.

Once files are encrypted in this manner they can be accessed by an of the comprehensive SME desktop (Mac, Windows, Linux) or mobile tools (Windows Phone, iOS, Android, BlackBerry). When an encrypted file is accessed the user is prompted to provide the private key phrase before the file can be opened.

Any AES-256 decryption tool that supports the Rijndael cipher with 16 byte blocksizes can be used to un-encrypt files. For example the popular freeware file manager Total Commander has a free plugin to handle such decryption.

Standalone desktop decryption tools are also provided by Storage Made EAsy in the event encrypted files are downloaded direct from remote clouds rather than via the SME service. These tools enable the desktop decryption of files using the private key that was set on upload. These Apps are available for Mac, Windows and Linux Operating Systems from the SME Cloud Tools page.

What we have outlined so far is with regards to the Storage Made Easy SaaS hosted service but SME also provides this service as an on-premise Cloud Control service that can reside behind the corporate firewall. It enables the ability to keep very sensitive data behind the corporate firewall but still enable secure file sharing and at the same time offers the ability to encrypt data that is stored on remote cloud storage and other SaaS services.

The Storage Made Easy Cloud Encryption service is available to all SME users inclusive of free, Personal Cloud, Business Cloud and Enterprise Cloud

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

SME Cloud FIle Explorer Safari Extension released

Similar to our Chrome File Explorer extension we blogged about recently, we have now released the same extension for Safari.

You can install it from the SME Clients and Tools page.

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Storage Made Easy: Reflections on 2012 and looking forward through 2013

Now that 2012 has drawn to a close and we are in mid January we thought it would be useful to reflect on what we have seen through our own business as trends and pointers, look at some of the things we have done over the course of the last year and finish by looking at what Storage Made Easy brings into 2013.

Key Trends:

A key trend for our business was a switch from online personal and SMB clients to more direct channel and corporate clients using our hybrid Appliance. The work we are doing with Huddle on the channel side and Xtime and Finser on the direct side are great examples of this trend. From July our business moved from a model of online Personal / SMB SaaS to Direct Corporate / Channel sales utilising our hybrid on-premise cloud appliance. Pre July the revenue split was 90:10 online SaaS and today the model is 10:90 weighted towards the direct business/channel revenue stream. We see this as a key indication that :

a. Larger companies want to ‘own’ their own data and are focused on making their storage integrate with what they already have such as their existing identity management systems (in many case Active Directory) and existing structured data systems.

b. Companies want to stop staff using un-authorised services and have come to the conclusion that they need to put structures in place to not only prevent this but to offer an alternative.

b. Companies are focused on the data legislation and governance of structured data so that they can track all file events, a mandatory requirement for certain verticals, such as government and healthcare for example.

c. The ability to search across disparate data sets easily and also on the move is becoming more and more important for companies as they try to make productive use of their core corporate asset, their data !

Our Focus for 2013:

Our Focus for 2013 is going to be as follows:

1. Simplifying our pricing proposition. The result of this will be visible over the next few weeks. We have tried to be as flexible as possible with what we provide to users but we find that this can result in users being paralysed by the paradox of choice so we will be making these much easier to understand.

2. Concentrating on formally launching our on-premise cloud Appliance. Having done a limited release launch in 2012, we will be shortly making available the ability to download the Appliance direct from our site.We have spent a fair bit of time re-designing the installation procedure with regards to networking, https keys etc,  to make it easy to install and get going. Below is an overview of the Architecture of the SME Appliance.

3. Enabling easy IaaS deployments so that users and companies can easily deploy their own personal or company cloud onto IaaS infrastructures. We already do this for Linode  but we will be expanding this to Amazon EC2 (and maybe one other provider we cannot discuss yet) and making the whole process an easier click through process.

We had a great growth year in 2012 and we look forward to continuing that in 2013.

 

 

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Manage and Sync with all your Cloud Services using Storage Made Easy’s iOS App

We’ve updated the Storage Made Easy iPad / iPhone App. As with all Storage Made Easy mobile clients, the App unifies public cloud services such as Box, SkyDrive, Google Drive, DropBox, Amazon S3 as well as private cloud services such as OpenStack, FTP(s), WebDav, Zimbra etc.

The App also features our innovative CloudDav feature. CloudDav enables WebDav across any Cloud that is mapped to the App. This then enables users to edit documents using any of their storage services with Doc editing Apps such as iWork, even if the native Cloud does not actually support WebDav.

This update includes a number of refinements and changing such as slight tweak to support the iPhone 5 screen resolution, and the release also extends the Business WorkSpaces feature. This feature lets users create Business WorkSpaces directly from the App and enables members of the group to share files securely with each other.

Cross Cloud Search is also a feature of the App. This means, for example, that if you need to search for files related to a a certain project keyword you can simply type the search terms and all the cloud data sources that you have mapped to the App will be searched and the aggregated results returned.

For the SME business SaaS and on-premise Appliance customers the integration of the SaaS and hybrid Appliance with on-premise Active Directory servers enables single sign-on as users can authenticate with their Active Directory username and passwords.

Some review comments taken from the App store reviews can be seen below:

“This app is a must have if you want to easily manage and have functionality between up to 3 cloud apps. SME is e a very advanced app. So far I’ve been able to download zip files from my email, un-zip (or in SME terminology unarchive) and send to any of my cloud accounts. I can transfer files between clouds from the app either by cloud copy or cloud cut, the later of which will move the file. There’s definitely a learning curve for the advanced features, but the ones I described are easy learn. SME has bar non the best tech support I’ve ever dealt with. On three occasions I needed help to learn the functions, and within 30 minutes tech support had my problem resolved. P.S. not being tech savvy the 3 problems were on my end. By far this is one of the best apps I’ve purchased. The functionality it provides the Pages App alone makes SME worth every penny.”

“Needed a WebDav solution for iWork apps in order to move files to and from the iPad. Dropbox does not support WebDav, iWork does not support Dropbox. iSMEStorage fills the void, providing WebDav services to Dropbox and many other cloud storage providers. Getting WebDav enabled via SME’s CloudDav was not as easy as it could have been, but SME Support was fantastic, getting me up and running on the weekend. All I can say is well done! Now I can move files on & off the iPad seamlessly. Very nice! Well worth the one time charge for the app.”

“First App I’ve used that lets me sync a few different folders on different clouds in one go, and editing files from clouds that iWork does not support is pretty cool however they manage to do it !”

“This is a great supplement for creating your own personal cloud service. Great!”

iSMEStorage from Storage Made Easy is available in the Apple App Store for iPad and iPhone users.

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Cloud File Server Branding

We’ve been asked many times from our Cloud File Server clients how they can customise their accounts to incorporate a unique link and logo branding. I’m pleased to be able to day this is now live on the site. A short overview on how to do this below:

1. How to brand your Cloud File Server

Branding your Cloud File Server is straightforward, when logged in as the Cloud Admin, just navigate to the Option setting and upload your own logos. One will be use for the login screen and the other will be used for the logo icon in the top left when logged in. 

Any logos uploaded, if larger than the file sizes requested will be cropped.

2. Unique Link

Once you have updated the graphics you will be given a unique link to access your Cloud File Server for your company.

3. Branding complete

Once you have completed the branding exercise your Cloud File Server can be accessed using the unique home page and your brand will be displayed subsequently after login.

You can change this as many times as you wish.

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Cloud File Manager for Windows Phone updated: Unify access to your Cloud Files

We recently updated The Windows Phone Cloud File Manager. Features include:

- Instant access to unified Cloud files anytime, anywhere direct from a WP7 device.

- Assign lengthy tasks and operations to the SME Platform Tasks Engine (PTE). Use your phone while tasks are completed in background. Check progress at anytime in cloud tasks.

- Manage multiple Clouds in a single view. Easily move files between different clouds, done in background.

- Advanced Cloud Search feature that can search for files across multiple clouds.

- Unique Cloud Clipboard feature enables file management from different clouds in batches, without downloading & then uploading.

- Unique Direct Upload uploads files from web directly, no need to download and then upload, just enter file address and our servers will upload it in background.

- Open files in the phone in Microsoft Office, MediaPlayer etc.

- Share and collaborate – share files to social networks (Facebook, LinkedIn, Twitter, Windows Live, etc.), over email or with users groups.

- Record audio (even with screen locked), take notes and 2-way sync with chosen Cloud(s). No need for another recording App.

- 2-way sync pictures with different Clouds. Integrated with Pictures hub. Pictures can be uploaded (shared) directly from the hub.

We have seen a recent surge in business customers wanting to use the Windows Phone with our Cloud File Server SaaS and hosted hybrid appliance and expect this to continue with the recently announced windows phone business features.

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

IBM Bans DropBox. Here is why you don’t need to follow suit

You may have missed it but IBM recently banned their 400,000 user based from using DropBox and other services like it. Jeanette Horan, IBM’s chief information officer, said that the restrictions has been in place since a review of IBM’s BYOD policy.  A great article underlining the reasons IBM made this policy change can be found in this Information Week article from Kevin Casey.

“The risk of allowing BYOC is inherent in any organization that owns confidential or critical information, which I would assume is every corporation in existence”

however how do you enforce it ?

“There’s also that minor matter of enforcement. IBM has the wherewithal to practice what it preaches, but when IT and financial resources are already spread thin, trying to keep people from sending corporate files to their personal Gmail accounts might be an exercise in futility.”

Enforcement of policy is of course a good question and one that we are happy to expand on. What IBM are really describing is the issue of what is being termed as “Cloud Sprawl” ie. the plethora of online services that can be responsible for not only information leak, but also prevent cohesive company information visibility. We have blogged about this previously.

The SME Cloud Appliance  and service is the enabler for governance and control of different Cloud Storage providers, such as DropBox, and of SaaS Services, such as BaseCamp for example. There are specific controls built into the Appliance to enable IT to govern how access is granter to information and also specific controls to not only restrict access but audit access:


This can audit access of all cloud storage types including personal clouds (if it is decided to allow them in the organisation). The auditing is granular and logs each event type and IP address of any file or resource interaction:
class

User login can groups can be controlled by Active Directory integration and Access permissions can be set against groups/roles across all information resources:

As we have shown, the Cloud File Server Appliance is a mechanism for IT within SMB’s and other companies to keep control of diverse information clouds and SaaS Cloud services whilst still promoting things such as BYOD and can be used as a SaaS hosted service or can be obtained as a Virtual Machine and hosted in-house.

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Linux Cloud Tools updated to 3.0.12

We’ve updated our Linux Cloud Tools to 3.0.12. The changes include:

1. Supports deleting of files during sync

If a user deletes files locally and syncs then the files will be deleted on the server. If a user  deletes files on the server and then syncs then files will be deleted locally. These 2 options are ‘Off’ by default. and can be turned on in settings of the sync center.

2. In Ubuntu 11.10+ “Hide in tray” works correctly.

3. Fixed Menu duplication

4. Fix for large fonts bug.

5. In Explorer new option to upload folder (previously only individual files were possible to upload).

6. Fixed bug with trash in explorer (not all files from trash were displayed)

7. Sync center works as per other OS sync tooling.  The ”My syncs” folder concept is not used any more and desktop to different cloud folders can be mapped. ie. any folder can now be nominated for sync.  The free version has a restriction of 3 folders that can be sync’d

8. Encryption now supported (only for Personal Cloud or Business Cloud users.). In the Properties window it is possible to set a password for encryption of files during sync.

9. Small fix for Properties window for small screens. Scrolling works correctly now.





The Linux Cloud Tools can be used with the following Clouds:

Google Docs, Google Storage, Google Sites,
Amazon S3, MobileMe, Microsoft Live Mesh (read only),
Microsoft SkyDrive, DropBox, Azure Blob Storage,
Box.net, RackSpace Cloud Files, OpenStack Swift,
Gmail-as-a-Cloud, Email-as-a-Cloud, Mezeo,
HP Object Cloud Storage, S3 compliant Clouds such as (Eucalyptus Walrus),
Ubuntu One Cloud, iKeepinCloud, PogoPlug,
BaseCamp SaaS Service, IBM Connections Files,
EMC Atmos, Office365, SharePoint, CloudMe,
HostingSolutions.it, Scality, Alfresco (on-premise),
Zimbra Briefcase, SafeSync(WebDav enabled),
FilesAnywhere (WebDav enabled), and any WebDav enabled Cloud.

The tools can be downloaded from the Linux Cloud Tools Page.

PrintFriendly
facebooktwittergoogle_plusredditpinterestlinkedinmailby feather