This post is the first in a new series of posts focusing on the forthcoming General Data Protection Regulations (GDPR) and specifically focuses on data encryption.
A number of compliance standards hinge on identifying and protecting Personal Information. This Personal Information can take many forms including Personal Health Information (PHI), Personally Identifiable Information (PII), and Sensitive Personal Information (SPI).
The General Data Protection Regulation (GDPR), coming into effect May of 2018, is the newest compliance standard sweeping the industry. However existing compliance standards such as HIPPA , GLBA and FERPA all require strict controls of personal data. Fines for violating compliance skyrocket with GDPR, so how should Enterprises find and classify existing PII data?
Introducing the PII Scanning and Detection engine for the Enterprise File Fabric…
The Amazon S3 API has become the de-facto standard for object storage API access. As such, many software products adopt the S3 API first. The Storage Made Easy File Fabric provides an S3 compatible API endpoint for any storage backend. This means that non-S3 storage providers such as Dropbox, Azure, Google Drive, OneDrive, Sharepoint and others can now be accessed via the S3 API.
The Amazon Web Services (AWS) Command Line Interface (CLI) is a command line tool for accessing AWS compatible services. AWS CLI is one of the most feature rich S3 tools publicly available (Free!!!) .
This article will outline the setup AWS CLI with the SME File Fabric and non-S3 compatible storage providers.
Multi-Cloud is a term that is in vogue now, but Storage Made Easy were one of the very original multi-cloud companies. We have always had a focus on unification of data assets whether on-cloud or on-premise and whether in-storage on in-app.
Having a unified approach to data provides the means in which companies can apply collaboration across data assets in addition to setting common policy for data governance and control to satisfy every increasingly robust compliance regimes.
Today is an exciting day as we announce the General Availability of the next generation of Storage Made Easy’s enterprise File Fabric™ application.
The below video is a deep dive on how to setup Active Directory / LDAP for seamless integration from the Storage Made Easy Enterprise File Share and Sync with a Swift Container.
The deep dive is done against a SwiftStack cluster and it also demonstrate how, as part of the auto-provisioning, data retention and versioning policies can be set to handle corporate data compliance rules.
File Sharing is a key part of a companies ability to collaborate and share corporate data, which increasingly can be stored in many disparate services. The purpose of this post is to offer suggestion businesses should consider for their corporate file sharing strategy:
Many business just let employees share files with no control and no checks. This needs a policy. This is the businesses core asset and it needs to be protected and secure. Also, compliance and legislation of data is increasingly becoming important. The business needs to ensure it does not get caught in a compliance trap.
Point 1: Implement a control mechanism for your users. For example Storage Made Easy enables users to share files using links that can be password protected and in which the link can be set to expire. This protects against the user forwarding file. The file link can be set to expire on first download for example or set to download after 24 hours (or any other specified time period). If the file is password protected, even if the file is forwarded by the recipient then the file cannot be accessed unless the password is provided. A control mechanism promotes best practice security management of files and reduces operational risk.
Point 2: Point Solution or not ? Consider whether your strategy should be a point solution or whether it works with your existing data sets. Many vendors may purport to promote managed secure file sharing but often you find you have to move your data to their Cloud to have the solution work for you. Storage Made Easy works with private on-premise data, public cloud data such as DropBox, SkyDrive, Box etc and also with SaaS services such as BaseCamp. This promotes a ‘joined up’ strategy for company file sharing.
Point 3: Integrates with what you have ? Consider whether the solution works how you work so that it does not get in the way of business or productivity. For example Storage Made Easy integrates directly in the desktop as a network drive with simple right click options to share files. This behaviour supports Windows, Mac and Linux. Also integration has been done with other core business productivity tools such as Microsoft Outlook and Mac Mail to promote easy secure file sharing using links directly from the corporate mail client. Similar integrations exists for core productivity tools such as Microsoft Office and Open Office or Libre Office.
Point 4: Compliance, Compliance Compliance – Compliance is fast catching up with all verticals when it comes to storing and accessing corporate files off site. There is specific industry legislation related to this, such as HIPPA in healthcare and FERPA in education, but there are various legislation proposals being processed at various levels in the USA and EU and it is a safe bet that the ability to track historic file events will become more of a requirement not less of a one. Also for companies, the ability to search against historic file sharing or data access should be just part of an overall joined up corporate security policy.
Point 5: On-Premise, Hybrid or Cloud ? The last point is to do with implementation. You should be able to decide how you manage data or metadata associated with storing files and sharing files. This can be behind the corporate firewall, totally on Cloud., or some combination of both. The key word here is choice.
Now that 2012 has drawn to a close and we are in mid January we thought it would be useful to reflect on what we have seen through our own business as trends and pointers, look at some of the things we have done over the course of the last year and finish by looking at what Storage Made Easy brings into 2013.
A key trend for our business was a switch from online personal and SMB clients to more direct channel and corporate clients using our hybrid Appliance. The work we are doing with Huddle on the channel side and Xtime and Finser on the direct side are great examples of this trend. From July our business moved from a model of online Personal / SMB SaaS to Direct Corporate / Channel sales utilising our hybrid on-premise cloud appliance. Pre July the revenue split was 90:10 online SaaS and today the model is 10:90 weighted towards the direct business/channel revenue stream. We see this as a key indication that :
a. Larger companies want to ‘own’ their own data and are focused on making their storage integrate with what they already have such as their existing identity management systems (in many case Active Directory) and existing structured data systems.
b. Companies want to stop staff using un-authorised services and have come to the conclusion that they need to put structures in place to not only prevent this but to offer an alternative.
b. Companies are focused on the data legislation and governance of structured data so that they can track all file events, a mandatory requirement for certain verticals, such as government and healthcare for example.
c. The ability to search across disparate data sets easily and also on the move is becoming more and more important for companies as they try to make productive use of their core corporate asset, their data !
Our Focus for 2013:
Our Focus for 2013 is going to be as follows:
1. Simplifying our pricing proposition. The result of this will be visible over the next few weeks. We have tried to be as flexible as possible with what we provide to users but we find that this can result in users being paralysed by the paradox of choice so we will be making these much easier to understand.
2. Concentrating on formally launching our on-premise cloud Appliance. Having done a limited release launch in 2012, we will be shortly making available the ability to download the Appliance direct from our site.We have spent a fair bit of time re-designing the installation procedure with regards to networking, https keys etc, to make it easy to install and get going. Below is an overview of the Architecture of the SME Appliance.
3. Enabling easy IaaS deployments so that users and companies can easily deploy their own personal or company cloud onto IaaS infrastructures. We already do this for Linode but we will be expanding this to Amazon EC2 (and maybe one other provider we cannot discuss yet) and making the whole process an easier click through process.
We had a great growth year in 2012 and we look forward to continuing that in 2013.