Uncategorized – Storage Made Easy Blog

February 25, 2015

Now access all your private and public storage shared links in one place

One of the features that has been most requested from our users is the ability to view and manage active shared links from one place, rather than filtering them in the Audit Logs.

I am pleased to state that we have now implemented this request and made it live in our platform. It is available for all user tiers, free, personal and business, and it will be rolled out in a future release of our enterprise appliance.

The feature simply provides a quick way to see which files have been shared and whether they are password protected or time expired.

For Cloud Administrators of team accounts, they can see shared links from all users consolidated in one place or for each individual user from the team.

The same information has always been available from the Audit logs (for team and enterprise users) but the audit logs also shows temporary links, generated for document access, as well as links that may have expired, so the new shared links functionality is an easy way to be aware of current active shared document links.

September 22, 2014

Cloud Computing Use Case: Working with Amazon S3 data from a terminal over SFTP

We quite often assume that when working with Cloud data it will be from the web or from mobile “on the go” devices. To be fair this can often be the majority of cases, but the Enterprise throws up all sorts of different use cases and I thought it would be useful to go over one of the more esoteric ones.

One of the customers that use the Storage Made Easy on-premise Enterprise File Share and Sync Cloud Control product is a medical company. They use the SME product as a hybrid on-premise cloud product that is able to offer storage locally and on Amazon S3. Both sets of storage use the Amazon S3 API. The SME Appliance is able to make local storage accessible over an S3 compatible API and then off-board this storage to Amazon S3 as required. This meant that the companies scripts and applications could easily work locally and with Amazon S3 with very minimal configuration changes.

Their field staff quite often find themselves in a situation where, when working remotely, their only means of access is using a terminal ie. there is no direct web access and mobile devices are blocked and cannot be turned on. In the past this meant that the consultant used to carry around CD’s / DVD’s in which information that may be required is burned off.

The consultants did however have direct access to terminals which were internet enabled. As the SME EFSS product also include a protocol gateway this mean it was possible to get direct terminal access to remote files using SFTP.

As the SME EFSS Gateway product integrated with the companies Active Directory services then terminal access was still using Single Sign On and the Active Directory credentials for each user access

User access can be obtained directly from the command line as per the example below..

Once authenticated the user can do a simple “ls” to get a file listing.

Once connected the view of the folder/files is available and can be worked with via the command line.

All access to the files are also logged and audited, including the username, the IP address and the types of interactions occurring, all part of a the HIPPA compliant process the customer implements. These reports can be exported and made available in excel to any compliance officer.

Summary:

Secure access to files and data can take many forms and in the Enterprise the edge cases also need to be catered for as well as the more common access use cases.

September 10, 2014April 14, 2021

Cloud Storage Security concerns ? Why Hybrid Cloud offers the best of both worlds

With the recent celebrity photo scandal fresh in the minds of companies who are either using or anticipating moving to use Cloud questions regarding security, architecture and governance are fair ones to ask.

Without a doubt cloud computing offers advantages to companies that encompass ease of use, productivity and cost savings, however companies have concerns about if, how and where they store their sensitive data. This is where hybrid cloud can play a part.

What is Hybrid Cloud ? Hybrid Cloud essentially continues to offer businesses all the benefits associated with the public cloud whilst enabling them to continue to have choices of storing certain types of data privately.

The benefits of a hybrid cloud strategy are that it addresses the security concerns of sensitive data whilst offering a dual strategy, unlike a pure private cloud implementation.

The Storage Made Easy Enterprise File Fabric provides such a public / private hybrid cloud solution but takes it a step further in the following ways:

– The File Fabric integrates with many existing private data applications and public cloud solutions. Private data application examples are SMB, CMIS, SharePoint, FTP and NAS/SAN. Public cloud solution examples are Amazon S3, RackSpace Cloud Files, Google Storage, Azure Blog Storage, Salesforce etc. The File Fabric does not force you to work with other storage or data that comes with the solution. The File Fabric is storage agnostic and it works with what data sources exist within a company.

-The File Fabric offers a control point for all corporate data wherever it is stored. As a control points Storage Made Easy can be configured to audit log all file events which can be exported as an excel file or as Syslog events for use with Business DashBoards. It also enables encrypting of sensitive files through the gateway that reside on public cloud Apps, or the choice of keeping these files entirely private behind the firewall but still accessible. GEO location tracking and restrictions are also built into the platform as is secure file sharing across all data stores enabling a common file sharing policy to be set.

– The File Fabric provides a single pane of glass into all cloud services and integrates into corporate identity management systems such asSAML, LDAP and Active Directory. It can function as a public and private cloud data control point and can also be set to enable users to add their own consumer cloud accounts if this is a company policy, and it can track which corporate documents are moved, or shared, into a users consumer cloud account.

– More effective governance is provided as the File Fabric not only provides the flexibility and security of the hybrid cloud model, it also provides a cloud control point for existing private data and public cloud data sets.

September 5, 2014

Collaborating with Bookmarks and Web Links in Teams

There are a lot of articles about document collaboration and project collaboration from a variety of vendors but rarely do they talk about bookmark or web links collaboration which is can often be a key part of any project.

This blog post will outline how easy this is with Storage Made Easy in which it can be done against any Storage back-end, be that a consumer storage cloud such as DropBox, Google Drive, OneDrive etc or a business or private back end storage cloud such as OpenStack Swift, Cloudian, CleverSafe, Amazon S3, RackSpace etc. In all more than 45 different private and public storage clouds are supported.

Requirements:

– A Storage Made Easy Business or on-premise account
– The Storage Made Easy web collaborations links plug-in available from the SME Cloud Tools Page.

We will be using a Storage Made Easy SaaS business Account to demonstrate this functionality.

First we simply add the Collaboration links plugin to our web browser. In this case it is Safari but Chrome and Firefox are also supported.

Once logged in all the folders from the various private and public cloud repositories are available to capture / bookmark links.

Once you find a page you want to add to your team repository you can use the Collaboration Links plugin to capture it.

In our case this in iOS 7 page on multi-tasking that the iOS Dev team would be interested in.

If we log directly into the Cloud File Server from the web (or any of the mobile tools or desktop clients) I see the link I just shared in my team folder. Any team member can launch the link or visit the site by double clicking on the link. I can also choose to collaborate on it with other team members by adding comments.

These comments are shown on all devices and the team users who have permissions to the folder/file receive an email notification that there is a comment for review:

As usual with StorageMadeEasy all the events related to the file are audit tracked:

To summarise this post has shown how it is possible to collaborate on web links / bookmarks in a way that centralises collaboration with the alternative often pinging the link over email and any subsequent comments between team members delivered the same way. In the SME as well as centralising the collaboration the comments and interactions are indexed and therefore appear in search results and also the link itself becomes part of the corporate repository.

March 10, 2014June 29, 2018

SFTP access to Cloud Storage

Storage Made Easy® have now made live a new SFTP protocol adaptor. SFTP is one of the two primary technologies for secure FTP networking, the other being FTPS, which Storage Made Easy already supports (along with FTP, WebDav, Secure WebDav and S3).

The primary reason we investigated implementing SFTP is due to a government POC in which access was required to secure AWSGov Cloud files from medical terminals. This was the primary requirement, but because Storage Made Easy works with almost any back-end Cloud. once added, it can be used as protocol gateway for any cloud mapped to an account, note that the Port is 2200

Below is an example of using the SFTP protocol to access a Storage Made Easy account using Transmit (a Mac App).

Once connected, all data and mapped clouds are accessible.

Access can also be done directly from the command line.

Once connected we can do an ‘ls’ to get a file listing and the view of the files is similar to our earlier UI view.

To find out more about the SME protocol gateway feature that is part of the File Fabric solution please check out the below video.

SFTP Cloud files Access is available for Files Fabric Enterprise, IaaS, UK Government G-Cloud, or SaaS (business plan only) solutions.

SaaS access to SFTP (for business plan users) can be achieved using the following URL’s:

US
sftp.storagemadeeasy.com

EU
sftpeu.storagemadeeasy.com

January 6, 2014January 21, 2014

5 ways uncontrolled file sharing can hurt your business

1. Unknown sensitive company information leaked

Not knowing what potentially sensitive company information is being shared can have a big effect on your Company. Sharing sensitive product designs, customer information, financial information etc can have a direct negative effect that may not be seen but will be felt.

Storage Made Easy provides policies that operate above all private and cloud data and enables policies to be set that incorporate time expiry and password protections inclusive of audit tracking and GEO location restrictions.

2. Data Breach

There is an increasing amount of privacy legislation that a company has to adhere to, such as HIPPA, FIPS, European privacy legislation. Not controlling the flow of information can result in severe financial penalties, or worse, jail.

3. Sensitive data on non company data services

The rise of Bring your Own Cloud within companies can result in corporate data being stored on unsecure services that can be breached and are outside of the control of corporate IT.

With Storage Made Easy on-site Cloud Control Appliance companies have a universal policy control gateway which can be used to control access to Bring your Own Cloud environment such as DropBox. This includes browser, mobile or API access to such services. This gives enterprises a single platform to securely manage and protect file sharing by centrally enforcing corporate policy on Bring Your Own Cloud data flows.

4. Slow Network / Reduced Quality of Service

Users tend to share files in companies. Once the file is shared it can be forward by the recipient anywhere. This touches upon point 1 of uncontrolled file sharing. Users should be sharing links not files so they can be tracked and controlled. There is another benefit of this which is to do with the network congestion that occurs inside of companies and this network congestion.

Lots of people sharing similar large files can lead to network congestion inside of a company which can not only be costly to productivity, it can be costly to the company as more bandwidth is consumed. Link Sharing shifts the bandwidth for the file download to the remote user.

Storage Made Easy provides add-in’s for Microsoft Outlook and Mac Mail that promote such links sharing inside of enterprises.

5. Copyright infringement

It is not unusual for users inside of companies to use their corporate emails to share digital music and digital books with friends. This not only exposes the user to copyright infringement it also exposes the company and with no control it is silent threat that explode at any time.

The key take-away is that uncontrolled file sharing can be bad for business and companies should give serious to consideration to how the promote governed file sharing that does not just work on one data cloud but works against all public / private data clouds that is in use at a company.

December 31, 2013

Cloud Storage predictions for 2014

THE YEAR IN REVIEW

It has been some year in the world of Cloud and Cloud Storage in particular. We witnessed the demise of Nirvanix, as well as the revelations of Edward Snowdon outlining the surveillance of the PRISM surveillance program and the alleged collusion with major US Service providers

Amidst all of this the behemouth that is Amazon continued to move forwards apace and continuing to add new services and reduce pricing.

There has been space in the market for new vendors such as Dump Truck, which launched almost exactly 1 year ago, and Copy, both of which predominantly offer services aimed at the consumer market. Many new Enterprise cloud storage services were launched in 2013 such as Verizon, EMC, Colt Telecom, Lenovo showing that vendors anticipate a huge enterprise demand for cloud related services from their incumbent customers.

The OpenStack open source cloud platform continued to go from strength to strength with vendors, such as RedHat offering new OpenStack related products and aiming for OpenStack dominance.

Meanwhile Amazon S3 continued to be the de facto storage API for developers and storage product compatibility, something we predicted over 3 years ago when we added the S3 API to the SME platform.

Another interesting recent development in 2013 was SugarSync announcing plans to stop offering free accounts and close all existing ones. A pretty big step that upset a lot of (free) customers.

CLOUD STORAGE PREDICTIONS FOR 2014

1. Following on the from the round-up of 2013 above and the latter entry on SugarSync, it is likely we will see other services shutting down their free storage offerings. The key lesson here is that free is not free for ever it seems.

2. Expect to see a DropBox and Box IPO in 2014.

3. Due to the PRISM and NSA debacle we expect to see more non US companies wanting to stop their data from being hosted in the US.

4. Security has become the number one concern for companies when dealing with data. Expect more file sharing vendors to follow SME’s lead and try and retrofit logging / auditing / enhanced security in their product offerings.

5. Expect more companies to want remote data to be encrypted with keys they control. This will become part of a companies security playbook for 2014. (see our prior blog post for how SME does this).

6. 2014 will see companies want more from their Storage solutions – how do they solve their businesses problems, how do they fit in with corporate governance and help implement common policies ?

7. Big Data will continue to dominate hype cycles for storage vendors and expect to see a slew of new products.

In the meantime all that is left to wish you all a Happy New Year !

November 4, 2013

Everything is a Storage Cloud now – the commoditization of Storage into Apps

One of the more interesting trends of the recent developments in Cloud Computing is how we define “What is a storage cloud” . This used to be easy – it was an FTP or a WebDav Server. Even 3 or 4 years ago this was still relatively easy, it was DropBox, or SugarSync or Box etc. Now however, the lines are becoming a little blurry. We are seeing many application services offering the ability to store documents.

For example BaseCamp, the project management service lets you store files as do other project collaboration services, however I doubt any of these services would like to be categorized as “storage”.

SalesForce is another good example. It’s a CRM service right ? Well, yes but it can also be used to store files and in fact it is promoting this ability as a “first class feature” from what was called Chatter but which has now been rebranded to SalesForce Files.

The list of examples are endless Jive, Yammer, Evernote, a plethora of services that offer file storage specific to the use case they satisfy within a company.

Dedicated Applications of this nature provide file storage as a bi-product of their service and for many companies, large and small, policing this sprawl of data is challenging enough without employes doing their own thing with Bring Your Own Cloud.

We believe that this trend will continue to accelerate apace and it is why we at Storage Made Easy have been concentrating on “joining up” these different data stores and providing unification, management and control across what are effectively many independent silos of Applications and Data. The more cloud services that offer ways to Interact with and store files the worse the sprawl gets.

In fact this “joining up” of data sprawl and the reason it is important to get right, and the results of ignoring it, will be a feature of our very next blog post.

September 14, 2013September 14, 2013

Service interruption on United States server cluster

Date: 14/09/2013
Time: 8PM UTC
The United States server cluster is currently experiencing intermittent service interruption which is currently being investigated. We will update when this has been resolved.

Updated: 8.45 UTC

US Service interruptions should now be resolved. The issue was a large scale DDOS attack which for a short period of time saturated the link into the Atlanta GNAX data centre.

April 26, 2013April 26, 2013

US Site currently experiencing issues

The upstream traffic link is currently having problems and causing issues with access to our US Site. We’ll advise when resolved.

The issue now seems resolved – seems it was a massive upstream DDOS attack.

April 23, 2013April 23, 2013

The Top 5 things to Consider for Business File Sharing

File Sharing is a key part of a companies ability to collaborate and share corporate data, which increasingly can be stored in many disparate services. The purpose of this post is to offer suggestion businesses should consider for their corporate file sharing strategy:

Many business just let employees share files with no control and no checks. This needs a policy. This is the businesses core asset and it needs to be protected and secure. Also, compliance and legislation of data is increasingly becoming important. The business needs to ensure it does not get caught in a compliance trap.

Point 1: Implement a control mechanism for your users. For example Storage Made Easy enables users to share files using links that can be password protected and in which the link can be set to expire. This protects against the user forwarding file. The file link can be set to expire on first download for example or set to download after 24 hours (or any other specified time period). If the file is password protected, even if the file is forwarded by the recipient then the file cannot be accessed unless the password is provided. A control mechanism promotes best practice security management of files and reduces operational risk.

Point 2: Point Solution or not ? Consider whether your strategy should be a point solution or whether it works with your existing data sets. Many vendors may purport to promote managed secure file sharing but often you find you have to move your data to their Cloud to have the solution work for you. Storage Made Easy works with private on-premise data, public cloud data such as DropBox, SkyDrive, Box etc and also with SaaS services such as BaseCamp. This promotes a ‘joined up’ strategy for company file sharing.

Point 3: Integrates with what you have ? Consider whether the solution works how you work so that it does not get in the way of business or productivity. For example Storage Made Easy integrates directly in the desktop as a network drive with simple right click options to share files. This behaviour supports Windows, Mac and Linux. Also integration has been done with other core business productivity tools such as Microsoft Outlook and Mac Mail to promote easy secure file sharing using links directly from the corporate mail client. Similar integrations exists for core productivity tools such as Microsoft Office and Open Office or Libre Office.

Point 4: Compliance, Compliance Compliance – Compliance is fast catching up with all verticals when it comes to storing and accessing corporate files off site. There is specific industry legislation related to this, such as HIPPA in healthcare and FERPA in education, but there are various legislation proposals being processed at various levels in the USA and EU and it is a safe bet that the ability to track historic file events will become more of a requirement not less of a one. Also for companies, the ability to search against historic file sharing or data access should be just part of an overall joined up corporate security policy.

Point 5: On-Premise, Hybrid or Cloud ? The last point is to do with implementation. You should be able to decide how you manage data or metadata associated with storing files and sharing files. This can be behind the corporate firewall, totally on Cloud., or some combination of both. The key word here is choice.

April 9, 2013April 11, 2013

Using Storage Made Easy With BoxCryptor On iOS to securely encrypt files on device

BoxCryptor provides a virtual hard disk that encrypts files within a storage account using using 256-bit AES encryption. BoxCryptor encrypts individual files, not an entire volume or container.

BoxCryptor encrypts and decrypts files locally, and it doesn’t transmit passwords to third parties. As a result files remain unreadable to outsiders even if hackers manage to steal passwords as they need to also break the file encryption.

How is this different to SME provided encryption? SME provides streamed encryption which occurs over the https protocol. Users choose a private key to encrypt files on upload to their underlying cloud and SME does not store this key on the SME platform.

Like BoxCryptor Storage Made Easy also uses AES-256 encryption. We use the Rijndael cipher, with Cipher Block Chaining (CBC) where the block size is 16 bytes..

Storage Made Easy also provides a file decryption tool that is available for Mac, Windows and Linux for local decryption of files downloaded direct from a Storage provider rather than via SME tool or client.

BoxCryptor recently updated their iOS App and although the App supports several storage clouds, as SME supports 35+ storage clouds and provides access into them using WebDav, BoxCryptor can be used in conjunction with SME to create and access encrypted folders with files on any cloud SME supports.

The pictorial walkthrough below shows how to achieve this.

BoxCryptor also supports Mac and Windows and can be used with SME Webdav or the Cloud Drive Apps. There is also a BoxCryptor Android App which can also similarly used with SME WebDav.