GDPR Watch – Auditing Data Access

To satisfy the GDPR companies will need to track who had access to personal data, when, and why.

Access is controlled by Identity Management authorisations and access control, but the actual access to the data should be logged. Automatic Audit logging tracks user activities for any and all file events and enables extranal audit and/or subject access requests to be satisfied easily and effectively.

Continue reading “GDPR Watch – Auditing Data Access”

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to discover PII Data on any local or remote Storage

A number of compliance standards hinge on identifying and protecting Personal Information.  This Personal Information can take many forms including Personal Health Information (PHI), Personally Identifiable Information (PII), and Sensitive Personal Information (SPI).

The General Data Protection Regulation (GDPR) is the newest compliance standard sweeping the industry.  However existing compliance standards such as HIPPA , GLBA and FERPA all require strict controls of personal data. Fines for violating compliance skyrocket with GDPR, so how should Enterprises find and classify existing PII data?

Introducing the PII Scanning and Detection engine for the Enterprise File Fabric…

Continue reading “How to discover PII Data on any local or remote Storage”

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to use the AWS CLI with almost any Storage

  The Amazon S3 API has become the de-facto standard for object storage API access.  As such, many software products adopt the S3 API first.  The Storage Made Easy File Fabric provides an S3 compatible API endpoint for any storage backend.  This means that non-S3 storage providers such as Dropbox, Azure, Google Drive, OneDrive, Sharepoint and others can now be accessed via the S3 API.

The Amazon Web Services (AWS) Command Line Interface (CLI) is a command line tool for accessing AWS compatible services.  AWS CLI is one of the most feature rich S3 tools publicly available (Free!!!) .

This article will outline the setup AWS CLI with the SME File Fabric and non-S3 compatible storage providers.

Continue reading “How to use the AWS CLI with almost any Storage”

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

The Storage Made Easy® Enterprise File Fabric™ has been updated with a focus on Compliance, Protection and Collaboration

Multi-Cloud is a term that is in vogue now, but Storage Made Easy were one of the very original multi-cloud companies. We have always had a focus on unification of data assets whether on-cloud or on-premise and whether in-storage on in-app.

Having a unified approach to data provides the means in which companies can apply collaboration across data assets in addition to setting common policy for data governance and control to satisfy every increasingly robust compliance regimes.

Today is an exciting day as we announce the General Availability of the next generation of Storage Made Easy’s Enterprise File Fabric application.

Continue reading “The Storage Made Easy® Enterprise File Fabric™ has been updated with a focus on Compliance, Protection and Collaboration”

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Deep Dive on Auto-Provisioning Active Directory or LDAP Users with a Swift Container

The below video is a deep dive on how to setup Active Directory / LDAP for seamless integration from the Storage Made Easy Enterprise File Share and Sync with a Swift Container.

The deep dive is done against a SwiftStack cluster and it also demonstrate how, as part of the auto-provisioning, data retention and versioning policies can be set to handle corporate data compliance rules.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

The Top 5 things to Consider for Business File Sharing

20130309-165632.jpgFile Sharing is a key part of a companies ability to collaborate and share corporate data, which increasingly can be stored in many disparate services. The purpose of this post is to offer suggestion businesses should consider for their corporate file sharing strategy:

Many business just let employees share files with no control and no checks. This needs a policy. This is the businesses core asset and it needs to be protected and secure. Also, compliance and legislation of data is increasingly becoming important. The business needs to ensure it does not get caught in a compliance trap.

Point 1: Implement a control mechanism for your users. For example Storage Made Easy enables users to share files using links that can be password protected and in which the link can be set to expire. This protects against the user forwarding file. The file link can be set to expire on first download for example or set to download after 24 hours (or any other specified time period). If the file is password protected, even if the file is forwarded by the recipient then the file cannot be accessed unless the password is provided. A control mechanism promotes best practice security management of files and reduces operational risk.

Point 2: Point Solution or not ? Consider whether your strategy should be a point solution or whether it works with your existing data sets. Many vendors may purport to promote managed secure file sharing but often you find you have to move your data to their Cloud to have the solution work for you. Storage Made Easy works with private on-premise data, public cloud data such as DropBox, SkyDrive, Box etc and also with SaaS services such as BaseCamp. This promotes a ‘joined up’ strategy for company file sharing.

Point 3: Integrates with what you have ? Consider whether the solution works how you work so that it does not get in the way of business or productivity. For example Storage Made Easy integrates directly in the desktop as a network drive with simple right click options to share files. This behaviour supports Windows, Mac and Linux.  Also integration has been done with other core business productivity tools such as Microsoft Outlook and Mac Mail to promote easy secure file sharing using links directly from the corporate mail client. Similar integrations exists for core productivity tools such as Microsoft Office and Open Office or Libre Office.

Point 4: Compliance, Compliance Compliance – Compliance is fast catching up with all verticals when it comes to storing and accessing corporate files off site. There is specific industry legislation related to this, such as HIPPA in healthcare and FERPA in education, but  there are various legislation proposals being processed at various levels in the USA and EU and it is a safe bet that  the ability to track historic file events will become more of a requirement not less of a one. Also for companies, the ability to search against historic file sharing or data access should be just part of an overall joined up corporate security policy.

Point 5: On-Premise, Hybrid or Cloud ? The last point is to do with implementation. You should be able to decide how you manage data or metadata associated with storing files and sharing files. This can be behind the corporate firewall, totally on Cloud., or some combination of both. The key word here is choice.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather