Hi, I’m James, a Senior Developer at Storage Made Easy. As a developer, I often look for ways to reduce coupling in the tools and technologies that we use, and I see this from the low level code that we write, to the higher-level architectural choices we make.
For those who use the Enterprise File Share and Sync service from Storage Made Easy they will know that as part of the Windows and Mac desktop tools that are provided that there is a n email toolbar integration into Mac Mail and Microsoft Outlook that enables users to securely share file links rather than file attachments.
This support for secure email link sharing has now been extended for Chrome users using Gmail using the Storage Made Easy Gmail Plugin available from the Chrome web store.
Once added this provides a new toolbar entry when composing Gmail’s on Chrome:
Once selected this prompts the user to log into their SME Account, if SaaS, or the user can set their custom endpoint if using the SME On-Site Enterprise File Share and Sync solution:
Once logged in the user is presented with their mapped clouds:
From here files can be shared as links can be shared from any of the mapped cloud directories:
If a cloud governance file policy has been set by the Cloud Administrator for the team account then the details here will be pre-populated otherwise options can be chosen prior to link generation. After this when share is clicked, the link is added to the email:
When the link is shared, if Auditing is turned on within the SME Account, then the link generation will be recorded in the Audit log and once the remote user opens the link the remote IP address will also be recorded.
**Note: only team and on-premise accounts provide the Audit features
Today we have upgraded the Storage Made Easy Web Cloud File Manager.
The Storage Made Easy Web File Manager is different to a lot of file managers that you see today as it is hierarchical in nature and resembles a true file tree (akin to windows explorer). It’s hierarchical nature enables it to easily work with and manoeuvre around large data sets.
Over the years we have had a lot of feedback from companies and users about how they would like to see the File Manager work and what features they would like and we’ve used this feedback to make improvements, which are outlined below:
Large Layout in inline Mode
The File Manager layout is now larger in inline mode taking more advantage of the screen space.
The File Manager has been optimised for iPad / Tablet
A number of optimizations where done for working with the desktop Cloud File Manager on a tablet. The first is that it opens in full screen mode when being used on such devices. The second is that there are optimizations that make it easier to use such as being easily to widen / constrict the view on each pane. Also interactions have been optimized to work with touch events. The selection of files has also been made easier with checkbox selection options (these selection options are also available when using the FM from a PC).
Easier File Selection
A lot of feedback has been made to us about making file selection easier. To that end we have made it easier to select files by using a checkbox paradigm. Check boxes appear so that a file can be selected when the mouse is placed at the left hand side of a file.
Image thumbnails can now be previewed as the File Manager is browsed.
The File Manager now contains help guides showing how to action the most common functions such as copy/paste:
Default PDF Viewer is now native
The default PDF viewer is now a native viewer rather than Google Viewer (although Google Viewer can still be used and be setup to be the default). This means the viewer sandboxes any data viewed in this way just to the SME service.
New Themes / Custom Themes
There are two new large themes for the File Manager a blue theme and a normal theme. The existing themes have been rename to “tiny”. Also now, for Appliance users, custom themes can be created. This will be available in the next Appliance version.
The File timestamp to be used can now be selected
As SME is an abstraction between the remote cloud it works with more than one timestamp. Firstly it has its own concept of time, based on UTC, as to when a timestamp was modified through the SME service. Next it handles what the timestamp shows on the remote cloud service, and lastly it can show the local file time of a file uploaded to a remote service via SME (this may be different to the remote cloud time as some cloud services ignore the local file time and simply timestamp the file at the time it was uploaded to their service). Although all three are handled the user can now set which they want shown by default.
Edit on Hover
When hovering on a file, certain options are displayed for easy access. This has been enhanced so that files that can be edited, such as documents, text files etc can be edited by clicking the edit icon on hover.
Comments view is now collaborative / real time
When working in full file / comments view, if another user is also reviewing the same file and making comments then the comments will appear in real-time like an instant message
The File Manager now features an inline folder search (rather than having to move out to the tabbed search). This is a quick search mechanism to search for files in folders and sub folders.
Favourites and Quick Upload placed at top of file tree
Favourites and Quick uploads have been placed at the top of the file tree for easy access. These can also be configured to be hidden.
New way to copy / move files
Copy and Move can still be done by selecting files and drag and drop but now there are buttons and a wizard to make copy and moving files between folders or cloud services even easier.
There are also other numerous small changes and bug fixes but this post highlights the main functional changes.
We have introduced a new feature into the Storage Made Easy platform which enables cloud users to share external folders to other users who will not need a SME Account to gain access to those folders. The feature enables the creation of a secure shared link that is password protected and can be time expired.
The video below shows the feature in action.
Midnight Commander is probably the most popular command line file manager in the world, and certainly for Linux distros. Its design was initially inspired by the classic two pane interface that was found in Norton Commander which was a DOS file manager (for those who remember !).
One of the unsung features of the Midnight Commander (also available on other platforms including phones (I used to use this on my old Nokia N900) and windows and mac) is that it can connect to server over FTP.
This is interesting from a Storage Made Easy viewpoint as although SME providers a full suite of Linux tools, SME also provider protocol interoperability as part of its Cloud Gateway features. What is this I hear you ask ? Well, simply put, it enables files you have stored on public or private storage to be accessible over any of the protocols Storage Made Easy exposes ie FTP, FTPS, WebDav, S3, SFTP.
Midnight Commander supports the FTP protocol which makes it easy to get direct access to any storage that is added to a SME Account using the SME FTP cloud protocol adaptor. To do this:
Choose the Left or Right option
Choose FTP link
Enter connection to SME as follows:
or if you are using the SME EU Server:
The net result is a very easy way to bring the cloud into the linux desktop integrated with tools you already know and use. This can be used with the SME Personal CLoud plan, Business Team, and on-site enterprise editions of the product.
Storage Made Easy have now made live a new SFTP protocol adaptor. SFTP is one of the two primary technologies for secure FTP networking, the other being FTPS, which Storage Made Easy already supports (along with FTP, WebDav, Secure WebDav and S3).
The primary reason we investigated implementing SFTP is due to a government POC in which access was required to secure AWSGov Cloud files from medical terminals. This was the primary requirement, but because Storage Made Easy works with almost any back-end Cloud. once added, it can be used as protocol gateway for any cloud mapped to an account, note that the Port is 2200
Below is an example of using the SFTP protocol to access a Storage Made Easy account using Transmit (a Mac App).
Once connected, all data and mapped clouds are accessible.
Access can also be done directly from the command line.
Once connected we can do an ‘ls’ to get a file listing and the view of the files is similar to our earlier UI view.
To find out more about the SME protocol gateway feature that is part of the SME solution please check out the below video.
SaaS access to FTP (for business plan users) can be achieved using the following URL’s:
WebDav is an acronym for Web Distributed Authoring and Versioning and can also be referred to as just plain old DAV.
WebDav is an extension of the HTTP protocol that was originally designed by Jim Whitehead from the University of California at Santa Cruz in 1996 when he was working at the World Wide Web consortium and it later became an Internet Engineering Task Force (IETF) standard.
WebDav was built as an interoperable standard to support remote collaborative authoring of Web sites and individual documents, as well as remote access to document based systems.
Today it It is the most popular network file-system protocol for use across the Internet, and although it has been integrated as a interoperable layer into many existing product implementations it is also notably missing as an interoperable API standard from many, such as DropBox, Google Drive, Amazon S3 and more.
The Storage Made Easy WebDav Gateway
SME provide a way to access any mapped cloud by secure WebDav irrespective of whether the underlying Cloud Supports the WebDav protocol natively. As WebDav is so well supported in many desktop and mobile Apps this means that Cloud Data can easily be integrated and accessible without having to move it to access the features of a particular Application that is WebDav enabled.
Connecting to WebDav Servers and Windows Shares
SME can also be configured to connect to servers that support the WebDav protocol. This use of WebDav from a SME perspective is using WebDav as a back end cloud to store data rather than exposing existing clouds to be accessible using the WebDav protocol.
Many existing NAS or SAN devices such as those as the NetGear ReadyNAS and the Synology devices range already provide WebDav as an access protocol to access data. Also existing web servers such as Apache can also be configured to use WebDav using the Mod Dav extension.
Many users of SME want to expose windows file shares and make them directly available through the SME service to all devices. The most appropriate and secure way to do this is not to expose such shares directly but to configure Microsoft Internet Information Server to expose these shares over WebDav.
Advantages of WebDav for Windows File Sharing
This has the following advantages:
Seamless integration with the IIS Manager
A secondary protocol provides a security DMZ with regards to direct access to windows shares
IIS WebDAV can be enabled at the site level, allowing IT administrators to restrict WebDAV access to specific sites on a server.
IIS WebDAV supports per-URL authoring rules, allowing administrators to specify custom WebDAV security settings on a per-URL basis. This fine-grained control gives administrators the ability to maintain one set of security settings for normal HTTP requests and a separate set of security settings for WebDAV.
IIS WebDAV supports both shared and exclusive locks to prevent lost updates due to overwrites
WebDAV supports secure connection as well. By enabling HTTPS over all WebDAV connections, security is fortified. SSL certificates can also be installed to increases security measures
Why WebDav as a Cloud Connector ?
WebDAV is an optimized protocol for document access over http. It is proven as being latency independent and is efficient over wide area networks especially in contrast to file protocols such as NFS and CIFS.
Using secure WebDAV ensures the data is encrypted during transmission and due to the optimizations that data is stored efficiently and quickly .
Why Not The Common Internet File System (CIFS)
CIFS is the standard way that windows users share files across corporate intranets and the Internet with a secure VPN connection.
To expose such shares directly to the internet or to other none windows PC’s it is needed to use a bridging technology. Samba is often used as such as technology. With Samba, the ports 139/tcp and 445/tcp are exposed over a public IP Address. Once this is done such shares are accessible.
The drawbacks of this are:
– The CIFS protocol used by Windows file sharing does not provide data encryption
The protocol itself is quite chatty.
No level of security indirection
CIFS is is an optimized protocol for access to data over a network that has been extended by VPN and has been used in this context by many companies for a long time. The disadvantage of this is that all devices have to support , be setup, and work with the VPN. preventing access by some devices and Apps and making Adhoc ‘on the fly’ access difficult.
Securing WebDav Servers
It is beyond the scope of this blog post to go into great detail on the steps required to secure WebDav servers but Microsoft has a very good guide on how to secure the IIS WebDav Service. This can be accessed at:
In addition to this you should note the following best practices:
Folder Permissions: Use non-anonymous authentication. Modify the NTFS permissions on the folder to only allow the access necessary to the users who require such access
Prevent File Execution: If you are only using WebDAV as a file store and not using it to display web pages, then execute permissions should be removed from that site or folder.
Apache WebDav servers can be configured to use LDAP authentication and also two factor authentication and any deployments should consider implementing these.