Collaboration between employees is one of the largest drivers of productivity in our modern era. Telegram, telephone, fax, and email have brought the ideal of instantaneous communication closer and closer over the years. With File Sync and Sharing (FSS) in the mix, employees can now use enterprise versions of tools like Dropbox to share terabytes of information, just by dragging and dropping. Returning to a common theme in our articles, the question of who shares what with whom (and when) has always underscored the idea of information sharing.
How do you make this process secure?
With File Sync and Share, There's No Refuge in Simplicity
FSS doesn't necessarily mean cloud. A lot of companies still don't use sophisticated FSS tools that live in the public cloud. They don't want to pay subscription fees, they're worried about third parties getting breached, and so they roll up their own FSS solution. The simplest versions of FSS are definitely not the most secure, however—but the problems with it help illustrate the problems with more complex variants.
The simplest way that companies set up FSS is via something called Network Attached Storage (NAS). A NAS is, in its essence, a box with hard drives in it, attached to a WiFi card. You plug in the box, attach the box to the network, and access it like it's just another hard drive on their computer—it probably shows up as drive D, E, or F. Anyone who has access the box can share or download files from the network drive.
- How do you monitor usage of the NAS?
- Can you tell who's uploaded what file?
- What about downloads?
- Is there a firewall or some kind of endpoint protection that will stop someone from uploading a virus?
Basic FSS can't answer these questions, which means that it can't satisfy the basic requirements for either compliance or security. What's more, these are barely approached by the newer and shinier SaaS solutions that have gained so much traction in the enterprise.
The Key to Secure FSS is Not Only Simplicity, but also Governance
No matter which FSS solution you choose, it needs to be secured with a solution that helps you answer the basic question: "Who shared what with whom, and when?"
This is the question that helps administrators catch insider threats, mitigate or remediate a data breach, and satisfy stringent compliance regimes. It's also a question that Safe-T Box can help answer.
Whether you're using a basic FTP or NAS setup as an FSS solution, or chosen the most sophisticated SaaS-based file storage, Safe-T Box provides the governance necessary to secure your shared data, without compromising security. In effect, we establish a gateway between the user and their storage of choice (on-premise, cloud, etc.), allowing the administrator to apply certain policies to files as they pass through that gate.
For example, if users are uploading sensitive data, one might set up a policy to automatically encrypt it, and then demand a login and password from anyone who downloads it. If users download data, admins can use Safe-T Box to loop in their preferred endpoint protection platform, scanning downloaded files for viruses. By default, you can see granular information from any file in your FSS solution—who uploaded it when, who's viewed it, what size it is, what it contains, and so on.
For a secure solution that fits whatever FSS solution you choose, pick Safe-T Box. To learn more, register for our upcoming webinar, here.