File Fabric integration with external Vault Key Server by HashiCorp (Part 1)

The primary purpose of the File Fabric encryption feature is to protect  a users/companies files on local and remote storage resources, such as Object Storage, Dropbox, Google Drive etc, and to achieve this in an easy and seamless manner.

When files are encrypted in by the File Fabric, users cannot access or share them directly from the storage service. The files need to be accessed through the File Fabric web or app clients because the key to decrypt the data is stored, encrypted, on the File Fabric server instance.

Continue reading →

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Securing Storage Made Easy with Let’s Encrypt using Certbot

Storage Made Easy recommends all traffic to be secured with encryption, as a matter of fact, by default we enforce the user of HTTPS communication. That said the software ships with self-signed certificates, to get you started, and when you first connect you will be greeted by an Invalid Certificate message in most browsers as self-signed is fine for pre-production, setup and testing but real certificates need to be added for production. In this post I will show you how to setup a free of charge, trusted certificate with our product.  Let’s Encrypt is the name of the Certificate Authority we will be using, who provide free SSL certificates for 90 days.

Continue reading →

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Why you, and not your storage vendor, need to manage your file encryption

20131026-075806.jpg

Many file sharing vendors offer at encryption at rest but the the real question is do they let you manage your own encryption key?

Ask yourself these questions?

– Are you comfortable not controlling your own file encryption?
– Do you have sensitive data you wish to store in the cloud that you do not want to have your file sharing vendor have access to?
– Do you have data that absolutely must have controlled encryption from a legislative view point?
– Do ypu trust your vendor not to provide a ‘back door’ to the NSA?

Storage Made Easy:

– Offers private key encryption in which the private key is not stored on its hosted platform for all users (including free users).

– Let’s you encrypt data stored on any remote cloud including Box, DropBox, Amazon S3 etc

– is a UK company that has servers located in the US and in Europe in which no data is shared between the two

– Can provide a completely on-premise solution for Cloud Control and unified joined up file sharing that encompasses all public and private corporate data.

SME puts encryption of your files in your hands not your vendors !

For further information please download our security white paper and see our previous blog post on encrypting files.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Amazon S3 file encryption now supported

We have for quite a while enabled public/private key AES 256 bit file encryption for files in which the private key is not stored on our servers. Many providers now support their own encryption and what we offer is over and above that (and in many cases our encryption is used as an additional security as it is truly private whereas in most cases the vendor stores the public and private key).

We believe it makes sense for us to support vendor Cloud encryption mechanisms were they add value and are possible. To this end we now support the Amazon S3 Cloud encryption and we’ve made it pretty easy to turn the encryption on, straight from the settings of the S3 provider (accessible from the Web DashBoard):

Once you are in the settings page of the S3 provider you simply turn it on:

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How make your Cloud Data public but still keep it private

Being able to share data publicly via a website is very attractive for lots of different reasons, especially when you want to give the widest possible reach to your data, from an internet search perspective.

However, there are times that you wish the data to be visible, but also be able to control who has access to it. We had a good example of this recently from an educational establishment who uses SMEStorage with their own FTP Server to make available course content publicly to remote learning students. They wanted the course data and titles of files to be available and entered into search engines to attract future  students, but they also wanted to be able to control access to the data so that only students who were enrolled on the course could download the content.

One of the features of the SMEStorage cloud Gateway is that it enables you to work with your cloud data but overlays certain features and functions that you may not get from your provider. One of these is encryption. If you upload your data to your storage cloud via SMEStorage then you can choose to add an encryption key which then encrypts the data with an AES encryption cipher (key) that you choose and which only you know. This is the key private key you then need to share with anyone who wants access to the files.

Lets look at the steps of this in practice:

1. Upload your data to your cloud via SMEStorage and choose to encrypt it. The key is not stored on the platform and is known only by you.

2. When the file is stored you will notice that in the Web File Manager it has a key next to it that notifies you it is encrypted.

3. If you now set this file to be public in the File Manager then it is stored in your public files page which is of the format http://www.storagemadeeasy.com/username/files.

4. If a user then clicks on the file that you made public but which you also encrypted then they will be asked to enter the encryption key before they can download the file.

This works above all file storage clouds that SMEStorage supports, such as Google Docs, SkyDrive, DropBox, Amazon S3 etc. It is a great way to be able to limit access to files but still make them available.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather