S3 vs Azure Blob Storage

Server Message Block (SMB) protocol

Server Message Block (SMB) is a client-server network protocol primarily used for sharing access to files, printers, and other resources on a network. It operates over the TCP/IP protocol suite and facilitates inter-process communication by providing a mechanism for clients to request file or print services from server programs on a computer network. SMB is a network protocol that enables files and printers to be shared across a network, providing a method for client applications to read and write to files on, and request services from server programs in the network. The SMB protocol enables you to mount file systems between Windows and UNIX systems.

The SMB protocol defines a set of message formats and rules governing the exchange of these messages between clients and servers. It enables clients to read, write, and manage files on remote file systems, as well as request and receive output from remote print queues. The protocol provides advanced features such as distributed file locking, opportunistic locking, and support for named pipes, which facilitate inter-process communication. SMB also includes authentication mechanisms to ensure secure access to shared resources, leveraging various authentication protocols like NTLM and Kerberos. The SMB protocol was designed by IBM and subsequently modified by Microsoft, who renamed the protocol the Common Internet File System (CIFS).

NFS vs. Samba: What’s the difference?

NFS vs. CIFS: What’s the Difference?

Cloud Storage Costs

Business people looking worried as cloud storage costs increase.

When cloud computing and storage first hit the scene, it was marketed as a cost-effective solution. One that would save businesses money compared to operating their own data centers. The low upfront costs and pay-as-you-go pricing models made cloud services incredibly attractive, especially for startups and smaller firms.

However, as businesses have become more reliant on the cloud over the past decade, those initial cost savings are being offset by skyrocketing storage fees from the major cloud providers. What was pitched as an affordable, flexible solution is now locking organizations into expensive, rigid contracts that punish them for trying to leave.

The Steep Price of Cloud Vendor Lock-In

One of the key selling points of cloud storage was the ability to avoid expensive capital investments in hardware, real estate, and operations personnel to run on-premises data centers. By renting storage, computing, and other services from the cloud hyperscalers like AWS, Microsoft Azure, and Google Cloud, businesses could treat IT as an operating expense.

This appealed to startups and younger companies that could get off the ground quickly without huge upfront infrastructure costs. It also attracted established enterprises looking to shift CapEx spending to OpEx to improve cash flow and financial flexibility.

The cloud model worked well initially as businesses could smoothly scale usage and spending up or down as needed. Providers offered free introductory tiers and attractive discounts on committed spending to pull customers in. But as data volumes have grown over time and companies built more core services on top of these providers, their costs and reliance on a single vendor increased in parallel.

Due to a lack of easy data portability between clouds and expensive egress fees for transferring out data, it has become extremely difficult and costly to switch providers or repatriate data back on-premises once you’re locked into a platform. Cloud storage vendors know this, which is why they’ve been steadily raising prices year after year, safe in the knowledge that most customers are now hostages.

Major Price Hikes from Cloud Storage Giants

Recently, the biggest providers have jacked up prices significantly increasing cloud storage costs:

These steep increases are a blow to any business that has come to rely on the cloud, as the bill shocks have arrived out of the blue. According to Wasabi Technologies, 92% of businesses allocate more than half of their cloud storage budgets to fees, rather than storage capacity. In 2021, public cloud spending rose to $383.6 billion, up from $307.7 billion in 2020, which includes cloud infrastructure and application services. Cloud spending currently represents approximately 30% of overall IT budgets, and will exceed $1.3 trillion by 2025.

The Cloud Storage Repatriation Movement

Faced with rapidly rising and unpredictable cloud bills, a growing number of companies are now pursuing cloud storage repatriation — bringing data and workloads back in-house to on-premises or colocation data centers they control. Third-party research indicates over 60% of SMEs in the UK plan to reduce cloud usage by the end of 2023 in response to price hikes.

The challenges of repatriating data from the public cloud are significant. Aside from supplier lock-in through egress fees and lagging data portability, businesses need to weigh costs of purchasing new hardware, software licenses, data center space, hiring IT talent to manage on-prem infrastructure, and implementing robust security.

However, the potential long-term savings of owning and controlling data can outweigh those upfront costs for firms whose cloud bills keep ballooning. Many businesses find they hit an inflection point where repatriating select workloads from the cloud becomes more cost efficient than continuing to rent resources from a cloud provider that keeps jacking up prices.

Regulatory Pressures Encourage Cloud Portability

Enterprise complaints over cloud storage costs and vendor lock-in aren’t being ignored by policymakers and regulators. The European Union has led the charge by recently passing the EU Data Act, which will require cloud service providers operating in Europe to remove technical, contractual, and commercial barriers that make it difficult for customers to switch to competitors.

Among other provisions aimed at enabling cloud portability, the act bans predatory practices like hefty egress fees for customers trying to move their data out of a cloud environment. It will also mandate providers assist businesses with the complexities of application migration and data transfer.

While well-intentioned, the Data Act has prompted criticism that facilitating seamless cloud portability is an oversimplification of the technical challenges involved in moving production data and apps between different providers’ platforms and APIs.

Nevertheless, the regulatory pressure reflects the EU’s stance that cloud vendor lock-in poses anti-competitive risks that must be addressed to foster choice and fairness in the market.

In the meantime, enterprises shouldn’t have to wait for legislation to solve issues of escalating cloud storage costs and lock-in. Solutions like MyWorkDrive exist today as an affordable, secure bridge between any cloud storage and end users.

The MyWorkDrive Solution for Cloud Storage Cost Control

The MyWorkDrive platform gives organizations full control over their data while providing seamless, secure access for employees to the files they need regardless of where that data resides. Rather than being locked into a single vendor’s cloud, MyWorkDrive allows companies to leverage any type of storage:

Private cloud set ups like on-prem or colocation data centers

Public cloud services like AWS or Azure

Hybrid and multi-cloud scenarios

Being storage agnostic, MyWorkDrive enables true data portability without the technical hurdles of trying to migrate data between different cloud environments. Because MyWorkDrive fully separates data access from the physical storage, companies can freely move terabytes between storage locations with ease, and anytime they wish to avoid egress fees or renegotiate their cloud contracts.

With full flexibility over where data lives, MyWorkDrive customers maintain leverage over their cloud providers to push back on unreasonable price increases or shift to lower cost alternatives. They can minimize exposure to runaway cloud storage costs while still realizing many of the operational benefits that drew them to the cloud in the first place.

Lower TCO & Predictable Costs

Besides severing cloud dependency through storage freedom, MyWorkDrive provides hard dollar savings to organizations weary of paying premium prices from name-brand providers. Its predictable and straightforward pricing be approximately half the cost when compared to other enterprise cloud file sharing platforms.

Compared to cloud storage providers, MyWorkDrive provides a cost-efficient path to secure file access for employees while keeping total cost of ownership low for the organization. With the flexibility of storage choice, it eliminates the costly pitfalls of vendor lock-in.

Robust Security and Compliance

On top of the economic advantages, MyWorkDrive was architected from the ground up around stringent security principles that protect data no matter where it lives. All data transfers occur over encrypted tunnels and never pass through MyWorkDrive servers, so no third party can access those files. Customers maintain full custody of their encryption keys.

This level of security meets the most rigorous data handling standards for industries like finance, healthcare, legal, and government where data privacy and compliance are paramount. With MyWorkDrive, businesses can confidently adopt a secure hybrid cloud posture and avoid the trade-off of public cloud convenience over control and data sovereignty.

For organizations getting burned by the escalating costs of cloud storage, MyWorkDrive provides a timely escape hatch from vendor dependency. Its unique storage-agnostic approach gives customers the flexibility to optimize their storage mix and leverage the most cost-effective locations for their data. They regain control over their IT roadmap and expenses, allowing them to avoid surprises and run their operation transparently.


File Sharing for Healthcare Organizations

Healthcare professionals accessing files remotely.

Advancing Healthcare Data Security Through Integrated Solutions

In today’s digital landscape, the healthcare industry faces both opportunities and challenges as it seeks to embrace innovation while safeguarding sensitive patient data. As information sharing becomes more widespread, the importance of robust, integrated security solutions intensifies. Crucial security strategies include implementing a zero-trust architecture, data leak prevention (DLP) mechanisms, multifactor authentication (MFA), device management protocols, and ensuring compliance with the Health Insurance Portability and Accountability Act (HIPAA). MyWorkDrive delivers a comprehensive file-sharing solution for healthcare that encompasses these critical components, enabling secure and flexible collaboration while protecting patient privacy.


Zero Trust Architecture: The Foundation for Robust Data Security When Sharing Files

A zero trust architecture operates on the principle of “never trust, always verify.” This approach is crucial in healthcare, where the integrity and confidentiality of patient data are paramount. By implementing a zero trust model, healthcare organizations ensure that access to their networks and data is strictly controlled and monitored, with authentication and authorization procedures in place for every access request, regardless of the user’s location or device.

In a zero trust environment, healthcare organizations replace traditional perimeter-based security models with granular access controls and continuous monitoring. This approach involves segmenting networks, enforcing least-privilege access principles, and implementing robust identity and access management (IAM) solutions. By treating every user, device, and application as untrusted, zero trust architecture minimizes the risk of unauthorized access and data breaches.


Data Leak Prevention: Safeguarding Sensitive Patient Information Within Healthcare Organizations

Data leak prevention (DLP) mechanisms are essential for identifying, monitoring, and protecting sensitive patient information across an organization’s digital environment. In healthcare, DLP tools can help prevent the unauthorized access, sharing, or exfiltration of patient data, thereby mitigating the risk of data breaches and ensuring compliance with privacy regulations such as HIPAA.

DLP solutions employ a range of techniques, including content inspection, contextual analysis, and machine learning, to identify and classify sensitive data. These tools can monitor data at rest (stored in databases or file servers), data in motion (transmitted over networks or shared via email), and data in use (accessed by applications or users). By implementing DLP controls, healthcare organizations can enforce policies that restrict the flow of sensitive patient data, prevent accidental or malicious data leaks, and maintain a secure and compliant file sharing environment.


Multifactor Authentication: An Additional Layer of File Sharing Security

Multifactor authentication (MFA) adds an extra layer of security by requiring users to provide two or more different authentication factors to verify their identity. This method significantly reduces the risk of unauthorized access due to compromised credentials, such as stolen passwords or phishing attacks.

In healthcare settings, where access to patient information must be tightly controlled, MFA is a critical component of a robust security strategy for healthcare file-sharing. Common MFA factors include:

  1. Something you know (e.g., passwords, PINs)
  2. Something you have (e.g., security tokens, mobile apps)
  3. Something you are (e.g., biometrics like fingerprints or facial recognition)

By combining multiple authentication factors, MFA ensures that even if one factor is compromised, unauthorized users cannot gain access to sensitive patient data or systems.


Device Approval: Controlling Access at the Endpoint in Your Organization

Device approval processes ensure that only authorized devices can access an organization’s network and resources. This is particularly important in healthcare settings, where the use of personal devices for work purposes is common due to the mobility of healthcare professionals and the need for remote access to patient data.

By implementing device approval protocols, healthcare organizations can maintain visibility and control over the devices connecting to their networks. This typically involves maintaining an inventory of approved devices, enforcing security policies (such as encryption, antivirus, and patching requirements), and implementing network access controls to prevent unauthorized devices from accessing sensitive data.

Device approval measures can also include mobile device management (MDM) solutions, which allow organizations to remotely monitor, manage, and secure mobile devices used for work purposes. These solutions can enforce policies, remotely wipe data from lost or stolen devices, and prevent the installation of unauthorized applications that could compromise data security.


HIPAA Compliance: Ensuring the Protection of Patient Information

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data in the United States. This is especially important when sharing healthcare files. Compliance with HIPAA requires healthcare organizations to implement physical, network, and process security measures to safeguard electronic protected health information (ePHI).

Adhering to HIPAA regulations is not just a legal obligation but also a commitment to maintaining patient trust and confidentiality. HIPAA compliance measures include:

  • Conducting risk assessments and implementing appropriate safeguards
  • Implementing access controls and audit trails
  • Ensuring data backup and disaster recovery procedures
  • Providing workforce training on HIPAA privacy and security rules
  • Executing business associate agreements with third-party vendors

By aligning their security practices with HIPAA requirements, healthcare organizations can demonstrate their commitment to protecting patient privacy and avoiding costly data breaches and regulatory fines.


MyWorkDrive: The Premier File Sharing Solution for Healthcare

MyWorkDrive integrates all the aforementioned safeguards – zero trust architecture, data leak prevention, multifactor authentication, device management, and HIPAA compliance – into a seamless, flexible, and secure file sharing solution tailored for the healthcare industry. By leveraging MyWorkDrive’s comprehensive framework, healthcare organizations can facilitate data access and collaboration across their ecosystem while ensuring the protection, privacy, and confidentiality of patient information.

Key features of MyWorkDrive’s file sharing solution for healthcare include:

As the healthcare industry undergoes digital transformation, holistic and integrated security solutions like MyWorkDrive are imperative for managing risk and ensuring the secure exchange of sensitive patient data. By implementing layered controls with a zero trust ethos, healthcare organizations can advance data protection amidst growing complexity and interconnectivity, enabling innovation while preserving patient privacy and trust.

SFTP vs SMB: How Do These Popular Protocols for Remote File Access Compare?

Two folders labeled SFTP and SMB, illustrating the contrast between the two secure file transfer methods.Need to securely access files stored on a remote server or share files between devices on a network? The two main options are SFTP (Secure File Transfer Protocol) and SMB (Server Message Block). But what’s the difference between SFTP vs SMB and when should you use each protocol?

We’ll look at the performance, speed, security, and use cases of SFTP vs SMB to help you decide which one better fits your needs for remote file access.


What is SFTP?

SFTP, or Secure File Transfer Protocol, or SSH File Transfer Protocol allows the secure transfer of files between a local and remote host using an encrypted SSH data stream. Click here to learn more.

Secure File Transfer Protocol (SFTP) icon, representing encrypted file transfers.

Here are some key facts about SFTP:

  • Encrypted connection: SFTP ensures all data is encrypted in transit, safeguarding your files and transfers via an SSH tunnel.
  • Standard SSH port: It uses SSH port 22 for connections, maintaining standardized secure communications.
  • File-level access: Directly access, edit, delete, rename, upload, and download remote files with ease.
  • Granular permissions: Detailed user access controls can be configured on the server for enhanced security.
  • Cross-platform compatibility: Supported on Linux, Unix, Windows (with clients), and macOS, thanks to its SSH-based protocol.
  • Common uses: web hosting, remote system administration, automating file transfers between servers.

With its strong encryption and file-level controls, SFTP is great for securely accessing files on a remote server, whether for web development, IT management, or any scenario requiring tight file security.


What is SMB?

SMB (Server Message Block) is a network file-sharing protocol that allows users to access files stored on a remote server as if they were on their local system. Click here to learn more.

Server Message Block (SMB) icon, representing a communication protocol for transferring files.

Key SMB facts:

  • Share-level access: Unlike SFTP, SMB shares entire directories, allowing them to be mounted as network drives.
  • TCP-based: Operates over TCP for file transfers, without inherent encryption.
  • Native to Windows: A Microsoft creation, included in all Windows versions, utilizing TCP ports 139 & 445.
  • File locking: Manages file access among multiple users effectively.

Originally designed for LAN use, SMB facilitates seamless file sharing between Windows computers but lacks the robust encryption found in SFTP. For more information on SMB file sharing click here.


SFTP vs SMB: Security

Security is a major point of difference when assessing each:

  • SFTP offers SSH encryption for all data transfers, contrasting with SMB’s lack of encryption in versions prior to 3.0. However, SMB 3.0 and later versions include encryption capabilities.
  • SMB security can be enhanced with IT policies such as two factor authentication, device approval, VPNs, or using trusted file share access software as versions earlier than 3.0 inherently lack encryption.
  • Authentication in SFTP can use SSH keys or username/password, whereas SMB typically relies on Active Directory credentials.

So SFTP is far more secure overall thanks to its use of SSH encryption. SMB versions earlier than 3.0 lack encryption by design but can be secured by layering the proper tools. For a deeper dive into SFTP and how it relates to security click here. For more information on SMB and how it relates to security, click here.

A burglar reaching into a folder to steal files with a red no symbol overlayed.

SFTP vs SMB: Speed

In terms of speed and performance:

  • SMB is generally faster for small file transfers like documents due to less protocol overhead.
  • But SFTP handles large batches or huge files much more efficiently.
  • SMB performance degrades significantly over high latency networks or the internet due to its “chatty” protocol.
  • SFTP’s simpler protocol makes it more resilient to network lag over long distances.

So for large files or international transfers, SFTP will outperform SMB. But for quick small file reads/writes on a LAN, SMB may be faster.


SFTP vs SMB: Usability

For general end-user experience, SMB is easier and more seamless thanks to its native Windows integration:

  • SMB shares automatically appear as standard network drives, while SFTP requires using an FTP client.
  • The Windows file explorer transparently handles SMB, but a third-party tool is needed for basic SFTP tasks.
  • SMB allows coordinated file locking and simultaneous remote access from multiple users.

So if you just want simple drag-and-drop remote file access, SMB certainly provides a better experience, especially for less tech-savvy users.


SFTP vs SMB: Operating System Support

Almost all Windows versions include built-in SMB support, while SFTP requires a third-party client on Windows.
macOS and Linux have native SFTP support but may need Samba installed for SMB access.

So for Windows-specific environments, SMB has the advantage. But for heterogeneous networks, SFTP has wider cross-platform support.


When to Use SFTP vs SMB?

So when should you use each of these protocols? Some general guidelines:

Use SFTP for:

  • Securely accessing files on remote servers over the internet
  • Automating transfers between servers like backups or syncing
  • Linux server administration and managing hosted websites
  • Transferring large files or batches
  • Cross-platform file sharing

Use SMB for:

  • Quickly networking Windows machines on a LAN
  • Seamless remote file access for Windows users
  • Collaborating on files between Windows apps and users
  • Simultaneous multi-user remote file access

Examples of SFTP and SMB use cases:

  • Web developers use SFTP to manage files on web servers.
  • Businesses use SMB to easily share files and printers within their internal Windows network.
  • IT teams use SFTP for automating secure Linux server administration.
  • Creators leverage SMB for collaborating on artwork files across a Windows network.


While SFTP offers encrypted SSH-based transfers and file-level access, SMB is tailored for seamless directory sharing within Windows environments. SMB has evolved with versions 3.0 and above to include encryption, enhancing its security stance. SFTP remains the go-to for secure, cross-platform file transfers, whereas SMB excels in user-friendliness for Windows users.

Choosing between SFTP and SMB depends on your specific requirements, including security needs, network setup, and operating systems in use. With their distinct advantages, both protocols continue to be vital for today’s remote file access needs. To learn about alternative protocols for remote access click here.

ownCloud vs Nextcloud: Similarities and Differences

As data privacy concerns drive demand for solutions that let users control their files, open-source platforms like ownCloud and Nextcloud have emerged as popular self-hosted alternatives to closed cloud storage services. Offering easy file syncing, sharing, and collaboration without relying on third-party servers, these projects empower personal and organizational users alike.

However, for IT teams considering a switch to self-hosted storage, a pivotal question arises in the ownCould vs Nextcould debate– which solution best fits their needs? While ownCloud and Nextcloud share common origins, key differences distinguish them today. In this in-depth comparison, we’ll analyze the history, features, community support, security, and use cases of each to help guide your decision.


ownCloud: Pioneering an Open Source Cloud Storage Alternative

ownCloud was created in 2010 by developer Frank Karlitschek, who recognized the need for a self-hosted storage platform with the usability of consumer-friendly services like Dropbox, Google Drive, and Box, but without relinquishing data control.

From the start, ownCloud positioned itself as an open-source alternative accessible to non-technical users. Its intuitive web interface enabled easy file syncing across desktop and mobile devices, while supportive features like sharing, versioning, and collaborative document editing made ownCloud a functional, privacy-focused solution.

ownCloud’s open approach also cultivated an ecosystem of third-party developers who created custom apps and integrations. As the software matured, ownCloud Inc. formed to offer commercial support and enterprise services around the platform, though community development continued through the open-source edition.


Nextcloud Forks for Greater Openness

While ownCloud grew popular across individual users and organizations seeking self-hosted storage, tension emerged within the open-source community over the project’s changing direction. As ownCloud Inc. increasingly focused on monetizing enterprise features, some felt it came at the expense of open-source contribution and advancement.

Controversy reached a boiling point in 2016 when Frank Karlitschek resigned as CTO from ownCloud Inc., citing disagreements about the company’s commitment to community-driven open-source development versus commercial interests.

Shortly after his departure, Karlitschek announced Nextcloud as a fork of the original ownCloud codebase. Nextcloud aimed to realign with the open, collaborative ethos of the early ownCloud project.

Under an AGPLv3 license, Nextcloud maintained a strict policy of 100% open-source development, accepting community contributions and eschewing any proprietary code or features. This approach quickly earned Nextcloud favor among the open source community, with many of ownCloud’s original developers migrating to the Nextcloud project.

Over the following years, Nextcloud saw rapid development and innovation driven by its community-centered model. While ownCloud progressed steadily, Nextcloud’s more open approach and collaborative culture allowed it to evolve faster. As a result, Nextcloud pulled ahead of ownCloud in terms of features, apps, and overall momentum.


ownCloud vs Nextcloud: Comparing Key Features and Capabilities

Thanks to their shared origin story, ownCloud and Nextcloud have substantial overlaps in their core functionality for file management and collaboration. However, some key areas of divergence have also emerged, enabling each platform to play to its unique strengths.


File Sync and Sharing

As expected given their common ancestry, both ownCloud and Nextcloud excel at syncing and sharing files across desktop and mobile. Support for Windows, Mac, Linux, iOS, and Android gives users platform-agnostic access to stored files. Both also offer important sync and share capabilities like:

  • End-to-end encryption of file transfer and storage
  • File versioning for easily rolling back changes
  • Advanced permission controls on shared files and folders
  • Password protection and expiration of shared links
  • File commenting for better collaboration

Overall, ownCloud and Nextcloud are on par in handling the fundamentals of file management and sharing. Users can comfortably rely on both platforms to deliver a streamlined, consistent experience across devices.



Data security is understandably a top priority for organizations considering self-hosted cloud infrastructure. ownCloud and Nextcloud both incorporate essential security capabilities like SSL/TLS encryption, brute force attack protection, and two-factor authentication (2FA).

However, Nextcloud’s position as a 100% open-source platform gives it an edge in transparency and vulnerability response. With all code out in the open, Nextcloud benefits from many more eyes identifying potential issues. ownCloud’s open-core model means some code remains proprietary and thus less scrutinized.

In terms of encryption, ownCloud reserves its most advanced Encryption 2.0 capability exclusively for paying Enterprise customers. Nextcloud has no such restrictions, giving free open-source users access to cutting-edge security features.


Custom Apps and Integrations

A major benefit of self-hosting is the ability to customize your cloud storage platform through apps and API integrations. Both ownCloud and Nextcloud have app marketplaces enabling users to augment functionality, but Nextcloud’s is significantly broader:

  • Nextcloud Apps – Over 300 apps spanning storage, productivity, communications, integration, and more
  • ownCloud Apps – Around 140 apps currently available

With Nextcloud’s more active open-source community continuously contributing new apps and updates, it generally outpaces ownCloud in expanding potential functionality through customization.


Mobile Apps

Accessing files from mobile devices is a baseline capability for any modern file storage platform. Both ownCloud and Nextcloud provide official mobile apps for iOS and Android that enable similar functionality like:

  • Browsing, searching, and managing cloud-synced files
  • Sharing files internally and externally through public links
  • Automatically uploading photos/videos from mobile
  • Passcode locks and device-specific access controls

While core mobile capabilities are on par, Nextcloud’s app sees a higher velocity of updates and improvements. Recent additions like auto-upload over WiFi and file suggestions reflect Nextcloud’s more agile open-source development.


Collaborative Capabilities

Let’s examine ownCloud vs Nextcloud for teams wanting to collaborate closely on documents. Both incorporate useful productivity features like:

  • Real-time collaborative document editing
  • File version histories for tracking changes
  • Commenting on files
  • Calendar and contacts syncing
  • Instant messaging

Here capabilities are nearly even, though Nextcloud offers richer formatting options in its online document editor. Both provide the basics teams need for close collaboration, with room to augment via third-party apps.


Interface and User Experience

Within the ownCloud vs Nextcloud debate is the UI and UX perspective. Both share a similar visual style and layout given their origins. However, Nextcloud’s open-source community has invested heavily in refining and modernizing user experience.

Enhancements include streamlined navigation, mobile optimizations, and overall smoother performance. Nextcloud also offers dark mode and other visual customizations not available in ownCloud. While not radically different, Nextcloud does lead in UX refinement.


Release Cadence and Support

By nature of their open source models, ownCloud and Nextcloud show some divergence in release schedules and availability of support:

  • ownCloud follows scheduled major version releases every 4-5 months with “point” updates in between. Paid enterprise support is required.
  • Nextcloud follows a continuous delivery model with new features added weekly. Offers paid enterprise support alongside community forums.

Ultimately, both operate frequent release cycles enabling regular improvements. Nextcloud’s open source model enables more fluid updates, while ownCloud follows a more structured cadence.


ownCloud vs Nextcloud: Factors to Consider in Your Decision

With an understanding of their respective strengths, let’s examine key points to consider when choosing between ownCloud and Nextcloud:

  • Open source philosophy – If maintaining a completely transparent, community-driven platform is paramount, Nextcloud is likely the better choice based on its unwavering open-source commitment.
  • Pace of innovation – The open collaboration model of Nextcloud enables it to iterate and release new capabilities faster than ownCloud in most cases.
  • App ecosystem breadth – Nextcloud provides significantly more apps and integrations to extend functionality.
  • Security requirements – Nextcloud’s fully public codebase arguably allows more rapid detection and patching of vulnerabilities.
  • Budget constraints – ownCloud’s open core model requires payment for some advanced features, while Nextcloud is 100% open source.
  • Support needs – ownCloud provides integrated enterprise support, while Nextcloud offers community help to free users.

By weighing these key variables against your organizational needs, you can determine the right self-hosted platform for your environment and use case.


An Alternative: MyWorkDrive

For Windows-centric organizations seeking secure remote file access without migrating infrastructure, MyWorkDrive offers a streamlined solution purpose-built for this goal. Rather than a separate Linux-based file hosting platform, MyWorkDrive integrates natively with Active Directory and Windows file shares to extend access.

Key advantages of MyWorkDrive include:

By uniquely integrating with Windows environments without disruption, MyWorkDrive simplifies secure remote file access for distributed teams. Avoiding migration complexity makes it a compelling alternative to consider alongside OwnCloud and NextCloud.

Specifically compared to OwnCloud, MyWorkDrive delivers proper simultaneous file locking, Office document editing, automated AD user provisioning, and a robust browser interface lacking in OwnCloud.

And versus NextCloud, MyWorkDrive similarly provides unparalleled native AD and Windows share integration, avoiding the LAMP stack entirely for easier Windows management.

For IT leaders balancing evolving remote work needs with legacy infrastructure realities, MyWorkDrive warrants evaluation as a frictionless enabler of secure file access for distributed teams.


Evaluating the Right Path Forward

Transitioning to self-managed infrastructure for privacy and control is a complex undertaking with many technical and business factors at play. For organizations weighing a move to self-hosted storage, the ownCloud vs Nextcloud debate represents compelling open-source options, each with unique strengths.

By taking a thorough, needs-based approach, IT leaders can chart the right course between these community-driven platforms or alternative solutions like MyWorkDrive. With shared aims but different open-source philosophies, each brings benefits to today’s distributed enterprises.

January MyWorkDrive Newsletter 2024

Exceptional Tech Support

In today’s modern tech world, SaaS products are becoming increasingly complex. With trainings, webinars, and long support calls, finding the solutions to sticky situations can be a costly time suck. That’s why a product with a stellar support staff is vital. Unfortunately, many organizations are making support an afterthought. Once a product is purchased there is little regard for continued customer satisfaction and when a problem arises the customer is pawned off to a token support staff often located offshore.

When customers encounter issues or have questions, the quality of support they receive plays a pivotal role in shaping their perception of a brand. Slow response times, unhelpful or uninformed replies, and a lack of empathy can leave customers feeling undervalued and disheartened. This negative experience not only affects their current transaction but also tarnishes a brand’s reputation, as dissatisfied customers are likely to share their grievances with others.

Moreover, inadequate support can lead to increased customer churn. When customers don’t feel their concerns are addressed promptly and effectively, they are more likely to explore alternatives. Losing customers not only impacts revenue but also erodes the trust and loyalty a brand has worked hard to build.

At MyWorkDrive, we understand the significance of exceptional customer support. That’s why we prioritize providing robust and effective US-based support. Our team is committed to ensuring that your queries are addressed promptly and with the utmost care. We believe in going the extra mile to enhance your experience with our product.

Some vendors seem to value only an initial purchase, charge for poor support, and pester customers with upselling. This goes against the founding principles at MyWorkDrive.

In contrast to the drawbacks of subpar support, investing in a reliable support system can lead to improved customer satisfaction and loyalty. We are proud to offer a support system that stands out in the industry – one that values your time and concerns.

As previously mentioned, we have heard that some other remote file-share access platforms have been dropping the ball lately when it comes to support, with no improvement in sight. This makes us concerned at MyWorkDrive as this is not a norm that should be standardized across our industry. On the other hand, we are proud to do what we do and keep our customers satisfied. MyWorkDrive does not, and will never, charge extra fees for support.

FAQ Spotlight

What is CMMC Compliance and How Does it Relate to File Share Access?

CMMC stands for Cybersecurity Maturity Model Certification. It’s a verification program that helps the US Department of Defense (DoD) determine if an organization is secure enough to work with sensitive data. CMMC is required for anyone in the DoD supply chain, including contractors, vendors, and subcontractors. The goal of CMMC is to protect information from unauthorized use or disclosure.

MyWorkDrive enables organizations to deploy file sharing that meets CMMC compliance standards on their own Windows file server infrastructure while still providing users with an enterprise file share collaboration and remote access solution without migrating files to proprietary cloud storage sync/share services.

Click here to learn more about MyWorkDrive and CMMC compliance.

Version 7 Preview Webinar Recording Now Available

We are excited to announce that the webinar of MyWorkDrive Server 7.0, which is soon to be released to preview, is now available for viewing. Version 7 adds many new features and enhancements including Azure AD(Entra) native authentication and Azure file shares over API support.

In the webinar, we demonstrate the use cases for MyWorkDrive including the new features and enhancements in MyWorkDrive version 7.0.

Azure AD/Entra ID Native Authentication

Starting with version 7.0, we are adding a new option to authenticate using Azure AD/Entra ID which will no longer require setting up SAML or integrating with Active Directory. SMB and Azure file storage will utilize Azure AD/Entra ID users and groups assigned to shares natively when determining user access.

Azure File Shares API Access

Currently, in MyWorkDrive 6.x, Azure File Shares can only be accessed through SMB and Active Directory. In version 7 we are adding the ability to connect to Azure File Shares through Azure APIs and Azure AD/Entra. Providing Azure File Share access over API greatly simplifies setup reducing complexity and ongoing costs as Active Directory will no longer be required on Azure File Shares. In addition, Azure File Shares over API greatly improves performance with lower-tier Azure storage.

Azure Blob Storage API Access

In version 7 we are adding the ability to connect to Azure Blob Storage through Azure APIs and Azure AD/Entra. Azure Blob Storage supports NTFS-style permissioning at the file and folder level using Data Lake Gen2. Our goal will be to support Data Lake/Azure AD fine-grained permissions through our Azure Blob Storage API integration.

Register to view the webinar recording:

Complete the registration form below to view the video instantly:

  • This field is for validation purposes and should be left unchanged.


What is Private Cloud Storage?

graphical explanation of private cloud with 3 parts

What is Private Cloud Storage?

A private cloud refers to a dedicated cloud computing environment exclusive to a single organization. All underlying compute resources, such as CPU and storage, are provisioned on demand through a self-service portal, and all resources remain under the control of the organization. Also known as an internal or corporate cloud, a private cloud provides a higher level of control and security compared to public or hybrid cloud solutions.

What Are Public Clouds and Hybrid Clouds?

Public Cloud:

Managed by a third-party provider, offering scalability and automation. It is cost-effective and provides a broad range of services to a global user base. The purchase and upkeep of physical data centers and servers are not required.

For instance, a startup might use AWS to host its web applications and databases. By doing so, the startup can take advantage of the scalability and flexibility offered by AWS, only paying for the resources it consumes on a pay-as-you-go basis. The public cloud model allows businesses to access a vast array of services and resources without the burden of managing and maintaining the underlying infrastructure, making it an attractive option for companies of all sizes. Other examples of public cloud providers include Microsoft Azure, Google Cloud Platform, and IBM Cloud.

Hybrid Cloud:

Integrates both public and private clouds, allowing seamless data and application migration between environments for enhanced flexibility and management. In this case, a private physical infrastructure may be utilized with public cloud resources handling tasks that require less security or more computing power.

For example, a company maintains sensitive customer data and critical business applications on a private cloud hosted in its on-premises data center. Simultaneously, the company uses a public cloud service, such as Amazon Web Services (AWS) or Microsoft Azure, to handle additional computing resources for non-sensitive workloads or to accommodate spikes in demand.

A private cloud storage solution might host the customer database and financial applications to ensure strict control and compliance with regulatory requirements. Meanwhile, the public cloud could be utilized to deploy web applications, conduct data analytics, or manage less sensitive information. The hybrid cloud architecture allows the organization to balance the need for security and compliance with the flexibility and scalability offered by the public cloud.

Origin of the Term Private Cloud:

The term “private cloud” or “private cloud storage” originated in the context of the evolution of cloud computing. Before the advent of cloud services like Amazon Web Services (AWS) or Microsoft Azure, organizations traditionally owned, purchased, and maintained their own hardware, including servers, storage devices, and networking equipment. This infrastructure was typically housed in on-premises data centers or co-location facilities to support the organization’s IT operations.

When the concept of cloud computing was introduced, it allowed users to access computing resources on-demand over the internet, some organizations sought to replicate this cloud model within their internal infrastructure. They aimed to provide similar benefits, such as flexibility and resource scaling, but within the confines of their own data centers.

To distinguish between these internally managed cloud environments and third-party public cloud services, the term “private cloud” was introduced. The “private” designation emphasizes the dedicated and isolated nature of the cloud infrastructure, which is exclusively used by a single organization rather than being shared with multiple users or entities.

Benefits of a Private Cloud Storage:

Private clouds offer a range of advantages that cater to specific organizational needs. One key benefit is enhanced security, as private clouds provide a dedicated environment where organizations have greater control over security measures. This is appealing for industries dealing with sensitive data or those subject to stringent regulatory compliance standards. The customization and control afforded by private clouds allow organizations to tailor their infrastructure to unique specifications, including the selection of hardware, software, and network configurations.

In addition to security and customization, private clouds are recognized for their compliance capabilities. Industries such as healthcare, finance, and government, which face rigorous regulatory standards, often find private clouds to be a suitable solution. The predictability of performance in a private cloud, owing to the lack of resource sharing with other users, is crucial for mission-critical workloads. The scalability of private clouds provides flexibility in resource allocation, enabling organizations to efficiently adapt to varying workloads while maintaining optimal performance.

Private Cloud Architecture:

Private cloud architecture shares similarities with public cloud setups and involves technologies such as virtualization, management software, and automation. Virtualization abstracts IT resources from physical hardware, management software ensures centralized control, and automation speeds up tedious tasks, making infrastructure management more efficient.

Private cloud storage comes in various forms:

  • On-Premises Private Cloud: Deployed in an internal data center, requiring resource purchase, maintenance, and security management.
  • Managed Private Cloud: Fully managed by a third party in an external data center, offering convenience and support.
  • Virtual Private Cloud: Deployed within a public cloud infrastructure, combining the convenience of public cloud resources with additional control and security.

MyWorkDrive and Private Cloud Storage:

MyWorkDrive is the leading choice when implementing private cloud storage.

MyWorkDrive outshines competitors like Egnyte and ShareFile. Unlike Egnyte, MyWorkDrive seamlessly integrates into existing Windows File Share infrastructure, OneDrive, or SharePoint, offering a cost-effective alternative with secure remote file access and no need for data migration.

Using MyWorkDrive to implement private cloud storage, with files remaining in place, can be significantly more cost-effective than Egnyte.

MyWorkDrive uniquely enables remote office document editing with native Office 365 online and Office Mobile Apps on local file shares, avoiding the need for cloud syncing before editing as is the case with ShareFile.

Its reduced administration overhead, better Web Browser Client, and robust security measures, including SHA256 Encryption, make MyWorkDrive the preferred choice for organizations seeking a secure, collaborative, and user-friendly private cloud storage experience.

Entra ID Licensing Features and MFA Options for MyWorkDrive customers

This article summarizes Entra ID subscription and MFA options for MyWorkDrive customers.

Entra ID License Options

A summary of Entra ID (Azure AD) subscription options which may be relevant to MyWorkDrive customers

Summarized From


Included with Microsoft cloud subscriptions such as Microsoft Azure, Microsoft 365, and others.

Authentication, single sign-on and application access
Multifactor authentication and conditional access

The Free license would provide the minimum features required to use MyWorkDrive. You can deploy Entra ID Login for MyWorkDrive and use MFA to protect your user accounts.

P1 License

Microsoft Entra ID P1 (formerly Azure Active Directory P1) is available as a standalone or included with Microsoft 365 E3 for enterprise customers and Microsoft 365 Business Premium for small to medium businesses.

P1 includes the same features as Free, with some additional sub-features

Authentication, single sign-on and application access
also includes

  • Group assignment to applications (makes assigning users to applications easier, if you are not selecting the “assign all” option)
  • Application proxy for on-premises, header-based, and integrated Windows authentication. (Read about deploying App Proxy here)

Multifactor authentication and conditional access
also includes

P2 License

Microsoft Entra ID P2 (formerly Azure Active Directory P2) is available as a standalone or included with Microsoft 365 E5 for enterprise customers.

P1 and P2 Entra ID licenses enable additional features and allow additional flexibility for MyWorkDrive customers users.

P2 offers no additional features over P1 which are commonly used by MyWorkDrive customers.


MFA options with Entra ID Licenses

MFA Options MyWorkDrive customers may choose to deploy for their users.

MyWorkDrive strongly encourages the use of Multifactor Authentication for all user accounts.

Summarized from


You can use security defaults to prompt users for multifactor authentication as needed but you don’t have granular control of enabled users or scenarios, but it does provide that additional security step.
Even when security defaults aren’t used to enable multifactor authentication for everyone, users assigned the Microsoft Entra Global Administrator role can be configured to use multifactor authentication. This feature of the free tier makes sure the critical administrator accounts are protected by multifactor authentication.

Microsoft 365 Plans

Microsoft Entra multifactor authentication can be enabled for all users using security defaults. Management of Microsoft Entra multifactor authentication is through the Microsoft 365 portal.

P1, P2 Licenses

You can use Microsoft Entra Conditional Access to prompt users for multifactor authentication during certain scenarios or events to fit your business requirements.

The free and Microsoft plans provide sufficient protection, but P1 and P2 licenses offer greater flexibility of options via Conditional Access.

MyWorkDrive now available in the Rippling Store

We’re excited to announce that MyWorkDrive is now available on the Rippling App Shop. Rippling is a leading HR management platform that makes it easy to manage your employees’ apps and workflows.

With Rippling and MyWorkDrive, you can provide your team with secure access to important files without complex VPNs or data migration. This integration creates a streamlined experience for your business.

Rippling offers a comprehensive solution to manage HR and IT, including over 700 app integrations. The activity stream gives you real-time visibility into employee app usage.

MyWorkDrive enables remote access to your files wherever they live. Together with Rippling, we can help you simplify employee onboarding, organize HR documents, and keep your workforce connected.

Check out MyWorkDrive today on the Rippling App Shop or in our Rippling SAML support article to experience the benefits of our integrated platforms. We believe this partnership will create more efficient workflows and an improved experience for your business and employees.

October MyWorkDrive Newsletter 2023

Software Development Risks

In today’s interconnected world, the software we use plays a pivotal role in our lives, from personal communication to business operations. Concerns over the security and privacy of our digital lives are increasing, especially when using software developed and supported in countries whose governments have divergent political motives.

Data privacy is a fundamental right that should be upheld across the globe. However, many governments do not adhere to the same level of data protection as those with a stronger tradition of human rights-based regulatory, legal, and social norms. This is partly due to the absence of robust data protection regulations, oversight, and freedom of expression found in countries like the United States and the European Union. The absence of stringent data privacy laws in some countries can leave users with little recourse when their data is mishandled or exploited. Breaches of data privacy can lead to severe consequences, including identity theft, cyber espionage, and loss of personal information.

One of the central issues contributing to the security risks associated with software from nefarious countries is the stark contrast in regulatory frameworks. Countries like the United States and the European Union enforce the strictest data protection laws in the world, such as the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPPA), the Gramm-Leach-Bliley Act (GLBA), the California Consumer Privacy Act (CCPA), and the Privacy Act of 1974, which demand companies use, protect, and collect data, as well as report data breaches in a highly regulated and responsible way amongst many other things.

On the other hand, other counties might maintain a façade of data privacy and security regulations, while at the same time allowing for greater government involvement and less oversight over data handling practices. This institutional disparity creates an environment where governments may more easily exploit or access user data without their informed consent, or create cases in which firms may be compelled to promptly hand over user data.

The use of software from countries with ambiguous intentions presents substantial security risks. Government control, the looming threat of backdoors, weak data privacy regulations, and regulatory differences all combine to heighten these risks. Users and organizations must approach their digital lives with heightened vigilance and prioritize data security and privacy when vetting software purchases. As the debate on balancing security and access continues globally, users must remain informed and cautious in their choice of software, safeguarding their digital assets.

This is why when choosing a software vendor one must consistently scrutinize its methods, practices, fidelity, and country of origin. MyWorkDrive not only leads the industry in file-share remote access technology but also adheres to the strictest sets of standards and ethics when it comes to data privacy. And of course, all MyWorkDrive assets, employees, and development has always been and will always be located in the United States and the European Union.

FAQ Spotlight

What is Vendor Lock-in and How Does it Relate to File Share Access?

Vendor lock-in refers to a situation where a customer becomes heavily dependent on a particular vendor’s products or services, making it difficult to switch to an alternative vendor without significant cost or disruption. In the context of accessing file shares, vendor lock-in can occur when an organization relies on a file share access platform or service that uses proprietary formats or systems. This dependence can make it challenging to migrate data and processes to a different file-sharing solution if the need arises. It’s important to be aware of vendor lock-in when choosing file-sharing tools to maintain flexibility and avoid potential limitations down the road.

MyWorkDrive’s platform-agnostic approach, avoidance of proprietary formats, and data ownership on your servers prevent vendor lock-in. This empowers organizations to maintain control over their data and infrastructure, eliminating the need to migrate files to cloud storage providers with vendor lock-in. Our file server sharing software allows enterprises to securely access cloud files without compromising security and with easy deployment.

Click here to learn more about vendor lock-in and the associated costs it brings.


What is SMB File Sharing? A Comprehensive Guide


example of sever message block file sharing


Today we will provide an explanation of SMB (Server Message Block) – the bedrock of seamless file sharing and a linchpin of modern business collaboration. What is SMB? What are its uses and what are its drawbacks?


SMB: Tracing the Evolution

SMB’s origins can be traced back to the early 1980s, when IBM introduced a protocol to facilitate file and printer sharing within LAN Manager networks. Over subsequent years, it underwent iterative improvements, eventually evolving into the robust SMB protocol integral to contemporary networking landscapes.


The Essence of SMB

SMB, which stands for Server Message Block, serves as a fundamental network file-sharing protocol allowing applications and users to effortlessly access and share files, printers, and various resources on a local network. It operates as an application-layer network protocol, supporting shared access to files, printers, serial ports, and facilitating seamless communication between network nodes.

In a more detailed technical perspective, SMB plays a crucial role in enabling the smooth exchange of data between devices operating on different systems, be it Windows, Linux, or Mac. By acting as a universal language for devices within a networked environment, SMB ensures effective collaboration and communication.

This protocol forms the backbone for secure and controlled access to files on remote servers, while also providing the necessary framework for connecting to resources such as printers, mailslots, and named pipes. Through a response-request model, SMB establishes a reliable communication channel by allowing clients to initiate connections with servers, triggering a two-way exchange of information crucial for efficient network operations.

Over time, SMB has evolved from its reliance on NetBIOS over TCP/IP and legacy protocols to directly running over TCP/IP on port 445. It is worth noting that for devices lacking direct SMB support over TCP/IP, the use of NetBIOS over a transport protocol like TCP/IP remains essential for seamless communication.


Real-World Applications of SMB

Now let’s illustrate the practicality of SMB through real-world use cases:

Corporate Collaboration and Data Exchange

In a bustling corporate ecosystem, collaboration and data sharing form the lifeblood of efficient operations. SMB makes possible the secure and efficient sharing of files among employees, ensuring that critical documents, projects, and resources are seamlessly accessible to authorized users.

For example, a marketing firm requires SMB file sharing to successfully manage a campaign. The creative team is responsible for designing promotional material and needs swift access to various image and video files stored on the company’s server. Through the integration of SMB, team members can easily share their latest creations with the content writers and marketing strategists. SMB protocol ensures ad concepts, branding visuals, or social media assets, are securely and efficiently shared within the team.


Retail and Point-of-Sale Systems

Within the retail sector, SMB is instrumental in enabling smooth communication between point-of-sale (POS) systems, inventory management software, and other vital retail applications. This integration ensures swift and accurate transaction processing, inventory updates, and sales reporting.

For example, in a boutique clothing store when a customer purchases a new outfit at the store’s POS terminal SMB integration is evident. The POS system swiftly records the transaction deducting the purchased items from the inventory. Simultaneously, sales data is transmitted to the accounting software for real-time financial reporting. This integration not only ensures accurate stock levels but also enables the store manager to make informed decisions on restocking popular items based on the sales data, ultimately optimizing the retail operation.


Downsides to using SMB for File Sharing

While SMB (Server Message Block) is a powerful tool for seamless file sharing and collaboration, it’s essential to recognize and address its associated security concerns. Understanding these concerns is crucial for implementing robust security measures and ensuring a safe network environment. Let’s delve into the notable security issues related to SMB:


SMB Version Vulnerabilities

Different versions of SMB have had various security vulnerabilities. Older versions like SMBv1 have been particularly problematic, with known vulnerabilities like EternalBlue, which was famously exploited in the WannaCry ransomware attack. It’s critical to use the latest and most secure versions of SMB and disable older versions to mitigate these risks.


Unencrypted Data Transmission

By default, SMB does not encrypt data during transmission, making it susceptible to eavesdropping and data interception. Attackers can potentially gain unauthorized access to sensitive information passing through the network. Utilizing encryption protocols like SMB over HTTPS (SMB 3.1.1+) or VPNs can significantly enhance data security.


Brute Force Attacks

Attackers may attempt to gain unauthorized access by using brute force attacks, trying different username and password combinations until they find the correct credentials. Implementing strong password policies, account lockout mechanisms, and multi-factor authentication (MFA) can help deter these attacks.


Weak or Default Credentials

Insecure default passwords or weakly configured credentials are a common point of entry for attackers. It’s crucial to change default passwords and ensure strong, unique passwords for all SMB-enabled devices. Regularly updating and managing credentials is equally important.


Unauthorized Access and Permission Issues

Misconfigured access controls and inadequate permission management can lead to unauthorized access to files and directories. Employing the principle of least privilege and regularly reviewing and adjusting permissions based on roles and responsibilities is vital to mitigate this risk.


Malware and Ransomware

SMB has been a favored target for malware and ransomware attacks due to its widespread usage. Attackers exploit vulnerabilities in SMB to propagate malware across networks and encrypt files for ransom. Regular security updates, network segmentation, and robust endpoint protection are essential defenses against such threats.


Man-in-the-Middle (MitM) Attacks

SMB traffic can be intercepted by malicious actors using MitM attacks. This could lead to session hijacking, data tampering, or data theft. Employing encryption (as in SMB 3.1.1+), using digital certificates, and configuring secure channels can mitigate the risk of MitM attacks.


Lateral Movement and Pass-the-Hash Attacks

Once inside a network, attackers may leverage SMB to move laterally across systems by exploiting stolen credentials (e.g., hashed passwords). Implementing network segmentation, regular password changes, and restricting unnecessary SMB traffic can help prevent these attacks.


The Significance of SMB in Modern Business

Despite its drawbacks, the utilization of SMB remains commonplace in the contemporary workplace. The magic of SMB lies in its ability to effortlessly unite disparate systems and devices under a common file sharing language. It’s the cornerstone of modern data sharing, a testament to the evolution of networking, and a pivotal component in driving businesses forward into a future of seamless collaboration.

SMB is a fundamental technology that plays a critical role in modern networked environments. While it may be taken for granted by some users due to its ubiquity and ease of use, IT professionals and those responsible for managing network infrastructures understand its significance and work to ensure its proper implementation and security.

However, SMB alternatives do exist for remote file access. MyWorkDrive has been a pioneer in the industry by crafting a unique approach to accomplish this. MyWorkDrive converts Windows-based SMB/CIFS file shares into secure file shares that can be accessed anywhere using TCP https/SSL port 443 over highly encrypted RSA 4096 and TLS 1.2 FIPS compliant protocols.

For businesses of all sizes, SMB (Sever Message Block) is a linchpin that harmonizes diverse operating systems, enabling a cohesive digital ecosystem. MyWorkDrive builds off this to fortify and reinforce security protocols for file sharing across varied organizations.



What’s The Difference Between Samba and SMB?

Samba and SMB are related in that Samba is an open-source implementation of the SMB protocol for Unix systems and Linux distributions. Released in 1992, Samba acts as a server that allows various client types to access resources using the SMB protocol. SMB, which stands for Server Message Block, is a networking file sharing protocol that operates over TCP/IP networks. Samba essentially provides compatibility and interconnection between Linux/Unix systems and Windows systems using the SMB protocol. Through Samba, Unix/Linux servers can offer file sharing, print services, authentication and authorization, name resolution, service announcements, and integration with Active Directory for Windows clients. In summary, SMB is the protocol, while Samba is a software suite that implements the SMB protocol for Unix/Linux systems.


What’s The Difference Between CIFS and SMB?

CIFS (Common Internet File System) is an early version of the SMB (Server Message Block) protocol created by Microsoft. While SMB and CIFS are often used interchangeably, CIFS specifically refers to a particular implementation of SMB. It’s important to note that there are distinctions between different dialects of the SMB protocol. For instance, older versions like SMB 1.0 and CIFS lack the enhanced security features present in newer dialects like SMB 3.0, which offer more advanced security protections against threats like ransomware such as WannaCry. As a result, modern systems typically rely on the newer SMB dialects for improved security measures. For example, Windows 10 supports SMB 3.1.1, the latest version of the protocol at the time of writing.


Is The SMB Protocol Safe?

The security of the SMB protocol has evolved over time. In the past, vulnerabilities in older versions like SMB 1.0 were exploited by ransomware attacks such as WannaCry and Petya. These incidents highlighted the risks associated with outdated SMB versions and prompted Microsoft to release patches and recommend disabling SMB 1.0/CIFS to enhance security. However, newer versions like SMB 3.0 and above have introduced significant enhancements to bolster security. These improvements include features such as end-to-end data encryption, protection against eavesdropping, secure dialect negotiation, and enhanced encryption capabilities. Additionally, SMB 3.1.1 further improved security by adding pre-authentication integrity and the ability to negotiate crypto-algorithms on a per-connection basis. Overall, the evolution of SMB versions towards greater security features indicates that modern iterations of the protocol are far more secure than their predecessors. By adopting newer SMB versions and implementing recommended security measures, users and administrators can significantly enhance the safety of their systems and data when using the SMB protocol.


What are SMB Protocol Dialects?

SMB protocol dialects refer to various versions and iterations of the Server Message Block protocol that have been developed over time. These dialects have been introduced to enhance the functionalities, security, scalability, and efficiency of the original SMB protocol. Some of the notable SMB protocol dialects include SMB 1.0 (1984), CIFS (1996), SMB 2.0 (2006), SMB 2.1 (2010), SMB 3.0 (2012), SMB 3.02 (2014), and SMB 3.1.1 (2015). Each dialect builds upon the previous version, introducing improvements and new features to meet the evolving needs of network communication and file sharing within SMB environments.

The performance Difference: Apple’s M1 vs. M2 Processors with Single NAND Chip SSDs

MyWorkDrive was heavily invested in the new ARM based Apple processors during their development, with dev kits and active development of our macOS client in the run up to the M1 launch.

When production units arrived, we eagerly picked up a number of new Macs – M1 Pro for development, Minis for QA and your author picked up a MacBook Air to join in as additional testing. It was important to us to ensure we had a stable, reliable macOS client for early adopters.

The M1 Processor Macs showed to be much faster out-of-the-box than Intel based Macs of similar (and even greater) spec. And the battery life was amazing. Our client worked very well (with some small setup challenges for the file system driver).

When the M2 came out, we looked eagerly to upgrade. Expecting even better battery life and performance increases in the M1 to M2 akin to what we’d see going from Intel to M1.
We were surprised to find the M2 was not much faster, and in some cases actually even slower than the M1 equivalents. Customers noted the same thing. Wondering if we’d changed our software or built something different for the M2 – or what was different. Disk operations like loading directories and file writing are significantly slower on the entry level M2 MacBook Air as compared to an equivalent M1 MacBook.
We hadn’t made any changes, and our dev team didn’t find any reason in the macOS software that would have caused any performance changes. And running macOS Ventura (10.13) on M1 Macs didn’t show the performance issues. At was certainly something in the M2 that was different from the M1, that our software seemed particularly impacted by.

Thanks to community research and articles from The Verge and ArsTechinca (1) (2), we now know that the issue relates to Apple’s choice to use a single NAND chip in the 256gb SSD for the M2 processor machines, instead of two NAND chips which where used in the M1 models.

Disk Speed: A Crucial Aspect of Performance

Disk speed is a critical factor that impacts overall system performance. It determines how quickly data can be read from and written to the storage drive, which affects tasks like booting up the system, launching applications, and handling large files. This is particularly true for MyWorkDrive on macOS using Apple’s File Provider to make remove files available to end users. Files and metadata are retrieved from the MyWorkDrive server and passed through Apple’s file provider to Finder, a process which reads data in via API and writes it to disk.

You’ll have both disk writes (to make the data available) and disk reads (by the user accessing the data), so SSD Performance is critical to smooth operation. The M1 does great. The entry level M2 devices, however, suffer some performance decrement.

Apple’s M1: SSD Performance and Beyond

The M1 processor, combined with its unified memory architecture and high-performance SSDs, led to impressive disk speed gains compared to older Intel-based Macs. This was partly due to the efficient integration of the SSD controller and the increased bandwidth of the M1’s memory subsystem. The result was near-instantaneous app launches, swift data transfers, and reduced wait times.

Apple’s M2: The Single NAND Chip SSD Conundrum

As Apple introduced the M2 processor, it continued to prioritize performance and efficiency. However, in certain lower-range M2 Macs, there’s been a shift in the approach to SSD design. Instead of using a multi-chip SSD configuration, some M2 Macs feature a single NAND chip for their SSDs. This design decision might raise eyebrows, considering the potential impact on disk speed.

The Implications of Single NAND Chip SSDs

Using a single NAND chip for an SSD can have both positive and negative implications for disk speed. On one hand, a single NAND chip can lead to cost savings and potentially improved power efficiency due to reduced complexity. On the other hand, it might result in slower disk speeds compared to multi-chip SSD configurations. This is because multi-chip SSDs can leverage parallelism to achieve higher data transfer rates.

For most users, the M2 Macs are still faster than an equivalent Intel based Mac, and performance is as good or better than Windows laptops, so the M2 is still a solid choice.

However, if you haven’t refreshed 256gb Macs from M1, you might want to stick with M1s.
If you do want to upgrade, you might spend the extra money ($200 as of the writing of this article) to upgrade from the 256gb storage model to the 512gb storage model, for users who have high disk utilization demands – creatives, db users, video editors, etc.

Storm-0558 Breach Shakes Microsoft: A Wake-Up Call for Cybersecurity

In recent weeks, the tech world has been abuzz with the news of the “Storm-0558” breach at Microsoft, sending shockwaves throughout the industry. The incident, which occurred on July 20, 2023, has raised serious concerns about cybersecurity and the need for heightened vigilance in safeguarding sensitive information.

The breach was the result of a sophisticated cyberattack carried out by an unknown group of hackers. They managed to infiltrate Microsoft’s systems, gaining unauthorized access to a significant amount of sensitive data. As one of the world’s leading technology giants, Microsoft’s platforms host vast volumes of sensitive information, including customer data, proprietary code, and strategic plans.

The breach gave hackers access to emails for at least 25 US government agencies, and had the potential to be used for “multiple types of Azure Active Directory applications, including every application that supports personal account authentication, such as SharePoint, Teams, OneDrive, customers’ applications that support the ‘login with Microsoft’ functionality, and multitenant applications in certain conditions,” according to research from Shir Tamari on Wiz, published July 21

While Microsoft quickly took action to mitigate the damage and contain the breach, the incident served as a stark reminder that even the most advanced tech companies are not immune to cyber threats. The breach is likely to have far-reaching consequences for Microsoft, its customers, and the broader tech community.

Here are some key takeaways from the Storm-0558 breach:

Heightened Cybersecurity Measures: The breach has underscored the need for companies to invest in robust cybersecurity measures continually. As hackers become increasingly sophisticated, organizations must stay ahead by implementing the latest security protocols and conducting regular risk assessments.

Customer Trust: Data breaches can severely impact customer trust. With cyberattacks on the rise, it’s essential for companies to be transparent with their customers, informing them of any potential data exposure and implementing measures to regain trust.

Raising Cybersecurity Awareness: The breach is a stark reminder to individuals and employees about the importance of cybersecurity awareness. Regular security training and adherence to company policies can go a long way in preventing similar incidents.

While the full impact of Storm-0558 is yet to be seen, the breach serves as a wake-up call for the entire tech industry. Cybersecurity threats are evolving rapidly, and organizations must remain vigilant and proactive in defending against them.

MyWorkDrive solves one of the core issues in the breach noted by Tara Seals on DarkReading (July 21, 2023), the lack of logging about user activities. With MyWorkDrive you have user event logging for all logins and file operations natively, with the ability to pass those events to your SEIM via Syslog.

Addition security features such as DLP/Restricted mode, Device Approval, and deployment behind Azure AppProxy with compliant devices, can be leveraged to mitigate the data exposed in the case of unauthorized access.