Here at Storage Made Easy we can quite often get involved in helping a customer clone, or move, their data from one storage provider to another. This is often a one time operation, and we have a number of in-house apps and scripts that we are able to use but today I’d like to discuss a third party free solution called Rclone.by
This blog posts hilights a feature demo that was jointly presented on a recent webex with IBM.by
The way this works is as follows:by
As CEO of Storage Made Easy, it is difficult to pick a ‘winner’ for the favourite feature section as there are so many quality features. However, if I had to pick one that I use frequently, it is the file sharing controls for Secure Link Sharing.
Continue reading “My Favourite Feature: Secure Link Sharing”
OpenStack Swift is more than an enabler to store large amounts of unstructured data. The massive scalability, geographic dispersion, and REST API Access are a way to achieve some compelling use cases, of which the most popular is undoubtedly file sharing.
In the past Enterprise File Share and Sync has been more traditionally associated with file-based storage platforms but as such storage platforms struggle to scale and don’t naturally lend themselves to be web accessible pairing Enterprise File Share and Sync with object storage solutions such as OpenStack Swift has become much more compelling for enterprises. Not only from an ease of use perspective but also from an ROI perspective.
This post looks at the “must have” features that should be demanded from an OpenStack Swift Enterprise Sync and Share vendor.by
Today we released our new Web File Manager UI. We believe it is a significant improvement over our prior File Manager UI in terms of simplicity and ease of use:
One of the first things to notice is that the Web File Manager can operate in a single pane. In fact this is its default mode.by
Today we made an update on our FTP and SFTP DNS entries for our US and EU SaaS services.
Personal or Business Cloud customers who have access to SME FTP and SFTP should now use the below to access the FTP and SFTP services:
1. Unknown sensitive company information leaked
Not knowing what potentially sensitive company information is being shared can have a big effect on your Company. Sharing sensitive product designs, customer information, financial information etc can have a direct negative effect that may not be seen but will be felt.
Storage Made Easy provides policies that operate above all private and cloud data and enables policies to be set that incorporate time expiry and password protections inclusive of audit tracking and GEO location restrictions.
2. Data Breach
There is an increasing amount of privacy legislation that a company has to adhere to, such as HIPPA, FIPS, European privacy legislation. Not controlling the flow of information can result in severe financial penalties, or worse, jail.
3. Sensitive data on non company data services
The rise of Bring your Own Cloud within companies can result in corporate data being stored on unsecure services that can be breached and are outside of the control of corporate IT.
With Storage Made Easy on-site Cloud Control Appliance companies have a universal policy control gateway which can be used to control access to Bring your Own Cloud environment such as DropBox. This includes browser, mobile or API access to such services. This gives enterprises a single platform to securely manage and protect file sharing by centrally enforcing corporate policy on Bring Your Own Cloud data flows.
4. Slow Network / Reduced Quality of Service
Users tend to share files in companies. Once the file is shared it can be forward by the recipient anywhere. This touches upon point 1 of uncontrolled file sharing. Users should be sharing links not files so they can be tracked and controlled. There is another benefit of this which is to do with the network congestion that occurs inside of companies and this network congestion.
Lots of people sharing similar large files can lead to network congestion inside of a company which can not only be costly to productivity, it can be costly to the company as more bandwidth is consumed. Link Sharing shifts the bandwidth for the file download to the remote user.
Storage Made Easy provides add-in’s for Microsoft Outlook and Mac Mail that promote such links sharing inside of enterprises.
5. Copyright infringement
It is not unusual for users inside of companies to use their corporate emails to share digital music and digital books with friends. This not only exposes the user to copyright infringement it also exposes the company and with no control it is silent threat that explode at any time.
The key take-away is that uncontrolled file sharing can be bad for business and companies should give serious to consideration to how the promote governed file sharing that does not just work on one data cloud but works against all public / private data clouds that is in use at a company.by
We’ve been asked a few times about a Storage Made Easy client for the PlayBook and other new devices such as the Z10, Z30 and Q10 that support OS 10. We thought we’d put the record straight a client already exists ! It’s not on the BB App Store but it can easily downloaded and installed by sideloading it onto the device. Sideloading is basically loading a BlackBerry package App file (BAR file) directly to the device and it is really easily today.
It is really easy to sideload an App to the Playbook, Z10 and Q10 and it can be simply done using a Chrome Plugin called PlayBook App Manager. Once you have installed the App Manager you need to do the following steps:
1. Put your PlayBook (or phone) into developer mode.
2. Launch the PlayBook App Manager Chrome Widget and enter your IP Address. For BB 10 Go to Settings » About » Network » Wi-Fi or USB » IPv4. For PlayBook. Click the dev icon on top panel of main screen. It will display an IP usually in the form of 192.168.*.*
3. Once this is done you can simply choose to manager your device from the resultant screen and download and install the SME Cloud File Manager App for either the PlayBook, Z10 or Q10.
That’s it your done. You now have the SME App running on your OS 10 device.by
WebDav is an acronym for Web Distributed Authoring and Versioning and can also be referred to as just plain old DAV.
WebDav is an extension of the HTTP protocol that was originally designed by Jim Whitehead from the University of California at Santa Cruz in 1996 when he was working at the World Wide Web consortium and it later became an Internet Engineering Task Force (IETF) standard.
WebDav was built as an interoperable standard to support remote collaborative authoring of Web sites and individual documents, as well as remote access to document based systems.
Today it It is the most popular network file-system protocol for use across the Internet, and although it has been integrated as a interoperable layer into many existing product implementations it is also notably missing as an interoperable API standard from many, such as DropBox, Google Drive, Amazon S3 and more.
The Storage Made Easy WebDav Gateway
SME provide a way to access any mapped cloud by secure WebDav irrespective of whether the underlying Cloud Supports the WebDav protocol natively. As WebDav is so well supported in many desktop and mobile Apps this means that Cloud Data can easily be integrated and accessible without having to move it to access the features of a particular Application that is WebDav enabled.
Connecting to WebDav Servers and Windows Shares
SME can also be configured to connect to servers that support the WebDav protocol. This use of WebDav from a SME perspective is using WebDav as a back end cloud to store data rather than exposing existing clouds to be accessible using the WebDav protocol.
Many existing NAS or SAN devices such as those as the NetGear ReadyNAS and the Synology devices range already provide WebDav as an access protocol to access data. Also existing web servers such as Apache can also be configured to use WebDav using the Mod Dav extension.
Many users of SME want to expose windows file shares and make them directly available through the SME service to all devices. The most appropriate and secure way to do this is not to expose such shares directly but to configure Microsoft Internet Information Server to expose these shares over WebDav.
Advantages of WebDav for Windows File Sharing
This has the following advantages:
Seamless integration with the IIS Manager
A secondary protocol provides a security DMZ with regards to direct access to windows shares
IIS WebDAV can be enabled at the site level, allowing IT administrators to restrict WebDAV access to specific sites on a server.
IIS WebDAV supports per-URL authoring rules, allowing administrators to specify custom WebDAV security settings on a per-URL basis. This fine-grained control gives administrators the ability to maintain one set of security settings for normal HTTP requests and a separate set of security settings for WebDAV.
IIS WebDAV supports both shared and exclusive locks to prevent lost updates due to overwrites
WebDAV supports secure connection as well. By enabling HTTPS over all WebDAV connections, security is fortified. SSL certificates can also be installed to increases security measures
Why WebDav as a Cloud Connector ?
WebDAV is an optimized protocol for document access over http. It is proven as being latency independent and is efficient over wide area networks especially in contrast to file protocols such as NFS and CIFS.
Using secure WebDAV ensures the data is encrypted during transmission and due to the optimizations that data is stored efficiently and quickly .
Why Not The Common Internet File System (CIFS)
CIFS is the standard way that windows users share files across corporate intranets and the Internet with a secure VPN connection.
To expose such shares directly to the internet or to other none windows PC’s it is needed to use a bridging technology. Samba is often used as such as technology. With Samba, the ports 139/tcp and 445/tcp are exposed over a public IP Address. Once this is done such shares are accessible.
The drawbacks of this are:
– The CIFS protocol used by Windows file sharing does not provide data encryption
The protocol itself is quite chatty.
No level of security indirection
CIFS is is an optimized protocol for access to data over a network that has been extended by VPN and has been used in this context by many companies for a long time. The disadvantage of this is that all devices have to support , be setup, and work with the VPN. preventing access by some devices and Apps and making Adhoc ‘on the fly’ access difficult.
Securing WebDav Servers
It is beyond the scope of this blog post to go into great detail on the steps required to secure WebDav servers but Microsoft has a very good guide on how to secure the IIS WebDav Service. This can be accessed at:
In addition to this you should note the following best practices:
Folder Permissions: Use non-anonymous authentication. Modify the NTFS permissions on the folder to only allow the access necessary to the users who require such access
Prevent File Execution: If you are only using WebDAV as a file store and not using it to display web pages, then execute permissions should be removed from that site or folder.
Apache WebDav servers can be configured to use LDAP authentication and also two factor authentication and any deployments should consider implementing these.by
We are now giving away 150MB of free WebDav access to mapped Clouds to all SME free accounts. This is enough to access around 300 documents on Mobile devices per month and is enough for the average use of WebDav into Clouds such as DropBox, Google Drive, SkyDrive etc.
If you want to access more than just pay a one time $5 fee and get access to 2GB per month of WebDav for the life of your use of our service. If you want unlimited use then just sign up to be a personal cloud or business cloud user.
Also, all free accounts feature 5GB free storage on Amazon S3 and the ability to add up to 3 other Clouds that you wish to access.by
We have supported SkyDrive for quite a while now, even though it never had any official API. Recently SkyDrive added access to SkyDrive using OAuth with an official API. However the API does not support groups or shared files, or Live Mesh files that can be access from SkyDrive in the Web View. This left us with a bit of a dilemma as our existing SkyDrive provider does support these.
To that end we have decided to add support for the official SkyDrive API as a separate provider. The main differences between the two are:
|Feature||SME SkyDrive Provider||SME Skydrive API provider|
|Support Shared files||yes||no|
|Support Live mesh files||yes (read only)||no|
|Support Oauth security||no, username / password only||yes|
This means that you will now have the choice of two SkyDrive Providers to choose from. The “official API” provider and the alternative that supports groups etc.by