Top 10 things you should demand from your OpenStack Swift File Sync and Share vendor

OpenStack Swift file sharing

OpenStack Swift is more than an enabler to store large amounts of unstructured data. The massive scalability, geographic dispersion, and REST API Access are a way to achieve some compelling use cases, of which the most popular is undoubtedly file sharing.

In the past Enterprise File Share and Sync has been more traditionally associated with file-based storage platforms but as such storage platforms struggle to scale and don’t naturally lend themselves to be web accessible pairing Enterprise File Share and Sync with object storage solutions such as OpenStack Swift has become much more compelling for enterprises. Not only from an ease of use perspective but also from an ROI perspective.

This post looks at the “must have” features that should be demanded from an OpenStack Swift Enterprise Sync and Share vendor.

Continue reading “Top 10 things you should demand from your OpenStack Swift File Sync and Share vendor”

Facebooktwitterredditpinterestlinkedinmailby feather

A look at retaining Brand Identity using Storage Made Easy’s File Sync and Share self-service branding

Corporate brand identity management is a key issue for any organisation. Various surveys have indicated that companies who pay special attention to their corporate brand identity  influence employees’ commitment to their organisations, in addition to consolidating their brand identity.

To that end Storage Made Easy has consistently provided a way to brand their Storage Made Easy Enterprise File Share and Sync Solution, either when used as a federated fabric or as a dedicated solution for storage solutions such as OpenStack.

Lets take a look at some of the ways in which the self service features can be used to self-brand.

Continue reading “A look at retaining Brand Identity using Storage Made Easy’s File Sync and Share self-service branding”

Facebooktwitterredditpinterestlinkedinmailby feather

Announcing secure file sharing for Gmail Chrome users for public and private storage clouds

For those who use the Enterprise File Share and Sync service from Storage Made Easy they will know that as part of the Windows and Mac desktop tools that are provided that there is a n email toolbar integration into Mac Mail and Microsoft Outlook that enables users to securely share file links rather than file attachments.

Mac Sharefile plugin
Mac Email Screenshot

Windows Sharefile
Windows Email Screenshot

This support for secure email link sharing has now been extended for Chrome users using Gmail using the Storage Made Easy Gmail Plugin available from the Chrome web store.

Once added this provides a new toolbar entry when composing Gmail’s on Chrome:

Gmail Sharefile

Once selected this prompts the user to log into their SME Account, if SaaS, or the user can set their custom endpoint if using the SME On-Site Enterprise File Share and Sync solution:

Gmail Secure Links

Once logged in the user is presented with their mapped clouds:

Secure Gmail

 

From here files can be shared as links can be shared from any of the mapped cloud directories:

Sharing Files links on Gmail

If a cloud governance file policy has been set by the Cloud Administrator for the team account then  the details here will be pre-populated otherwise options can be chosen prior to link generation. After this when share is clicked, the link is added to the email:

Gmail shared files

When the link is shared, if Auditing is turned on within the SME Account, then the link generation will be recorded in the Audit log and once the remote user opens the link the remote IP address will also be recorded.

Audited file shared links

 

The SME Chrome extension works with any free/personal, team, or on-premise account and works with over 45 public/private cloud storage providers.

**Note: only team and on-premise accounts provide the Audit features
Facebooktwitterredditpinterestlinkedinmailby feather

Document Management is more than just managing documents – it is also securing them

Enterprise file share and sync

Document control and management is of vital importance to any organization. If sensitive information is sent outside of your company, once the documents have been sent electronically, control is lost and this can put files you shared at risk. They can be copied or forwarded anywhere in the world, in seconds.

For most businesses, the focus of their attention is on document management and on the organizational workflow and the storage of documents. Companies want to be able to integrate documents into a workflow and store documents in an organized and secure way that still allows documents to be found easily . Where the document is stored can frequently change. It could be SharePoint, it could be FTP, it could be on some external repository etc. Where the security process can fall down is when documents are shared externally or how they are available to be collaborated on.

The proliferation of employees bringing there own devices to work (BYOD and BYOC) and using preferred SaaS applications of their own choosing has led to corporate governance becoming even more of a challenge for those tasked with its enforcement as an increasing number of end users bypass corporate protocol.

Such ‘Shadow IT‘ can pose a significant security risk, as unapproved hardware and software that are used do not undergo the necessary security checks and the storage and dissemination of such documents is outside of corporate control.

solving shadow it problem

Storage Made Easy provides a unified Enterprise File Share and Sync solution, which works with a companies existing private and public data, presenting these files in a unified view.. It enables enterprises to not only securely sync, but also to securely share and work with files, wherever they need to go, even on devices that are beyond IT’s control.

IT benefits from a solution that gives them control, and users benefit as they have automatic access to documents and files from multiple data repositories, with robust security wherever behind the corporate firewall, or using any tablet, smartphone or PC.

Storage Made Easy uniquely provides:

• The ability to view, annotate, edit and sync almost any cloud or private file from almost any storage to any device.

• Internal and external collaboration features to work securely with anyone without losing control of enterprise data.

• Complete audit tracking to ascertain who accessed files, where form, and what action was taken.

• Provides a secure way for the organizations to collaborate with external partners using business workspaces.

• GEO Restrictions – restrict access to documents by IP address and by client. For example let an external sub office only have access to a folder from a specific IP address from the web browser (or any other client you nominate).

• Full Bring Your Own Device Support to restrict access to by employees by device type.

• Sophisticated permissions that unify permissions to different back end document storage and which can also be used with Active Directory or LDAP

• A way to solve the “DropBox” “bring your own cloud” problem be auditing such clouds even when documents are uploaded direct.

• A way to encrypt files stored on remote clouds which a key that is stored behind the corporate firewall this protecting remote sensitive data.

Secure document file sharing

In summary you do not have to choose between a homogenous and restrictive system or a lawless fenzy of different unapproved systems. The Storage Made Easy Enterprise file share and sync solution is storage agnostic. It is compatible with most private or public file sharing cloud data stores allowing users to continue using their preferred cloud storage provider while at the same time converging off-site and on–site private and public data. This allows a centralized point for corporate governance, thus providing a real solution to the Shadow IT and corporate governance problem.

Facebooktwitterredditpinterestlinkedinmailby feather

SFTP access to Cloud Storage

Cloud Storage SFTP

Storage Made Easy® have now made live a new SFTP protocol adaptor. SFTP is one of the two primary technologies for secure FTP networking, the other being FTPS, which Storage Made Easy already supports (along with FTP, WebDav, Secure WebDav and S3).

The primary reason we investigated implementing SFTP is due to a government POC in which access was required to secure AWSGov Cloud files from medical terminals. This was the primary requirement, but because Storage Made Easy works with almost any back-end Cloud. once added, it can be used as protocol gateway for any cloud mapped to an account, note that the Port is 2200

Below is an example of using the SFTP protocol to access a Storage Made Easy account using Transmit (a Mac App).

Transmit Cloud SFTP

Once connected, all data and mapped clouds are accessible.

SFTP RackSpace Cloud Files

Access can also be done directly from the command line.

Once connected we can do an ‘ls’ to get a file listing and the view of the files is similar to our earlier UI view.

Mac SFTP S3

To find out more about the SME protocol gateway feature that is part of the File Fabric solution please check out the below video.

SFTP Cloud files Access is available for Files Fabric Enterprise, IaaS, UK Government G-Cloud, or SaaS (business plan only) solutions.

SaaS access to SFTP (for business plan users) can be achieved using the following URL’s:

US
sftp.storagemadeeasy.com

EU
sftpeu.storagemadeeasy.com

Facebooktwitterredditpinterestlinkedinmailby feather

How to encrypt, secure and access sensitive cloud storage data

**Updated 1st July 2016*

The recent PRISM Data snooping controversies have heightened almost every companies awareness of the potential vulnerabilities of data stored off-premise in the Cloud. Many Cloud Storage companies’ talk about encrypting data ‘at rest’ but the real issue is that the storage companies control the encryption rather than the company whose data is stored controlling the private key.

One of the features that Storage Made Easy provides is an encryption feature that can encrypt data uploaded to remote (and local) Cloud Storage. SME supports 50+ cloud storage vendors, which means companies are able to take advantage of private key encryption for some, or all data, across cloud storage providers.

For individual users of our cloud SaaS services SME  uses a key entered by a user to encrypt data, but  the key is not stored on the SME hosted service. If the key is lost, or forgotten, then when trying to subsequently access the file the user will not be able to gain access to the file as the correct key phrase will not be known.

For companies that use the SME SaaS hosted service team Admins specify a key that uses a similar mechanism but is applied to all users. Unlike the personal encryption the key phrase is either stored encrypted by the SME service, or it can be stored with a self hosted Vault instance.

For enterprise users who self-host the SME service then the key is can be stored on the service behind the corporate firewall or again it could use the open source Vault software on a key server.

Encryption file SME

SME uses AES-256 encryption using the Rijndael cipher, with Cipher Block Chaining (CBC) where the block size is 16 bytes. A random initialisation vector is generated when the user supplies an encryption key. The cipher Rijndael consists of:

– an initial Round Key addition
– Nr-1Rounds
– a final round.

The chaining variable goes into the “input” and the message block goes into the “Cipher Key. The likelihood of recovering a file that has been encrypted using our encryption is fairly remote. The most efficient key-recovery attack for Rijndael is exhaustive key search. The expected effort of exhaustive key search depends on the length of the Cipher Key and for a 16-byte key, 2127 applications of Rijndael.

Data_SecurityOnce files are encrypted in this manner they can be accessed by an of the comprehensive SME desktop (Web, Mac, Windows, Linux) or mobile tools (Windows Phone, iOS, Android, BlackBerry). When an encrypted file is accessed the user is prompted to provide the private key phrase before the file can be opened.

Encrypted file phone

 

If the file is accessed direct from the underlying storage then it will not be able to be used as it will be encrypted and without being opened via the SME service, either hosted or on-premises, it will not be able to be un-encrypted. This makes sensitive data stored on remote servers ultra-secure.

The SME also on-premises Cloud Control service resides behind the corporate firewall. It enables the ability to keep very sensitive data behind the corporate firewall but still enable secure file sharing and at the same time offers the ability to encrypt data that is stored on remote cloud storage and other SaaS services for additional security.

SME Encryption

The Storage Made Easy Cloud Encryption service is available to all SME users inclusive of free, Personal Cloud, Business Cloud and Enterprise Cloud

Facebooktwitterredditpinterestlinkedinmailby feather