DocumentSafe – Protecting Sensitive Multi-Cloud Documents

It is not unusual for companies to have a need to share sensitive documents either with employees or external companies / partners. Even if the link sharing is ultra secure, once the document is available outside of the security of the company perimeter all control of the document has vanished.

This is where the Enterprise File Fabric DocumentSafe feature comes in. It provides a way to securely share documents (that may be stored on any on-premises or on-cloud documents storage) that can only be viewed by the intended recipient and are marked in such a way that makes the document traceable.

Continue reading “DocumentSafe – Protecting Sensitive Multi-Cloud Documents”

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Turning your iOS or Android device into a wireless Flash Drive

This blog post title may seem a little strange given that Storage Made Easy promotes the use of secure cloud file share and sync but we understand that there are times when you simply want to bulk move files directly from a laptop or PC to be able to access them on the move.

A little know feature of the free SME iOS and Android Apps is that they have the ability to turn themselves into an FTP Server which can be wirelessly connected to from an FTP client on the same network.

iOS FTP Flash DriveAndroid Wireless Flash Drive

This allows files to be easily uploaded to the App in Bulk on each device.

From a security viewpoint you will still want to secure the files in the event you lost the device or the device is stolen.

On iOS the SME App can be protected by a pin, and the forthcoming release supplemented by fingerprint Touch ID for devices that support it. Also If you turn on the device password for the iOS device then the SME App takes advantage of the encryption features build into iOS and all files are encrypted when the device is ‘locked’ or “at rest”.

On Android the SME App can also be protected by a pin but for additional security users should consider encrypting their device storage. You can read an article now how to do that here.

 

 

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Document Management is more than just managing documents – it is also securing them

Enterprise file share and sync

Document control and management is of vital importance to any organization. If sensitive information is sent outside of your company, once the documents have been sent electronically, control is lost and this can put files you shared at risk. They can be copied or forwarded anywhere in the world, in seconds.

For most businesses, the focus of their attention is on document management and on the organizational workflow and the storage of documents. Companies want to be able to integrate documents into a workflow and store documents in an organized and secure way that still allows documents to be found easily . Where the document is stored can frequently change. It could be SharePoint, it could be FTP, it could be on some external repository etc. Where the security process can fall down is when documents are shared externally or how they are available to be collaborated on.

The proliferation of employees bringing there own devices to work (BYOD and BYOC) and using preferred SaaS applications of their own choosing has led to corporate governance becoming even more of a challenge for those tasked with its enforcement as an increasing number of end users bypass corporate protocol.

Such ‘Shadow IT‘ can pose a significant security risk, as unapproved hardware and software that are used do not undergo the necessary security checks and the storage and dissemination of such documents is outside of corporate control.

solving shadow it problem

Storage Made Easy provides a unified Enterprise File Share and Sync solution, which works with a companies existing private and public data, presenting these files in a unified view.. It enables enterprises to not only securely sync, but also to securely share and work with files, wherever they need to go, even on devices that are beyond IT’s control.

IT benefits from a solution that gives them control, and users benefit as they have automatic access to documents and files from multiple data repositories, with robust security wherever behind the corporate firewall, or using any tablet, smartphone or PC.

Storage Made Easy uniquely provides:

• The ability to view, annotate, edit and sync almost any cloud or private file from almost any storage to any device.

• Internal and external collaboration features to work securely with anyone without losing control of enterprise data.

• Complete audit tracking to ascertain who accessed files, where form, and what action was taken.

• Provides a secure way for the organizations to collaborate with external partners using business workspaces.

• GEO Restrictions – restrict access to documents by IP address and by client. For example let an external sub office only have access to a folder from a specific IP address from the web browser (or any other client you nominate).

• Full Bring Your Own Device Support to restrict access to by employees by device type.

• Sophisticated permissions that unify permissions to different back end document storage and which can also be used with Active Directory or LDAP

• A way to solve the “DropBox” “bring your own cloud” problem be auditing such clouds even when documents are uploaded direct.

• A way to encrypt files stored on remote clouds which a key that is stored behind the corporate firewall this protecting remote sensitive data.

Secure document file sharing

In summary you do not have to choose between a homogenous and restrictive system or a lawless fenzy of different unapproved systems. The Storage Made Easy Enterprise file share and sync solution is storage agnostic. It is compatible with most private or public file sharing cloud data stores allowing users to continue using their preferred cloud storage provider while at the same time converging off-site and on–site private and public data. This allows a centralized point for corporate governance, thus providing a real solution to the Shadow IT and corporate governance problem.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

SFTP access to Cloud Storage

Cloud Storage SFTP

Storage Made Easy® have now made live a new SFTP protocol adaptor. SFTP is one of the two primary technologies for secure FTP networking, the other being FTPS, which Storage Made Easy already supports (along with FTP, WebDav, Secure WebDav and S3).

The primary reason we investigated implementing SFTP is due to a government POC in which access was required to secure AWSGov Cloud files from medical terminals. This was the primary requirement, but because Storage Made Easy works with almost any back-end Cloud. once added, it can be used as protocol gateway for any cloud mapped to an account, note that the Port is 2200

Below is an example of using the SFTP protocol to access a Storage Made Easy account using Transmit (a Mac App).

Transmit Cloud SFTP

Once connected, all data and mapped clouds are accessible.

SFTP RackSpace Cloud Files

Access can also be done directly from the command line.

Once connected we can do an ‘ls’ to get a file listing and the view of the files is similar to our earlier UI view.

Mac SFTP S3

To find out more about the SME protocol gateway feature that is part of the File Fabric solution please check out the below video.

SFTP Cloud files Access is available for Files Fabric Enterprise, IaaS, UK Government G-Cloud, or SaaS (business plan only) solutions.

SaaS access to SFTP (for business plan users) can be achieved using the following URL’s:

US
sftp.storagemadeeasy.com

EU
sftpeu.storagemadeeasy.com

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

The Top 5 things you can do to protect the privacy of Cloud Data

If you had not noticed, there has been a lot of controversy about the recent discovery that companies or individuals are prone to having their activities monitored by the US intelligence services. This is allegedly done under the code name PRISM and again allegedly involves some deep integration with large cloud companies, although many are denying the extent of their participation and service integration.

If the rumours are to be believe then everything from Google through to Skype and full blown Windows OS may have some snooping capability built in.

So what can you do to protect yourself? Below are the top 5 things you should,consider as a company and as an individual:

1. Run your own Private Data Cloud: We have been promoting this for a while with the SME Cloud Appliance. Install your own Cloud File Server, use it with your own data, and auditing / governance monitoring, from desktop and mobile clients. It’s behind your firewall and its under your control. In short own your own data.

2. Encrypt your data. If you have to use public cloud services encrypt your data. SME provides streamed 256 bit SHA-1 AES encryption in which you keep the private key. It’s not anywhere on our SaaS service and of,course if you use the SME on-premise appliance then you have total control. Additionally consider desktop encryptors such as TrueCrypt and BoxCryptor.

3. Consider an alternative non tracking search engine such as DuckDuckGo. This enables anonymous searching and offers other privacy features.

4. Consider using an anonymous proxy that hides your IP address. Tor (originally short for The Onion Router)is free software, available for desktop and mobile clients, for enabling online anonymity. Tor directs Internet traffic through a free, worldwide volunteer network consisting of thousands of relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis.

Also don’t forget that there are many ways to identify you, even if the IP address is ‘randomized’. Either Delete your browser cache, history and cookies etc or consider using anonymous browser sessions or extensions or add-ins that prevent browser cookies or tracking.

5. Consider the locality of your data. If you are in the UK or EU do you really want your data hosted in the US and subject to the Patriot Act. If you are in the US (or anywhere in the world) consider point 2 strongly. Private Cloud can offer just as many benefits as public cloud.

An often trotted out phrase is that “if you are doing nothing wrong you have nothing to fear”. With that simple phrase vanish personal freedoms and liberties built up over hundreds of years from the likes of Thomas Paine onwards.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather