Storage Made Easy recommends all traffic to be secured with encryption, as a matter of fact, by default we enforce the user of HTTPS communication. That said the software ships with self-signed certificates, to get you started, and when you first connect you will be greeted by an Invalid Certificate message in most browsers as self-signed is fine for pre-production, setup and testing but real certificates need to be added for production. In this post I will show you how to setup a free of charge, trusted certificate with our product. Let’s Encrypt is the name of the Certificate Authority we will be using, who provide free SSL certificates for 90 days.
Storage Made Easy recently rolled out an enhancement to its enterprise-grade security features by updating and enhancing its Two Factor authentication. This enhanced capability now works across all desktop and mobile applications.
For Personal Cloud Accounts the Two Factor Authentication can be switched on from the Cloud DashBoard. For Team Accounts the Admin user can force the use of Two Factor Authentication from the Security Options tab:
Two Factor options Supported are:
- Two Factor phrase delivery by email
- A preset phrase that needs to be entered
- Google Authenticator
Read more at About Let’s Encrypt
Storage Made Easy recommends all traffic to be secured with encryption, as a matter of fact, by default we enforce the user of HTTPS communication. That said the software ships with self-signed certificates, to get you started, and when you first connect you will be greeted by an Invalid Certificate message in most browsers as self-signed is fine for pre-production, setup and testing but real certificates need to be added for production. In this post I will show you how to setup a free of charge, trusted certificate with our product.
In part 1, we set up the SME appliance with a Microsoft DFS Storage Provider. Today we will continue the setup, enabling AD user authentication, corporate shares, department shares, and home directories for each user.
This article assumes you followed along in Part 1 and met the prerequisites there, in addition you’ll need a few more shares configured on your fileserver, and a few users and groups configured in Active Directory.
This blog post is a technical post outlining the steps needed to deploy the Storage Made Easy Cloud Control Gateway and Enterprise File Share and Sync solution on the Azure IaaS compute infrastructure.
Storage Made Easy provides a private enterprise file share and sync solution that can not only be used with Azure Blob Storage Data but which can also be used as a cloud security point to secure other storage points or sync and share solutions, such as Office365 and SharePoint. We call this Cloud Control and you can read more about it here.
As the Cloud permeates all aspects of business enterprises in particular are waking up to the cost benefits that Cloud can bring, from outsourced pay-as-you-go applications to cheaper and easier archival, to storage of non sensitive documents and data.
An often repeated truth is that Enterprises have 3 of everything. When I worked in the Middleware space it was not unusual to see one department using IBM WebSphere, another using WebLogic and yet another experimenting with JBoss. The same adage goes for enterprise content management.
In the not to distant past if I brought up Enterprise Content Management then it could be referred that I was only discussing Documentum, Alfresco, SharePoint or some CMIS type product, but in today’s world the term can also apply to documents stored on OneDrive, DropBox, Google Drive, Amazon S3 etc. Throw in CRM’s that store documents such as Salesforce and online project management tools such as BaseCamp and you start to grasp just how many independent content and documents silos that companies have to deal with.
This is bore out by a recent survey by AIIM called “Get more from on-premise ECM”. The highlights of that survey are:
50% of companies already use 3 or more storage solutions (this echoes prior research that SME also undertook.)
40% of companies are investigating cloud
This presents two large challenges to companies:
Accessibility of data – where is it ? which App ? Which data store ?
Governance of data – How do you you universally secure data and set polices across data silos and Apps ?
The Storage Made Easy EFSS Cloud Control Solution was built specifically to address these types of challenges.
Connecting to private and public content stores and Apps that functions as content stores, such as Salesforce, is a facilitator to make accessibility easier as when users search for a document the search is conducted across the content estate, not just in an App silo.
Also SME has an Enterprise connector to Apache Lucene / SOLR to enable deep search of file content from any desktop and any App. This not only increases the accessibility and availability of data, it also immeasurably increases worker productivity.
Governance of data is a thorn in the side of Enterprise IT when it comes to the storing of Cloud data and the NSA snooping scandal and recent celebrity photo hacking has not done anything to help the sensitivity of it. Cloud Governance and Control is firmly in the spotlight of Enterprise IT and more importantly Enterprise Management.
Often what you see from vendors is a “my cloud is better than your cloud” approach to this problem ie. a vendor adds one specific security feature and tries to use this to get companies to move their data or sensitive data to this solution. Alternatively a company can target one facet of Governance and Control, lets say encryption for example, and build their product and service on this one feature only.
The SME solution takes a more holistic approach to provide governance and control across the whole content estate. It does not try and get you to move your data to it (it’s data agnostic and does not store data) and it does not just work as a silo or offer one feature. It provides an integrated sensible approach to corporate content governance and control:
– It integrates with existing Active Directory or LDAP systems to provide a single-sign-on solution for identity management.
– It provides an encryption service to enable remotely stored data to be encrypted and only accessible with authorization.
– It provides secure file sharing and combines this with pre-set business policies. Files can be password protected and time expired and these can be applied as policies. For example you can choose to set a policy that all files have a 24 hour expiration time and which must require a password for sharing.
– It provides a comprehensive audit log of all file events for all content. For remote file shares it tracks the IP address of the remote users accessing the file.
– It provides GEO Locations restrictions to enable restrict or prevent access. For example if you have an outsource accounting company who require access to a particular folder you could restrict their access to being over a certain IP address and only from a web viewer.
– It has built in Bring Your Own Device controls that allow the setting of per user permissions with regards to web, desktop or mobile device access. It also works with Oracle Mobile Security and OpenPeak Sector in the event the company already has these BYOD controls in house.
– It integrates with what you have providing desktop cloud drives, plug in’s for Microsoft Office and Open Office as well as email plug in’s for file sharing.
Content Management, Cloud Governance and Collaboration is only going to get harder, not easier, as companies embrace new data stores and new applications that store data. To facilitate a productive, accessible, controlled experience the control points simply have to be joined up.