Document Management is more than just managing documents – it is also securing them

Enterprise file share and sync

Document control and management is of vital importance to any organization. If sensitive information is sent outside of your company, once the documents have been sent electronically, control is lost and this can put files you shared at risk. They can be copied or forwarded anywhere in the world, in seconds.

For most businesses, the focus of their attention is on document management and on the organizational workflow and the storage of documents. Companies want to be able to integrate documents into a workflow and store documents in an organized and secure way that still allows documents to be found easily . Where the document is stored can frequently change. It could be SharePoint, it could be FTP, it could be on some external repository etc. Where the security process can fall down is when documents are shared externally or how they are available to be collaborated on.

The proliferation of employees bringing there own devices to work (BYOD and BYOC) and using preferred SaaS applications of their own choosing has led to corporate governance becoming even more of a challenge for those tasked with its enforcement as an increasing number of end users bypass corporate protocol.

Such ‘Shadow IT‘ can pose a significant security risk, as unapproved hardware and software that are used do not undergo the necessary security checks and the storage and dissemination of such documents is outside of corporate control.

solving shadow it problem

Storage Made Easy provides a unified Enterprise File Share and Sync solution, which works with a companies existing private and public data, presenting these files in a unified view.. It enables enterprises to not only securely sync, but also to securely share and work with files, wherever they need to go, even on devices that are beyond IT’s control.

IT benefits from a solution that gives them control, and users benefit as they have automatic access to documents and files from multiple data repositories, with robust security wherever behind the corporate firewall, or using any tablet, smartphone or PC.

Storage Made Easy uniquely provides:

• The ability to view, annotate, edit and sync almost any cloud or private file from almost any storage to any device.

• Internal and external collaboration features to work securely with anyone without losing control of enterprise data.

• Complete audit tracking to ascertain who accessed files, where form, and what action was taken.

• Provides a secure way for the organizations to collaborate with external partners using business workspaces.

• GEO Restrictions – restrict access to documents by IP address and by client. For example let an external sub office only have access to a folder from a specific IP address from the web browser (or any other client you nominate).

• Full Bring Your Own Device Support to restrict access to by employees by device type.

• Sophisticated permissions that unify permissions to different back end document storage and which can also be used with Active Directory or LDAP

• A way to solve the “DropBox” “bring your own cloud” problem be auditing such clouds even when documents are uploaded direct.

• A way to encrypt files stored on remote clouds which a key that is stored behind the corporate firewall this protecting remote sensitive data.

Secure document file sharing

In summary you do not have to choose between a homogenous and restrictive system or a lawless fenzy of different unapproved systems. The Storage Made Easy Enterprise file share and sync solution is storage agnostic. It is compatible with most private or public file sharing cloud data stores allowing users to continue using their preferred cloud storage provider while at the same time converging off-site and on–site private and public data. This allows a centralized point for corporate governance, thus providing a real solution to the Shadow IT and corporate governance problem.

Facebooktwitterredditpinterestlinkedinmailby feather

New Folder Sharing feature for team users

We have implemented a new folder sharing feature for Business Cloud / on-site Enterprise File Share and Sync Users. It simply provides the ability to share folders and sub-folders of files with external companies or other users who can receive the link, enter the password and gain access to the files without the need for an SME Account.

The video below shows the feature in action.

Facebooktwitterredditpinterestlinkedinmailby feather

5 ways uncontrolled file sharing can hurt your business

uncontrolled file sharing

1. Unknown sensitive company information leaked

Not knowing what potentially sensitive company information is being shared can have a big effect on your Company. Sharing sensitive product designs, customer information, financial information etc can have a direct negative effect that may not be seen but will be felt.

Storage Made Easy provides policies that operate above all private and cloud data and enables policies to be set that incorporate time expiry and password protections inclusive of audit tracking and GEO location restrictions.

2. Data Breach

There is an increasing amount of privacy legislation that a company has to adhere to, such as HIPPA, FIPS, European privacy legislation. Not controlling the flow of information can result in severe financial penalties, or worse, jail.

3. Sensitive data on non company data services

The rise of Bring your Own Cloud within companies can result in corporate data being stored on unsecure services that can be breached and are outside of the control of corporate IT.

With Storage Made Easy on-site Cloud Control Appliance companies have a universal policy control gateway which can be used to control access to Bring your Own Cloud environment such as DropBox. This includes browser, mobile or API access to such services. This gives enterprises a single platform to securely manage and protect file sharing by centrally enforcing corporate policy on Bring Your Own Cloud data flows.

4. Slow Network / Reduced Quality of Service

Users tend to share files in companies. Once the file is shared it can be forward by the recipient anywhere. This touches upon point 1 of uncontrolled file sharing. Users should be sharing links not files so they can be tracked and controlled. There is another benefit of this which is to do with the network congestion that occurs inside of companies and this network congestion.

Lots of people sharing similar large files can lead to network congestion inside of a company which can not only be costly to productivity, it can be costly to the company as more bandwidth is consumed. Link Sharing shifts the bandwidth for the file download to the remote user.

Storage Made Easy provides add-in’s for Microsoft Outlook and Mac Mail that promote such links sharing inside of enterprises.

5. Copyright infringement

It is not unusual for users inside of companies to use their corporate emails to share digital music and digital books with friends. This not only exposes the user to copyright infringement it also exposes the company and with no control it is silent threat that explode at any time.

The key take-away is that uncontrolled file sharing can be bad for business and companies should give serious to consideration to how the promote governed file sharing that does not just work on one data cloud but works against all public / private data clouds that is in use at a company.

Facebooktwitterredditpinterestlinkedinmailby feather

Cloud Storage predictions for 2014

Cloud Storage Predictions for 2014

THE YEAR IN REVIEW

It has been some year in the world of Cloud and Cloud Storage in particular. We witnessed the demise of Nirvanix, as well as the revelations of Edward Snowdon outlining the surveillance of the PRISM surveillance program and the alleged collusion with major US Service providers

Amidst all of this the behemouth that is Amazon continued to move forwards apace and continuing to add new services and reduce pricing.

There has been space in the market for new vendors such as Dump Truck, which launched almost exactly 1 year ago, and Copy, both of which predominantly offer services aimed at the consumer market. Many new Enterprise cloud storage services were launched in 2013 such as Verizon, EMC, Colt Telecom, Lenovo showing that vendors anticipate a huge enterprise demand for cloud related services from their incumbent customers.

The OpenStack open source cloud platform continued to go from strength to strength with vendors, such as RedHat offering new OpenStack related products and aiming for OpenStack dominance.

Meanwhile Amazon S3 continued to be the de facto storage API for developers and storage product compatibility, something we predicted over 3 years ago when we added the S3 API to the SME platform.

Another interesting recent development in 2013 was SugarSync announcing plans to stop offering free accounts and close all existing ones. A pretty big step that upset a lot of (free) customers.

CLOUD STORAGE PREDICTIONS FOR 2014

1. Following on the from the round-up of 2013 above and the latter entry on SugarSync, it is likely we will see other services shutting down their free storage offerings. The key lesson here is that free is not free for ever it seems.

2. Expect to see a DropBox and Box IPO in 2014.

3. Due to the PRISM and NSA debacle we expect to see more non US companies wanting to stop their data from being hosted in the US.

4. Security has become the number one concern for companies when dealing with data. Expect more file sharing vendors to follow SME’s lead and try and retrofit logging / auditing / enhanced security in their product offerings.

5. Expect more companies to want remote data to be encrypted with keys they control. This will become part of a companies security playbook for 2014. (see our prior blog post for how SME does this).

6. 2014 will see companies want more from their Storage solutions – how do they solve their businesses problems, how do they fit in with corporate governance and help implement common policies ?

7. Big Data will continue to dominate hype cycles for storage vendors and expect to see a slew of new products.

In the meantime all that is left to wish you all a Happy New Year !

Facebooktwitterredditpinterestlinkedinmailby feather

In a post PRISM world why your Company needs joined up File Sharing and Governance

The recent controversy with regards to Prism and data snooping has brought the security of corporate data to the fore however the biggest threat to corporate data lies not with the corporate nemesis that is Prism but with the number of data leaks that occur every day in companies.

These include new phenomena such as Bring Your Own Device (BYOD) and Bring your Own Cloud (BYOC) as well as the thorny issue of what files are shared over email.

Data is any companies biggest asset and not controlling how corporate data is disseminated is a ticking time bomb waiting to explode in your company. Why? Take your pick, Legislative reasons, fraudulent reason, competitive reasons. There are many reasons why not controlling data dissemination could trip your company up.

Companies need to consider how to build an Effective data governance serves ACROSS their enterprise data silos. Doing so will define a cohesive set of parameters for data management, data usage, as well as the ability to create governance processes for a companies internal use, and for their supply chain, which ultimately leads to information assets that are well managed.

SME Data Governance framework

In the world of Cloud it is key that Data Governance and data policies work not only with data behind the corporate firewall but also cloud data and cloud services.

So what should you consider as a company to manage your data assets ?

1. Understand what information is sensitive across all data silos, have a federate access control mechanism that works with your user across this private and cloud data silos. Storage Made Easy provides such a federate mechanism to assign and control user permissions and access at a very granular level that overlays one or more data stores.

SME federate permissions

2. Set policies for data access and enforce them through common tools. For employee sharing of data through tools such as email, make it easy but also set policies that can define expiry time and password protection. Storage Made Easy has plug in’s for Microsoft Outlook and Mac Mail that enables productive file sharing across all cloud / private data but which has built in support for policy enforcement.

Mac Mail large file sharing

These policies should also ripple through to the mobile Applications used in a company:

iOS secure file sharing

3. Use Cloud Encryption for sensitive data and ensure that you control the private key. See our previous post on encryption and securing data for further information.

Cloud File Encryption

4. Audit all your company data. Irrespective of the policies set you should get in the habit of auditing your company data. SME enables the setup of an automated email to a specified user of the previous day file events such as sharing, files updated etc.

Cloud Storage Audit Log

5. Set BYOD policies and device access policies that work like your company works. For example, have a contract firm that you gave access to a specific folder ? Then designate that they can only access the folder using a web browser and only from a specific IP address.

BYOD GEO Restrictions

Summary

Companies need to connect disconnected information to enable corporate governance.

Cloud Corporate Governance

Facebooktwitterredditpinterestlinkedinmailby feather

Why must all Team Storage Accounts charge monthly ? – Meet the SME Lifetime Option

Storage Made Easy Lifetime Pricing

Most cloud storage plans that offer team pricing do so on a monthly basis using the typical SaaS pricing model where the simple calculation is:

No of Users * Monthly Price

Storage Made Easy also offers this plan but we realised when talking with customer that many companies would prefer to have the option of an alternative of what they term “perpetual” licensing.

This is the “old” software model in which licenses were procured on a one-time pricing “capex” basis and the only recurring costs was a monthly recurring “open” support and maintenance cost.

After numerous requests for such pricing for our online hosted team service we thought why not ? We can surely construct a model that works for companies who want a pricing model where the majority of the costs is up front in capex and the longer you use the service the more money you save.

Support enables access to SME support and Maintenance enables access to future product versions and this payment is mandatory for continued use of the service.

Support and maintenance is 22% of the initial purchase in year 2 and then year 3 and the thereon.

So how do we calculate this ? The algorithm used to calculate this yearly pricing for business team users is simply:

No users * $5 (monthly Price) * 12 (industry average customer churn)

This results in companies who use the service for longer than 12 months effectively using it for free thereafter other than the one time recurring annual 20% payment for support & maintenance.

Now lets look at some practical examples

Company with 15 users:

SaaS Cumulative Spend

12 Months 24 Months 36 months
      $900         $1800          $2700

Initial Payment (15*$5) = $75
Monthly Payment thereafter $75

Lifetime Cumulative Spend

12 Months 24 Months 36 months
      $900         $1098          $1296

Initial Payment (15*$5*12) = $900
Monthly Payment thereafter $0
Yearly Payment thereafter $198

Savings over 3 Year period

1 Year savings = 0
2 Year savings = $702
3 Year Savings = $1404

Savings go up the longer the time period and the more users deployed !

Are there any differences between the accounts ?

There is only one difference.

In the SaaS service each users gets access to 10GB storage per user (hosted on Amazon S3)

In the Lifetime service each user gets access to 5Gb storage per user (hosted on Amazon S3)

In each case the cumulative storage for all users can be used as a ‘pool’ and spread between users as per the Administrator quota policy.

Also each Company can add additional storage or services from any of the 40+ clouds that SME supports.

Features also included for The team service also includes in both lifetime and SaaS pricing options:

    – Encrypt sensitive data stored on remote cloud services with a private key
    – Integration with Active Directory (optional)
    – Full Audit and event history of all files
    – Access via FTP, WebDav or the S3 protocol to any cloud or service added
    – File versioning and locking
    – Folder permissions and ACL
    – Joined up collaboration
    – Secure file sharing

More details on features can be found on the SME features page.

All pricing information is on the SME Pricing page.

Facebooktwitterredditpinterestlinkedinmailby feather

Turning a NetGear ReadyNas into a Cloud File Server with WebDav and SME

NetGear ReadyNAS is a fully featured NAS appliance for individuals and small businesses (SMB’s).

The ReadyNAS is a great way to store locally accessible content but it would be even better if you could get to that content when out of the office and on the road. Even better what if you could organise that content, assign which users can access which files remotely, set file access permissions, and more, in essence turning your ReadyNas into a private Cloud File Server.

Thankfully, the ReadyNAS supports WebDAV, or “Web-based Distributed Authoring and Versioning”, which is an an extension to HTTP that allows access to files remotely over HTTP or HTTPS. This enables you to map your ReadyNAS as a Private Cloud to SME This is a true Private Cloud in that your files do not need to be moved or synchronised anywhere else for this to work.

First you need to setup the ReadyNAS for WebDav. You can find a detailed guide on how to do that here.


Once this is done we can begin to add the The WebDav enabled ReadyNAS as a Mapped Private Cloud to SME.

To do this the first thing to do is setup an Account at StorageMadeEasy.com. We will be stepping through the setup of a Cloud File Server Account, but this will also work for free or personal accounts.

After creating an account (in this example a Cloud File Server Account) let’s first configure the WebDav connector to work with the ReadyNAS.

To do this navigate to ‘My DashBoard’ from the sidebar and choose to add a new WebDav Provider.


Choosing ‘Add Provider’ will take you to a screen where you can add the ReadyNAS WebDav provider details.


For the WebDav Server host enter the “IP Address (or DDNS name)/sharename” that you setup when getting your ReadyNAS for WebDav. For username and password use the same name and password that you use for accessing a share on your PC. Change the port to 443 as SSL is enabled. Enter the ReadyNAS share path that you previously entered.

Once done click ‘continue, and you will be prompted to sync the ReadyNAS file meta data from the share that you just created.

Once this is done your ReadyNAS device is available to be used as a CloudFile Server.


If you navigate to the file manager you will see the ReadyNAS files/folders from the share you created on the ReadyNAS:


As well as the ReadyNAS files we can also add other Cloud Files, from any of over 25 Cloud Storage Providers. In this case I’ll add Google Docs using the exactly same procedure as adding the WebDav provider we outlined earlier except this time I’ll choose the Google Docs Provider and step through that wizard. Once Added I’ll be able to add both sets of files in a virtual file tree:


This is now setup to be able to access files using iPhone / iPad, Android, Windows Mobile 7, BlackBerry or any of the Mac,Windows, and Linux desktop drives that SME Supports:


Now we’re ready to create some users. We can do this from our Web Dashboard:


Users login become <username>@<Cloud File Server name>. In this example we used marketing@ReadyNAS.

Once the users are setup we can add some shared Organisation Folders from the File Manager and then set some access permissions against them. These folders can be a mixture of folders that reside on the ReadyNAS or Google Docs, or indeed any other Cloud you have added.


The Cloud Admin can also enable users to be able to setup their own private Clouds with data only they have access to, for example Google Docs Apps accounts that are allocated to each user, or SkyDrive Accounts etc:


There are a myriad of file sharing options which include file links, file links with managed expiry, sharing with collaboration groups, making files public (and if required protecting them with passwords even if public). All these options are also available from mobile devices and tablets:


This is the end of the brief overview of setting up a ReadyNAS appliance to work with the SME Cloud file Server.

Facebooktwitterredditpinterestlinkedinmailby feather