IAM – Storage Made Easy Blog

July 6, 2020August 12, 2020

CISO Bulletin: Multi-Cloud Authorization With the Enterprise File Fabric™

In a recent post about authentication with the Enterprise File Fabric™ I briefly mentioned authorization and committed to a follow-up post on that topic. This post explains how the the File Fabric’s authorization features are used to manage user access to directories and their contents on the storage that is attached to the File Fabric. As we’ll see, the File Fabric can use the groups that are set up in authentication system to create a unified security structure that spans all storage. Additionally, for some resources, the File Fabric can import and use established user authorizations and also allow the storage’s native access controls to govern users read and write actions.

Continue reading “CISO Bulletin: Multi-Cloud Authorization With the Enterprise File Fabric™”

June 29, 2020August 12, 2020

Integrating with ADFS for secure document sharing and external partner collaboration

The Enterprise File Fabric’s Secure Data Management solution is a powerful way to enable sharing and collaboration on company documents with other company team members using existing company storage resources, whether that is on -cloud or on-premises. Additionally, secure link sharing provides an audited compliant way for users to provide password protected links to people outside of a company. However, what about when users want to easily invite people external to a company to securely share and collaborate on documents?

Continue reading “Integrating with ADFS for secure document sharing and external partner collaboration”

April 17, 2019April 17, 2019

Object storage governance and compliance – Moving beyond S3 IAM and Bucket Policies

Object storage platforms, such as Amazon S3 are evolving at a rapid pace. The Amazon S3 API has become a de facto standard alongside other platform like OpenStack Swift and Ceph, and with that progression, it brings us many new features and integrations.

Continue reading “Object storage governance and compliance – Moving beyond S3 IAM and Bucket Policies”

March 12, 2019March 12, 2019

How To Easily Create Private Password Protected Amazon S3 Links And Folders

As Amazon S3 has become more widely used the thorny issue of sharing files has become more of an issue. Sharing files on S3 can be complex and can involve public buckets, IAM Policies and temp URL’s. This complexity has often lead to companies setting buckets to public to enable access which in turn has led to its own issues in terms of breaches or unauthorised access.

December 14, 2018December 17, 2018

2018 was they year of the data breach so what can be done ?

Third party data breaches continue at a pace even at 2018 closes, with the latest being the healthcare provider Atrium Health.

The move to Cloud is for many companies is both a blessing and a curse as it creates a potentially larger attack vector surface areas for would be hackers coupled with an increased reliance on external providers who may themselves be attacked.

Continue reading “2018 was they year of the data breach so what can be done ?”by

March 25, 2018April 23, 2021

GDPR Watch – Identity and Authentication

Identity Management is an important piece of the GDPR governance process, particularly ‘who’ has access to ‘what’ data and ‘how’ that access is granted.

Continue reading “GDPR Watch – Identity and Authentication”by

August 11, 2016April 14, 2021

Working with Amazon S3 IAM User Profiles and The Enterprise File Fabric

Although the File Fabric supports sophisticated permissions for Amazon S3, AWS provides the ability to setup specific profiles using Amazon IAM (Identity and Account Management).

If you have existing users setup using Amazon S3 profiles via IAM, in which they have been set specific permissions to access a bucket, for use with the Enterprise File Fabric you will need to generate a keypair for each user. Continue reading “Working with Amazon S3 IAM User Profiles and The Enterprise File Fabric”by