Media Focus: Validating Media Asset Integrity

Media AssetsOrganizations working with media assets often have a requirement to validate a file’s integrity.

Whether it is to detect if any corruption has occurred, through to establishing the security of a file transfer or  ensuring that a file is fully formed, the Enterprise File Fabric  is equipped to easily deal with media asset validation integrity.

Continue reading “Media Focus: Validating Media Asset Integrity”

Facebooktwitterredditpinterestlinkedinmailby feather

How do you solve a problem like DropBox ? (aka securing corporate dropbox accounts)

How do you solve a problem like dropbox?

DropBox has been in the press quite a lot lately with regards to passwords breaches and also with surreptitious behaviour with regard to  machine security on Mac. Although DropBox has started to reassure users with ‘how secure we are‘ type information Corporate IT departments will again feel they have cause for concern with regards any internal corporate use of DropBox.

So the key question we are trying here is ‘just do do you solve a problem like Dropbox‘ ? Indeed this is a slightly unfair question in that it is using DropBox to make a point and the reality is we could have picked on one of several cloud storage services as Corporate IT has misgivings with anything Cloud when it relates to files.

Continue reading “How do you solve a problem like DropBox ? (aka securing corporate dropbox accounts)”

Facebooktwitterredditpinterestlinkedinmailby feather

Using Midnight Commander to work with Amazon S3, OpenStack, DropBox, OneDrive and almost any other Cloud

Midnight Commander is probably the most popular command line file manager in the world, and certainly for Linux distros. Its design was initially inspired by the classic two pane interface that was found in Norton Commander which was a DOS file manager (for those who remember !).

One of the unsung features of the Midnight Commander (also available on other platforms including phones (I used to use this on my old Nokia N900) and windows and mac) is that it can connect to server over FTP.

This is interesting from a Storage Made Easy viewpoint as although SME providers a full suite of Linux tools, SME also provider protocol interoperability as part of its Cloud Gateway features. What is this I hear you ask ? Well, simply put, it enables files you have stored on public or private storage to be accessible over any of the protocols Storage Made Easy exposes ie FTP, FTPS, WebDav, S3, SFTP.

SME Protocol Gateway

Midnight Commander supports the FTP protocol which makes it easy to get direct access to any storage that is added to a SME Account using the SME FTP cloud protocol adaptor. To do this:

Choose the Left or Right option
Choose FTP link
Enter connection to SME as follows:

username:password@storagemadeeasy.com

or if you are using the SME EU Server:

username:password@eu.storagemadeeasy.com

Midnight Commander FTP

The net result is a very easy way to bring the cloud into the linux desktop integrated with tools you already know and use. This can be used with the SME Personal CLoud plan, Business Team, and on-site enterprise editions of the product.

Facebooktwitterredditpinterestlinkedinmailby feather

New Folder Sharing feature for team users

We have implemented a new folder sharing feature for Business Cloud / on-site Enterprise File Share and Sync Users. It simply provides the ability to share folders and sub-folders of files with external companies or other users who can receive the link, enter the password and gain access to the files without the need for an SME Account.

The video below shows the feature in action.

Facebooktwitterredditpinterestlinkedinmailby feather

Accessing OpenStack, RackSpace, Google Drive, OneDrive, DropBox + more using Storage Made Easy and Transmit for Mac

If you have come across this post whilst researching how to access other storage clouds from Transmit then have a look at our Getting Started Guide to show you how you can register for a free account and get on with mapping your chosen Storage Cloud to the SME Cloud Gateway. When you are ready you can register for a free account here.

As many of you who use it know, CloudDav, from SME adds a WebDav layer over any Cloud, even if the underlying clouds do not support WebDav. SME does no however allow the native Mac WebDav client to connect direct because the performance of the native Mac WebDav client is notoriously abysmal for those with large amounts of files.

You can however choose to use other Mac clients to connect to the Cloud Providers that you have mapped to the SME Gateway. We highlighted Forklift as such a client in a prior post, and you can also choose to use Transmit from Panic.

Once you have CloudDav enabled you can choose to access your clouds, mapped via the SME Gateway, through Transmit. First choose to connect over WebDav as in the screenshot below:

Transmit DropBox

You can then choose to connect directly inside of Transmit or as a Virtual Drive that will appear in Finder.

Transmit  also has a very nice sync feature that will sync between folder structures. In this way you can sync files with Transmit and SME from different Cloud Storage Providers to your desktop.

Initial view before Sync

The Sync screen after choosing Sync

The Sync Simulation

SME CloudDav is available with every account, even free accounts, although on free accounts it is restricted to 150MB of use per month. The CloudDav protocol Adaptor is just one of the protocol adaptors that SME provides, the others being FTP, SFTP and a compatible S3 API. All protocol adaptors are available in the Storage Made Easy Enterprise edition as part of the Cloud Gateway which the SME Enterprise File Share and Sync is built upon.

Facebooktwitterredditpinterestlinkedinmailby feather

WebDav the interoperable protocol for file and document access

WebDav is an acronym for Web Distributed Authoring and Versioning and can also be referred to as just plain old DAV.

WebDav is an extension of the HTTP protocol that was originally designed by Jim Whitehead from the University of California at Santa Cruz in 1996 when he was working at the World Wide Web consortium and it later became an Internet Engineering Task Force (IETF) standard.

WebDav was built as an interoperable standard to support remote collaborative authoring of Web sites and individual documents, as well as remote access to document based systems.

Today it It is the most popular network file-system protocol for use across the Internet, and although it has been integrated as a interoperable layer into many existing product implementations it is also notably missing as an interoperable API standard from many, such as DropBox, Google Drive, Amazon S3 and more.

The Storage Made Easy WebDav Gateway

SME provide a way to access any mapped cloud by secure WebDav irrespective of whether the underlying Cloud Supports the WebDav protocol natively. As WebDav is so well supported in many desktop and mobile Apps this means that Cloud Data can easily be integrated and accessible without having to move it to access the features of a particular Application that is WebDav enabled.

Connecting to WebDav Servers and Windows Shares

SME can also be configured to connect to servers that support the WebDav protocol. This use of WebDav from a SME perspective is using WebDav as a back end cloud to store data rather than exposing existing clouds to be accessible using the WebDav protocol.

Many existing NAS or SAN devices such as those as the NetGear ReadyNAS and the Synology devices range already provide WebDav as an access protocol to access data. Also existing web servers such as Apache can also be configured to use WebDav using the Mod Dav extension.

Many users of SME want to expose windows file shares and make them directly available through the SME service to all devices. The most appropriate and secure way to do this is not to expose such shares directly but to configure Microsoft Internet Information Server to expose these shares over WebDav.

Advantages of WebDav for Windows File Sharing

This has the following advantages:

Seamless integration with the IIS Manager

A secondary protocol provides a security DMZ with regards to direct access to windows shares

IIS WebDAV can be enabled at the site level, allowing IT administrators to restrict WebDAV access to specific sites on a server.

IIS WebDAV supports per-URL authoring rules, allowing administrators to specify custom WebDAV security settings on a per-URL basis. This fine-grained control gives administrators the ability to maintain one set of security settings for normal HTTP requests and a separate set of security settings for WebDAV.

IIS WebDAV supports both shared and exclusive locks to prevent lost updates due to overwrites

WebDAV supports secure connection as well. By enabling HTTPS over all WebDAV connections, security is fortified. SSL certificates can also be installed to increases security measures

Why WebDav as a Cloud Connector ?

WebDAV is an optimized protocol for document access over http. It is proven as being latency independent and is efficient over wide area networks especially in contrast to file protocols such as NFS and CIFS.

Using secure WebDAV ensures the data is encrypted during transmission and due to the optimizations that data is stored efficiently and quickly .

Why Not The Common Internet File System (CIFS)

CIFS is the standard way that windows users share files across corporate intranets and the Internet with a secure VPN connection.

To expose such shares directly to the internet or to other none windows PC’s it is needed to use a bridging technology. Samba is often used as such as technology. With Samba, the ports 139/tcp and 445/tcp are exposed over a public IP Address. Once this is done such shares are accessible.

The drawbacks of this are:

– The CIFS protocol used by Windows file sharing does not provide data encryption

The protocol itself is quite chatty.

No level of security indirection

CIFS is is an optimized protocol for access to data over a network that has been extended by VPN and has been used in this context by many companies for a long time. The disadvantage of this is that all devices have to support , be setup, and work with the VPN. preventing access by some devices and Apps and making Adhoc ‘on the fly’ access difficult.

Securing WebDav Servers

It is beyond the scope of this blog post to go into great detail on the steps required to secure WebDav servers but Microsoft has a very good guide on how to secure the IIS WebDav Service. This can be accessed at:

http://technet.microsoft.com/en-us/library/cc778809%28v=ws.10%29.aspx

In addition to this you should note the following best practices:

Folder Permissions: Use non-anonymous authentication. Modify the NTFS permissions on the folder to only allow the access necessary to the users who require such access

Prevent File Execution: If you are only using WebDAV as a file store and not using it to display web pages, then execute permissions should be removed from that site or folder.

Apache WebDav servers can be configured to use LDAP authentication and also two factor authentication and any deployments should consider implementing these.

Facebooktwitterredditpinterestlinkedinmailby feather

Cloud Computing Use Case: Extending Remote Desktop with a Cloud Drive

Many service providers and companies offer Remote Desktop Services to enable companies to access their desktop remotely. Applications are installed for the users where user settings and data are saved to their profile.

We’ve had a few requests from companies and service providers now who wanted users to easily be able to access data on remote clouds (such as Azure, DropBox, Box, FTP, WebDav, Sharepoint Amazon S3 etc) from a remote desktop.

With Storage Made Easy, this is easily done as SME presents a WebDav entry point to all clouds that SME supports whether they support WebDav or not. This means the service provider needs only co-locate the SME software appliance (supplied as an OVF compliant file) in their network and add a simple script to the users startup. The script it:

NET USE * \\webdav.storagemadeeasy.com@SSL\DavWWWRoot
pause

This enables user to get a mapped drive to remote cloud storage as soon as they login to their remote desktop and to browse and access these files like any other data drive and is a simple solution for bringing remote clouds directly into a users remote desktop using a simple metaphor they understand, “a drive”.

Facebooktwitterredditpinterestlinkedinmailby feather

The Top 5 things to Consider for Business File Sharing

20130309-165632.jpgFile Sharing is a key part of a companies ability to collaborate and share corporate data, which increasingly can be stored in many disparate services. The purpose of this post is to offer suggestion businesses should consider for their corporate file sharing strategy:

Many business just let employees share files with no control and no checks. This needs a policy. This is the businesses core asset and it needs to be protected and secure. Also, compliance and legislation of data is increasingly becoming important. The business needs to ensure it does not get caught in a compliance trap.

Point 1: Implement a control mechanism for your users. For example Storage Made Easy enables users to share files using links that can be password protected and in which the link can be set to expire. This protects against the user forwarding file. The file link can be set to expire on first download for example or set to download after 24 hours (or any other specified time period). If the file is password protected, even if the file is forwarded by the recipient then the file cannot be accessed unless the password is provided. A control mechanism promotes best practice security management of files and reduces operational risk.

Point 2: Point Solution or not ? Consider whether your strategy should be a point solution or whether it works with your existing data sets. Many vendors may purport to promote managed secure file sharing but often you find you have to move your data to their Cloud to have the solution work for you. Storage Made Easy works with private on-premise data, public cloud data such as DropBox, SkyDrive, Box etc and also with SaaS services such as BaseCamp. This promotes a ‘joined up’ strategy for company file sharing.

Point 3: Integrates with what you have ? Consider whether the solution works how you work so that it does not get in the way of business or productivity. For example Storage Made Easy integrates directly in the desktop as a network drive with simple right click options to share files. This behaviour supports Windows, Mac and Linux.  Also integration has been done with other core business productivity tools such as Microsoft Outlook and Mac Mail to promote easy secure file sharing using links directly from the corporate mail client. Similar integrations exists for core productivity tools such as Microsoft Office and Open Office or Libre Office.

Point 4: Compliance, Compliance Compliance – Compliance is fast catching up with all verticals when it comes to storing and accessing corporate files off site. There is specific industry legislation related to this, such as HIPPA in healthcare and FERPA in education, but  there are various legislation proposals being processed at various levels in the USA and EU and it is a safe bet that  the ability to track historic file events will become more of a requirement not less of a one. Also for companies, the ability to search against historic file sharing or data access should be just part of an overall joined up corporate security policy.

Point 5: On-Premise, Hybrid or Cloud ? The last point is to do with implementation. You should be able to decide how you manage data or metadata associated with storing files and sharing files. This can be behind the corporate firewall, totally on Cloud., or some combination of both. The key word here is choice.

Facebooktwitterredditpinterestlinkedinmailby feather

New Storage Made Easy Google Chrome Cloud Unifier File Manager Extension

We’ve added a new Storage Made Easy Chrome extension to the Chrome Web Store. The sole function of this extension is to enable auto-login and launch of the SME Web File Manager for quick access.

The SME Web File Manager is a hierarchical file manager which makes it ideal to deal with large data set and also data from different on-premise or public cloud storage, which are unified in the file tree. A Storage Made Easy Account is needed but a free account can be signed up directly from the extension.

The reason for this extension was to make it a lot easier for users to be able to gain access to the Web Cloud File Manager for one of our business customers who had equipped their salesforce with Chromebook Pixel’s.

The Web File Manager enabled them to have a workflow which included editing and commenting of documents directly from the Chromebook on various clouds that they used which includes BaseCamp and Amazon S3.

The extension can also be used for securely sharing files which include setting passwords on files and/or time expiry.

The web file manager, from a single user perspective provides a very nice way to work with data between cloud providers and even collaborate with other people using Business Group WorkSpaces. For business users it provides a complete collaboration environment between user which includes files editing, file commenting, file versioning and file locking.

Facebooktwitterredditpinterestlinkedinmailby feather