This post is the first in a new series of posts focusing on the forthcoming General Data Protection Regulations (GDPR) and specifically focuses on data encryption.
I am Zaeem, SME’s Pre Sales Executive. I was asked to share my favourite SME feature with you all, so I thought hard about what was it for me that really stood out.
From the colossal arsenal of features like locking, client tools, file-sharing annotations, auditing, AD integration …….. so on and so forth. I had to pick one, but it was not that difficult for me, to decide what I think is one of the best, if not the best feature. My winner is Folder Permissions. Continue reading →
We quite often assume that when working with Cloud data it will be from the web or from mobile “on the go” devices. To be fair this can often be the majority of cases, but the Enterprise throws up all sorts of different use cases and I thought it would be useful to go over one of the more esoteric ones.
One of the customers that use the Storage Made Easy on-premise Enterprise File Share and Sync Cloud Control product is a medical company. They use the SME product as a hybrid on-premise cloud product that is able to offer storage locally and on Amazon S3. Both sets of storage use the Amazon S3 API. The SME Appliance is able to make local storage accessible over an S3 compatible API and then off-board this storage to Amazon S3 as required. This meant that the companies scripts and applications could easily work locally and with Amazon S3 with very minimal configuration changes.
Their field staff quite often find themselves in a situation where, when working remotely, their only means of access is using a terminal ie. there is no direct web access and mobile devices are blocked and cannot be turned on. In the past this meant that the consultant used to carry around CD’s / DVD’s in which information that may be required is burned off.
The consultants did however have direct access to terminals which were internet enabled. As the SME EFSS product also include a protocol gateway this mean it was possible to get direct terminal access to remote files using SFTP.
As the SME EFSS Gateway product integrated with the companies Active Directory services then terminal access was still using Single Sign On and the Active Directory credentials for each user access
User access can be obtained directly from the command line as per the example below..
Once authenticated the user can do a simple “ls” to get a file listing.
Once connected the view of the folder/files is available and can be worked with via the command line.
All access to the files are also logged and audited, including the username, the IP address and the types of interactions occurring, all part of a the HIPPA compliant process the customer implements. These reports can be exported and made available in excel to any compliance officer.
Secure access to files and data can take many forms and in the Enterprise the edge cases also need to be catered for as well as the more common access use cases.
As the Cloud permeates all aspects of business enterprises in particular are waking up to the cost benefits that Cloud can bring, from outsourced pay-as-you-go applications to cheaper and easier archival, to storage of non sensitive documents and data.
An often repeated truth is that Enterprises have 3 of everything. When I worked in the Middleware space it was not unusual to see one department using IBM WebSphere, another using WebLogic and yet another experimenting with JBoss. The same adage goes for enterprise content management.
In the not to distant past if I brought up Enterprise Content Management then it could be referred that I was only discussing Documentum, Alfresco, SharePoint or some CMIS type product, but in today’s world the term can also apply to documents stored on OneDrive, DropBox, Google Drive, Amazon S3 etc. Throw in CRM’s that store documents such as Salesforce and online project management tools such as BaseCamp and you start to grasp just how many independent content and documents silos that companies have to deal with.
This is bore out by a recent survey by AIIM called “Get more from on-premise ECM”. The highlights of that survey are:
50% of companies already use 3 or more storage solutions (this echoes prior research that SME also undertook.)
40% of companies are investigating cloud
This presents two large challenges to companies:
Accessibility of data – where is it ? which App ? Which data store ?
Governance of data – How do you you universally secure data and set polices across data silos and Apps ?
The Storage Made Easy EFSS Cloud Control Solution was built specifically to address these types of challenges.
Connecting to private and public content stores and Apps that functions as content stores, such as Salesforce, is a facilitator to make accessibility easier as when users search for a document the search is conducted across the content estate, not just in an App silo.
Also SME has an Enterprise connector to Apache Lucene / SOLR to enable deep search of file content from any desktop and any App. This not only increases the accessibility and availability of data, it also immeasurably increases worker productivity.
Governance of data is a thorn in the side of Enterprise IT when it comes to the storing of Cloud data and the NSA snooping scandal and recent celebrity photo hacking has not done anything to help the sensitivity of it. Cloud Governance and Control is firmly in the spotlight of Enterprise IT and more importantly Enterprise Management.
Often what you see from vendors is a “my cloud is better than your cloud” approach to this problem ie. a vendor adds one specific security feature and tries to use this to get companies to move their data or sensitive data to this solution. Alternatively a company can target one facet of Governance and Control, lets say encryption for example, and build their product and service on this one feature only.
The SME solution takes a more holistic approach to provide governance and control across the whole content estate. It does not try and get you to move your data to it (it’s data agnostic and does not store data) and it does not just work as a silo or offer one feature. It provides an integrated sensible approach to corporate content governance and control:
– It integrates with existing Active Directory or LDAP systems to provide a single-sign-on solution for identity management.
– It provides an encryption service to enable remotely stored data to be encrypted and only accessible with authorization.
– It provides secure file sharing and combines this with pre-set business policies. Files can be password protected and time expired and these can be applied as policies. For example you can choose to set a policy that all files have a 24 hour expiration time and which must require a password for sharing.
– It provides a comprehensive audit log of all file events for all content. For remote file shares it tracks the IP address of the remote users accessing the file.
– It provides GEO Locations restrictions to enable restrict or prevent access. For example if you have an outsource accounting company who require access to a particular folder you could restrict their access to being over a certain IP address and only from a web viewer.
– It has built in Bring Your Own Device controls that allow the setting of per user permissions with regards to web, desktop or mobile device access. It also works with Oracle Mobile Security and OpenPeak Sector in the event the company already has these BYOD controls in house.
– It integrates with what you have providing desktop cloud drives, plug in’s for Microsoft Office and Open Office as well as email plug in’s for file sharing.
Content Management, Cloud Governance and Collaboration is only going to get harder, not easier, as companies embrace new data stores and new applications that store data. To facilitate a productive, accessible, controlled experience the control points simply have to be joined up.
With the recent celebrity photo scandal fresh in the minds of companies who are either using or anticipating moving to use Cloud questions regarding security, architecture and governance are fair ones to ask.
Without a doubt cloud computing offers advantages to companies that encompass ease of use, productivity and cost savings, however companies have concerns about if, how and where they store their sensitive data. This is where hybrid cloud can play a part.
What is Hybrid Cloud ? Hybrid Cloud essentially continues to offer businesses all the benefits associated with the public cloud whilst enabling them to continue to have choices of storing certain types of data privately.
The benefits of a hybrid cloud strategy are that it addresses the security concerns of sensitive data whilst offering a dual strategy, unlike a pure private cloud implementation.
The Storage Made Easy Enterprise File Share and Sync platform provides such a public / private hybrid cloud solution but takes it a step further in the following ways:
– SME integrates with many existing private data applications and public cloud solutions. Private data application examples are Jive, CMIS, SharePoint, FTP and CIFS. Public cloud solution examples are Amazon S3, RackSpace Cloud Files, Google Storage, Azure Blog Storage, Salesforce etc. SME does not force you to work with other storage or data that comes with the solution. SME is storage agnostic and it works with what you have.
-SME offers a control point for all corporate data wherever it is stored. As a control points Storage Made Easy can be configured to audit log all file events which can be exported as an excel file or as Syslog events for use with Business DashBoards. It also enables encrypting of sensitive files through the gateway that reside on public cloud Apps, or the choice of keeping these files entirely private behind the firewall but still accessible. GEO location tracking and restrictions are also built into the platform as is secure file sharing across all data stores enabling a common file sharing policy to be set.
– SME provides a single pane of glass into all cloud services and integrates into corporate identity management systems such as LDAP and Active Directory. It can function as a public and private cloud data control point and can also be set to enable users to add their own consumer cloud accounts if this is a company policy, and it can track which corporate documents are moved, or shared, into a users consumer cloud account.
– More effective governance is provided as the SME Enterprise File Share and Sync gateway not only provides the flexibility and security of the hybrid cloud model, it also provides a cloud control point for existing private data and public cloud data sets.