MyWorkDrive Version 5.4 released to production

We are excited to announce version 5.4 of MyWorkDrive server and Windows client is now live for production use.  With this release, MyWorkDrive now supports faster download speeds on both the Web and Windows Mapped Drive clients.

 

Install Server Software

MyWorkDrive Version 5.4 is primarily focused on speed improvements.  All clients are advised to update to the latest version of 5.4 following normal review and accommodating normal maintenance windows. Detailed upgrade instructions can be found in our Server Upgrade Guide.

Server

  • Download speed improvements by up to 500%
  • Cloud Web Connector/Office 365 Reverse Proxy connectors will be migrated to Cloudflare Tunnels to improve performance & security.
  • UI improvements across all clients
  • Folder Upload improved messaging
  • Office Online Editing Speed improvements

Numerous other enhancements and fixes – Release notes are here.

Windows Mapped Drive

  • Internal File Sharing Links using UNC Paths
  • Mapped Drive Letters now use UNC Paths for compatibility with legacy SMB sharing
  • Improved login/logout performance
  • Improved refresh of file locks
  • Improved Download Speeds
  • Extract an MSI from Exe for easy deployment
  • Cloud Web Connector (*.myworkdrive.net) now allowed in mapped drive (100 MB file size Maximum)

Numerous other enhancements and fixes – Release notes are here.

**Important note for MyWorkDrive Servers 5.2 & earlier**

We will be ending support for Server Version 5.2 and earlier on 15 Jan 2020, and your server will no longer be licensed as of this date if not upgraded to 5.3. You must upgrade to server version 5.3 or higher prior to 15 Jan 2020. The licensing partner we use for 5.2 and prior versions will no longer be providing licensing or support as of 15 Jan 2020.  This only impacts Server versions 5.2 and older; map drive and mobile clients will continue to function normally

Questions? Need a trial extension? Email us at [email protected] or Phone: 877-705-4997

 

Migrate On-Premise Files Shares to Azure Cloud File Storage

Exciting Article Updates! December 10, 2019

cloud file storageLooking to migrate Windows File Shares to cloud file storage? You’re not alone!

Businesses of all sizes have been searching for the right mix of technologies that will allow them to migrate their on-premise file shares to cloud file storage.

For small businesses and startups, services like Dropbox, Box, Egnyte and SharePoint are a good alternative. 

For larger businesses, governments, higher education and compliance restricted firms, migrating away from private cloud file storage under their own control requires significant planning. 

Larger companies are concerned about the loss of file ownership, data sovereignty, compliance, ongoing costs and navigating costly and complex migrations.

These businesses are considering migrating their file shares to cloud file storage so that they can outsource the management of servers and infrastructure while still desiring to maintain control of their company files and sidestepping the software vendor lock-in associated with EFSS.

Until now they could meet some of these requirements with costly Enterprise File Sync and Share (EFSS) systems on-premise however they were still stuck managing complex migrations, having new databases to manage and license and re-inventing long term backup and data retention plans.

These businesses have been searching for a simple alternative cloud file storage sharing option that provides the same benefits of traditional mapped drives, fast local speeds and secure file remote access. 

The technologies to enable cloud-based file server file shares are now converging with all the components needed to make this dream a reality! Read more

MyWorkDrive Version 5.4 released to preview

We are excited to announce version 5.4 of MyWorkDrive server and Windows client is available for preview.  With this release, MyWorkDrive now supports faster download speeds on both the Web and Windows Mapped Drive clients.

Version 5.4 Preview is primarily focused on speed improvements.  All clients are advised to update to the latest version of 5.3 and may begin testing 5.4 following normal review and accommodating normal maintenance windows. Detailed upgrade instructions can be found in our Server Upgrade Guide.

Server

  • Download speed improvements by up to 500%
  • Cloud Web Connector/Office 365 Reverse Proxy connectors will be migrated to Cloudflare Tunnels to improve performance & security.
  • UI improvements across all clients
  • Folder Upload improved messaging
  • Office Online Editing Speed improvements

Numerous other enhancements and fixes – Release notes are here.

Windows Mapped Drive

  • Internal File Sharing Links using UNC Paths
  • Mapped Drive Letters now use UNC Paths for compatibility with legacy SMB sharing
  • Improved login/logout performance
  • Improved refresh of file locks
  • Improved Download Speeds
  • Extract an MSI from Exe for easy deployment
  • Cloud Web Connector (*.myworkdrive.net) now allowed in mapped drive (100 MB file size Maximum)

Numerous other enhancements and fixes – Release notes are here.

We recommend all customers upgrade to our latest 5.3.2 production server and mapped drive client. All clients are advised to update to version 5.3.2 following normal review and accommodating normal maintenance windows. Detailed upgrade instructions can be found in our Server Upgrade Guide.  See our server release notes here.

**Important note for MyWorkDrive Servers 5.2 & earlier**

We will be ending support for Server Version 5.2 and earlier on 15 Jan 2020, and your server will no longer be licensed as of this date if not upgraded to 5.3. You must upgrade to server version 5.3 or later prior to 15 Jan 2020. The licensing partner we use for 5.2 and prior versions will no longer be providing licensing or support as of 15 Jan 2020.  This only impacts Server versions 5.2 and older; map drive and mobile clients will continue to function normally

Questions? Need a trial extension? Email us at [email protected] or Phone: 877-705-4997

 

Free SSL Certificate with Let’s Encrypt

A FREE SSL Certificate from Let’s Encrypt solves one of the common challenges with testing out MyworkDrive

A common question that comes up when clients trial or deploy a proof of concept with MyWorkDrive is whether they need to use HTTPS and bind an SSL/TLS certificate.

We emphatically say yes, for a few reasons

1) You’re probably trialing with a subset of real data. Even if you’re not, there’s a chance an employee may test with real data out of scope and put that data at risk.

2) You’re going to want to test firewall and security rules as part of your test.

3) You’re going to want a realistic performance test, and https traffic is, typically, a little slower due to the security.

Another argument in the favor of using HTTPS and an SSL/TLS certificate is that the MyWorkDrive clients don’t accept Self Signed certificates, so you’re going to want to apply an SSL/TLS certificate to your MyWorkDrive server if you want to test our Map Drive and Mobile clients.

The the question, of course, where to get a certificate? Some organization will have a wildcard cert, but, getting permission to it may be a challenge. More commonly, we’ll hear that the certificate is only good on the webserver, or that getting permission to spend even the $20 a discount SSL certificate costs is a challenge.

Some organizations aren’t even aware of discount SSL providers (and then you do a web search and discover there are thousands, how do you choose a good one and avoid getting your credit card hacked in the process?)

 

 

The good news is, you can get a valid FREE SSL certificate FOR FREE for no more work than generating a CSR in IIS from Let’s Encrypt, with zero risk of a comprimised credit card and avoiding all the approval challenge in getting a certificate for your poc/trial.

Let’s Encrypt isn’t a scam. Its a non-profit with backer’s you’ve likely heard of – EFF, Cisco, Facebook, Google, Stanford University, University of Michigan and Mozilla.

Let’s Encrypt is pretty simple to execute, but most of the tutorials and literature you’ll find out there refer to implementations in Linux or other open source hosting platforms. There aren’t a lot of tutorials written for Microsoft IIS, but Windows clients do exist and we’ll walk you through using one of the easier to use examples.

SSL Certificate Setup on IIS with Let’s Encrypt

You’ll start with a DNS Entry mapped to an IP (Cname, A Record) and Port 80 and 443 mapped/open and bound to the WanPath.Webclient website on your MyWorkDrive server.

You run a small app (called an Acme client) on your server which does a challenge-response to validate your server, then downloads and even binds the certificate for you.

That’s it!

If there’s any negative, its that the certificates are only valid for 90 days before you have to renew them. But, renewal is as simple as running the client again (and many clients will automatically schedule renewals in Windows Scheduler!).

Oh, and most of the clients run in dos – but they’re fairly straight forward – no complicated paths or case-sensitive strings to type.

Lets walk through a real life example.

  • We’re going to secure the MyWorkDrive server for myworkfolders.net.
  • We’ve installed MyWorkDrive on a server on our domain.
  • We’ve opened Port 80 and Port 443 inbound to our server.
  • We’ve added a DNS entry for fileshare1.myworkfolders.net to DNS, pointed at our new server.

From here, the following steps are completed on the server hosting MyWorkDrive.

We’ll start by editing the bindings in IIS on the MyWorkDrive server to map the port 80 on the WanPath.WebClient site to fileshare1.myworkfolders.net.  At this point, you should be able to access the MyWorkDrive server at http://fileshare1.myworkfolders.net, if you have not marked “require SSL” in settings.

 

We’re going to use the Win-Acme client from PKI Sharp as our client on Windows to access LetsEncrypt. Its available for download as a .zip from https://pkisharp.github.io/win-acme/ There are many other clients available and you may find one you like better. This one just happens to be one we’ve used reliably over the past few years.

We’re going to download version 2.1.0 64-bit pluggable, which is marked Recommended.  You should take the most current version available at the time you download.

 

Once its downloaded, extract it and store it in your favorite location for apps. Remember, you may need this again to renew the certificate in 90 days, so do not discard it. We created a new folder c:\Win-Acme

Launch a command prompt as Administrator and browse to the folder you saved Win-Acme in. Run wacs.exe. It will launch a dos window with a list of questions.

Select N: Create new certificate (simple for IIS)

 

It will prompt you to ask you want to bind.
Select 1: Single binding of an IIS website

You’ll get a list of the websites on your server (which should only be a single SiteId since we only set port 80 on one website). Choose the option with the domain name, in our case 2: fileshare1.myworkfolders.net (SiteId 4)

 

When prompted, enter your email.  The Win-acme client will send you reminder emails to renew your site.

 

TOS – we have experienced trouble getting these to open in the default application as offered. When we said yes the program crashed. Review the terms at the URL printed on screen, and if you have trouble opening them with the default application like we did, go ahead and say NO to the prompt to open them.  If you do say yes and the program crashes, just run it again repeating the same steps until you get to this screen, where you should say No to continue.

 

Agree to the terms when prompted, assuming you’ve reviewed them and they are acceptable.

Win-Acme will then run through the authorization and explain what it has done. In our case, it added new https binding for port 443 as we expected, and then it scheduled a renewal in the scheduler.

Go ahead and select Q to quit, and lets take a look in IIS to verify it added the binding.

Open IIS, open the WanPath.WebClient site and click on Bindings. You should see that an HTTPS entry has been added for your site – in our case fileshare1.myworkfolders.net

 

If you edit the binding, you can use the view option to have a look at the certificate and see the details.

Lets jump on a website on our desktop and see if our site is now available via HTTPS

Looks good. No errors about the certificate, Chrome is showing a lock symbol. You can click into the lock symbol and double check the details.

And thats it! It took longer to read this blog posting than it would to secure your site.

Lets Recap – Let’s Encrypt SSL Certificate Setup steps

Install MyWorkDrive
Set DNS
Open/Map Firewall Ports
Bind your DNS name in IIS
Download Win-Acme
Run Win-Acme
Answer 6 questions
You’re all set! Your Free SSL Certificate is added and bound automatically.

 

Not using MyWorkDrive, but want to use Lets Encrypt and Win-Acme to secure other IIS hosted sites with a Free SSL Certificate? Just follow these directions except at the step where you’re choosing MyWorkDrive, choose the site you want to secure.

Note that at this point you can remove or block the binding for port 80 and just leave port 443 open inbound, however, the Lets Encrypt Win-Acme Free SSL certificate renewal will fail without port 80 being open/mapped. You may want to make a calender event reminder to manually process the renewal in 85 days or so and re-open port 80 temporarily if you are keeping it closed.

Or, just leave Port 80 open and set the “require SSL” option in MyWorkDrive settings.

 

Using a Free SSL Certificate from Let’s Encrypt on IIS?  Drop us a note on Social and let us know how its going for you!

MyWorkDrive debuts version 5.4 at Microsoft Ignite in Orlando on November 4th-8th

FOR IMMEDIATE RELEASE OCTOBER 30th, 2019 (San Francisco, CA)

MyWorkDrive, the San Francisco based software company redefining secure remote file sharing and compliant content collaboration will debut version 5.4 at the Microsoft Ignite Conference in Orlando, FL on November 4th, booth 409.  Version 5.4 enhances download speed improvements by 500%, includes major user interface improvements for remote clients, search integration with the mapped drive client and enhanced security features for enterprises who seek secure cloud like file sharing capabilities without migrating their file shares to the cloud or proprietary formats outside of their control.

CEO Dan Gordon says- “We are excited to be exhibiting at Microsoft’s Ignite conference where we will show off the improved features of our latest release. We have perfected a great security tool with MyWorkDrive enabling Enterprises to digitally transform their network at a fraction of the cost without compromising security” 

With MyWorkDrive, there are no files to migrate, no VPNs to manage, no security worries for mobile device management with remote users and no need to sync files before sharing. Customers have their own private File Cloud installed easily with instant secure collaboration using Office 365.  MyWorkDrive enables enterprises who keep their files stored on their existing Windows File Shares to access them using their Web File Manager, Mapped Drive or Mobile clients from anywhere. Think of your network instantly becoming your own File Sharing Cloud but with improved security over VPN and instant Office 365 collaboration from any device from anywhere. The mapped drive allows users to manage files in explorer remotely. There is also a secure web client, ensuring all browser logins are secured and compliant on any device. Enterprise digital transformation can be cost prohibitive and cumbersome for larger organizations and IT Departments. With MyWorkDrive, installation is a breeze and files remain in place on existing file shares without migration. MyWorkDrive installs easily and turns your file server into a secure file server in the cloud
allowing secure file collaboration for remote and global users instantly.  Enterprise and compliance (HIPAA, FINRA, FIPS, GDPR) requirements are easily achieved with MWorkDrive.  with MyWorkDrive, secure remote file share access without VPN is available using any web browser, the mapped drive or mobile clients with SAML SSO, Two Factor Authentication and Data Leak Prevention features built in.

About MyWorkDrive

MyWorkDrive provides a software-only, on-premise data center solution for secure private cloud remote file sharing access from anywhere for any device. Users gain access in minutes without Sync, VPN, RDP or migrating data. MyWorkDrive is for IT leaders looking for a cloud-like file sharing solution that has ransomware protection & DLP, facilitates data governance compliance (FIPS, HIPAA, FINRA, GDPR), enhances Office 365 real-time online collaboration, with a lower total cost of ownership.  MyWorkDrive is privately held, based in San Francisco, California and a product and dba of Wanpath LLC.  Visit us at https://www.myworkdrive.com.

 

Secure File Share Remote Access for Government

 

Secure Remote File Access

MyWorkDrive provides the necessary safeguards to help government agencies meet their security requirements for secure file share remote access without migrating files to the cloud or exposing their files using VPN.   MyWorkDrive gives your government agency secure file share remote access using your on-premise Windows File Shares & Active Directory infrastructure.   Users are able to remotely edit and share files simply and securely.  No Vendor lock-in, No syncing and prevent Ransomware without migrating files the cloud or new systems.

Compliance

Achieving HIPAA, FNRA, FIPS, FEDRAMP, GDPR, and CaCPA2018 compliance is critical for today’s cloud connected remote workforce when accessing file shares.   Governments and public sector agencies are secure using MyWorkDrive Remote File Access Mapped Drive, Web Browser, or Mobile clients anytime from anywhere.  With MyWorkDrive customers have access to enhanced security and Data Leak Prevention features without having to maintain VPNs or migrate their file shares to the cloud.

Data Leak Prevention

Using MyWorkDrive’s Data Leak Prevention feature enables secure remote file share access for Governments while remaining compliant with various data security regulations such as FIPS,  MyWorkDrive ensures sensitive files remains on location, are never synced or migrated to any device and access is only allowed through a secure tunnel in our encrypted viewer with watermarks to prevent printing and copying of screen viewing.

Easy Deployment without Migrating Files

Government agencies can deploy MyWorkDrive infrastructure on-premise as 100% private cloud to meet their security requirements or as a hybrid cloud.   In private cloud mode all files, transmissions and document edits are contained within the government agency’s infrastructure including support for a Local Office Online Server.   When deployed as a hybrid cloud, Office documents can be viewed and edited in Office 365 online in Microsoft’s FEDRAMP compliant Office 365 editors securely with a direct secure tunnel between the agency and Microsoft while keeping files saved to the government agencies private storage.

MyWorkDrive has worked hard perfecting our product offering to meet stringent government data security standards and regulations.  MyWorkDrive is pleased to offer their Public Sector customers the ability to subscribe to our MyWorkDrive Secure File Share Remote Access software to solve security concerns around VPN while providing the collaboration features employees need to be productive.

US Federal Government GSA Approved

 

For US Federal Government Agencies, As MyWorkDrive’s public sector distributor, Vertosoft provides government end users access to MyWorkDrive software through Government Purchasing vehicles such as GSA IT-70 and NASA SWEP.  Vertosoft is focused on delivering innovative technologies and services to public sector agencies in support of agency IT modernization efforts. They bring a deep knowledge and unmatched expertise supporting all phases of the government acquisition life cycle to federal, state, and local governments through the adoption of both cloud and emerging technology solutions.

 

About MyWorkDrive

MyWorkDrive provides a software-only, on-premise data center solution for secure private cloud remote file sharing access from anywhere for any device. Users gain access in minutes without Sync, VPN, RDP or migrating data. MyWorkDrive is for IT leaders looking for a cloud-like file sharing solution that has ransomware protection & DLP, facilitates data governance compliance (FIPS, HIPAA, FINRA, GDPR), enhances Office 365 real-time online collaboration, with a lower total cost of ownership.

MyWorkDrive is redefining Enterprise File Sharing and Content Collaboration for critical sectors including Healthcare, Education, Government, and Financial institutions. MyWorkDrive employs the 5 C’s of success as an alternative to standard file share cloud services: Compliance, Control, lower Cost of Ownership, Cloud Capabilities, and instant Collaboration.

 

MyWorkDrive announces partnership with Vertosoft

FOR IMMEDIATE RELEASE OCTOBER 14th, 2019 (San Francisco, CA)

MyWorkDrive, the Data Leak Prevention tool that enables secure remote file share access for Enterprise while remaining compliant with various data security regulations including FIPS, announces today our official partnership with Vertosoft.  As MyWorkDrive’s public sector distributor, Vertosoft provides government end users access to MyWorkDrive software through Government Purchasing vehicles such as GSA IT-70 and NASA SWEP.

CEO Dan Gordon says- “We are happy to announce that with our partnership with Vertosoft, we are able to provide our Software to Public Sector Agencies who have been asking for it.” In the past we were told “if only you were on the GSA Schedule, or FedRamp compliant” …Now we are!

MyWorkDrive, a San Francisco based security software company has worked hard perfecting their product offering to meet stringent data security standards and regulations. The company is very happy to offer their Public Sector customer base the ability to purchase their Secure File Share Remote Access software through Vertosoft.

MyWorkDrive ensures sensitive files remains on location, are never synced or migrated to any device and access is only allowed through a secure tunnel.  Using built-in Data Leak Prevention features all files remain secure.

Achieving HIPAA, FNRA, FIPS, GDPR, and CaCPA2018 compliance is critical for today’s cloud connected remote workforce when accessing file shares.   Governments and public sector agencies are secure using MyWorkDrive Remote File Access Mapped Drive, Web Browser, or Mobile clients anytime from anywhere.  With MyWorkDrive customers have access to enhanced security and Data Leak Prevention features without having to maintain VPNs or migrate their file shares to the cloud.

Vertosoft is focused on delivering innovative technologies and services to public sector agencies in support of agency IT modernization efforts. They bring a deep knowledge and unmatched expertise supporting all phases of the government acquisition life cycle to federal, state, and local governments through the adoption of both cloud and emerging technology solutions.

MyWorkDrive is redefining Enterprise File Sharing and Content Collaboration for critical sectors including Healthcare, Education, Government, and Financial institutions. MyWorkDrive employs the 5 C’s of success as an alternative to standard file share cloud services: Compliance, Control, lower Cost of Ownership, Cloud Capabilities, and instant Collaboration.

About MyWorkDrive

MyWorkDrive provides a software-only, on-premise data center solution for secure private cloud remote file sharing access from anywhere for any device. Users gain access in minutes without Sync, VPN, RDP or migrating data. MyWorkDrive is for IT leaders looking for a cloud-like file sharing solution that has ransomware protection & DLP, facilitates data governance compliance (FIPS, HIPAA, FINRA, GDPR), enhances Office 365 real-time online collaboration, with a lower total cost of ownership.  MyWorkDrive is privately held, based in San Francisco, California and a product and dba of Wanpath LLC.  Visit us at https://www.myworkdrive.com.

 

MyWorkDrive Version 5.4 Webinar set for October 24th

Join our resident experts on Thursday October 24th at 10 am PST for a webinar where we will preview the latest MyWorkDrive version 5.4 secure file remote access features. Save your spot now for this very popular discussion!

During this webinar we will preview the latest 5.4 features and updates:

  • Download speed improvements by 500%
  • Search integration with the Mapped Drive client
  • MSI Files for easy mapped drive deployment
  • Updated Cloud Web Connector/Reverse Proxy speed improvements
  • Default A+ rating on Qualsys SSL Labs with no manual configuration
  • UI improvements across all clients

We will also review:

  • MyWorkDrive Web File Manager Data Leak Prevention
  • Access Files from Anywhere with Mobile or Mapped Drive
  • MyWorkDrive software road map
  • How to collaborate and edit online in Office 365 and keep files stored on your own server.

How to join us: Thursday October 24th, 2019

Start Time: 10:00 AM PST, (1:00 PM EDT, 6:00 PM UTC)

Register using this link:

 https://attendee.gotowebinar.com/register/5213251222296219661

CentreStack Alternative Solution

MyWorkDrive Version 5.3.2 Released to Production

We are pleased to announce the production release of version 5.3.2 of MyWorkDrive server, Mobile and Mapped Drive Clients.  Version 5.3.2 is primarily a maintenance release, with improved security, stability and logging capabilities.  The list of updates includes:

    • Updates to our Online viewer
    • Office 365 interoperability
    • Duo 2FA improvements
    • Mobile App Support of iOS 13
    • User Session management enhancements
    • Map drive session lost/expiration handling
    • Map drive installation/launch logging

We recommend all customers upgrade to our latest 5.3.2 production server and mapped drive client. All clients are advised to update to version 5.3.2 following normal review and accommodating normal maintenance windows. Detailed upgrade instructions can be found in our Server Upgrade Guide.  See our server release notes here.

Coming Soon..

In version 5.3.3, we’ll be continuing our security and reliability enhancements with expanded options for session timeout management, file size limits, faster web downloads, more diagnostics on server events, an MSI installer for the Windows Client and improved performance, search and file operations on our various clients.

**Important note for MyWorkDrive Servers 5.2 & earlier**

We will be ending support for Server Version 5.2 and earlier on 15 Jan 2020, and your server will no longer be licensed as of this date if not upgraded to 5.3. You must upgrade to server version 5.3 or later prior to 15 Jan 2020. The licensing partner we use for 5.2 and prior versions will no longer be providing licensing or support as of 15 Jan 2020.  This only impacts Server versions 5.2 and older; map drive and mobile clients will continue to function normally

Questions? Need a trial extension? Email us at [email protected] or Phone: 877-705-4997

 

Private Cloud vs. Public Cloud: Secure File Sharing and Data Security

Data is moving to the cloud at an incredible pace. 

Studies suggest that 83% of all enterprise workloads will be running in the cloud by 2020. 

Perhaps the biggest reason for this explosion of the cloud is the arrival of the age of digital transformation. 63% of companies say that they’re moving to the cloud to support their digital transformation campaigns this year. 

However, another 66% of IT professionals believe that security is the most significant concern they’ll need to face when choosing the right cloud environment. 

After all, cloud-based solutions don’t just come in a single format. According to the LogicMonitor Cloud Vision study for 2020, approximately 41% of enterprise workloads will be run on public cloud platforms, thanks in part to their accessibility and affordability. 

However, a growing number of companies are also considering private cloud (20%) and even hybrid deployments (22%) to protect their data. 

Cloud-based solutions in the modern enterprise aren’t just about accessing higher bandwidth and dependability. 

The right service can also give companies an essential level of control when it comes to managing highly sensitive data. 

The level of control that you have over that information, and the opportunities available to protect it will depend on the kind of cloud you invest in. 

Read on for your full guide to private cloud vs. public cloud in the digital landscape. 

Public Cloud vs. Private Cloud: Defining the Two Options

Public cloud storage and private cloud are the two primary options available for today’s businesses. Both give companies the opportunity to access novel technologies in the digital landscape. 

In the era of digital transformation, cloud computing opens doors to things like DevOps agility, mobility, artificial intelligence, and machine learning. The cloud environment also enables machines to communicate effectively through IoT connectivity. 

The public cloud is currently the most popular form of cloud. 

It refers to environments that are available via a publicly accessible portal. Some public cloud storage solutions are possible over a web-page, while other solutions require you to install proprietary software to your machine. 

  • Any user can request access to the same infrastructure, and a variety of companies share the same infrastructure. 
  • This makes the public cloud is far more affordable and flexible for smaller companies. 
  • In the public cloud environment, the storage platform is hosted by a third-party provided – delivered and managed over the internet. 
  • There are no capital expenses to worry about, and users can handle their fees through predictable monthly payments. 
  • The storage and processor power required to run the cloud tools are not managed by your business, so there’s less need for IT expertise. 

The biggest problem with the public cloud is security and resiliency. Although public cloud environments are secure, sharing resources with others means you cannot get tailored security solutions for your own part of the cloud.

Now that 85% of enterprises are keeping sensitive data in the cloud, private solutions are becoming increasingly more appealing – particularly for companies in highly-regulated industries.

Private cloud deployments deliver computing resources that are uniquely tied to a specific user. 

All of your critical information is stored within a network of privately dedicated resources. 

Many people see this option as a chance to extend their pre-existing data center, with additional storage capacity and processing power. 

Although there’s more demand on your resources to specify and maintain your new cloud infrastructure, there’s also a lot more control available through a private cloud. 

A private cloud can also be a problem for many companies, as the infrastructure and deployments are managed on your end. This means that you need to ensure that your security systems are always up-to-date – the vendor won’t do it for you. 

Private clouds are also more flexible than the public cloud, with customization options available for specific regulations and demands.

The Main Differences Between Private and Public Cloud

Before we cover the unique benefits associated with both private and public cloud, let’s examine how the two options differ from each other in closer detail. 

Importantly, both cloud computing solutions are growing increasingly popular. 

According to IDC, cloud computing spending is expected to see a growth rate that’s 6 times higher than standard IT spending through 2020. 

Whichever option you choose, you’ll be part of a growing revolution on the cloud. 

Critical Characteristics of Public Cloud:

  • Billed according to usage: You can access pay-as-you-go public cloud offerings that bill you based on the number of minutes you use within individual pieces of computing equipment.
  • Hosted at the vendor’s facility: You won’t need to purchase, manage, deploy, or maintain your computing infrastructure at a physical building.
  • Shared hardware: You will be using the same shared physical server and storage appliances as many other companies working with the same vendor.
  • Fast scaling and provisioning: it’s easy to establish a new server and additional bandwidth in the public cloud whenever you need more space. 

Critical Characteristics of Private cloud:

  • Hosted on-premise: Most private cloud solutions from a traditional vendor require businesses to purchase, manage, and maintain their own hardware.
  • Higher capital expenses: There may be numerous up-front costs associated with deploying the required infrastructure for a private cloud environment.
  • Limited scalability: For many users, a private cloud won’t offer a great deal of scalability, as you’ll need to buy additional infrastructure to extend your services. However, it is more flexible than a public cloud.
  • Dedicated hardware: You get the benefit of knowing that you’re the only company with access to the cloud resources that you’re using. 

Some companies are also beginning to offer hosted private cloud solutions, which are much more beneficial than the traditional on-premise private cloud. 

These share many of the characteristics of a public cloud, including high scalability and the ability to host your environment at a vendor’s facility. Additionally, like with public cloud investments, there are variable billing options available that allow you to spend money as and when you choose. 

Hosted private cloud solutions can be far easier to access and use. Although you still get dedicated software and hardware that means that your information can be kept secure – you’re not deploying and using that hardware on-premise yourself. 

Hosted private cloud options are a good combination of both public scalability and private resilience. 

The Benefits of Public Cloud Computing 

Public cloud environments are available to anyone, which means that they can be an excellent solution for smaller brands and companies in need of budget-friendly storage solutions.

Cloud computing packages are operated by vendors with massive data centers. These data centers can distribute computing and storage resources across a variety of customers from different locations. 

Perhaps one of the biggest benefits of public cloud computing is how easy it is to access. Because maintaining and securing infrastructure is the responsibility of the vendor – not the business, even smaller companies can streamline their IT operations this way. 

Additionally, if your business is growing dynamically, you’ll have no problem scaling your cloud resources up and down according to your requirements. 36% of companies say that reducing the burden on IT staff is a crucial component of cloud computing. Public clouds can help with this goal. 

Public cloud computing delivers:

  • Agility: Often, when most enterprises are asked to provide a reason for choosing public cloud over provide connectivity, they put dexterity first. 

Public clouds ensure that companies can provision and deploy new resources in real-time. This means that it’s much easier to achieve rapid time-to-market and keep costs low. 

  • Availability: Although there can be outages with any kind of cloud computing, the public cloud is still a lot more reliable than keeping your data and information on-premise. 

Public cloud offers a great deal more uptime than most traditional data centers. Enterprises can even choose to access their services from a company that provides a guarantee for uptime

  • Scalability: As the need for an application or system grows, it’s straightforward for your business to add additional computing resources to suit demand. Most public cloud services will include some automated scaling so that businesses don’t have to worry about adding other computing resources at specific times in their growth cycle.
  • Performance: In cases where organizations need access to high-performing computing resources for their workloads, the public cloud makes it much easier to access these capabilities. 

You’ll only pay for what you use, which means that you can manage your expenses on a pay-as-you-go basis. You may even be able to access the latest technology in a public cloud data center without having to pay extra for new innovations. 

  • Location independence: It’s possible to access public cloud services wherever you are, using any internet-connected device. 

This ensures that you’ll be able to deliver greater mobility to your workforce and expand your business overseas if you want to. 

  • Low costs: Because the costs of running a vast data center are spread across multiple people in a public cloud environment, the prices are often quite small. 

This means that you don’t need to have to pay as much on your cloud infrastructure, and you can reduce costs in other ways too. For instance, many public cloud users can eliminate the need for specialist IT staff required to provision and manage servers and bandwidth on the back-end. 

The public cloud also converts some capital expenses associated with one-time purchases of hardware and software into simpler operational costs.

The Problems with Public Cloud Computing 

As compelling as public cloud computing can be in the right circumstances, it’s not always the right solutions for today’s businesses. The biggest disadvantage of the public cloud generally relates to concerns about security and control

With public cloud computing, you rely on the vendor to keep you safe. This means giving up control over the physical hardware that stores your data and the solutions that keep your applications running. It’s also more challenging to know for sure whether your information is being appropriately protected on the back-end or not. 

Because the public cloud environment is so vast and spread across multiple organizations, this also makes them a frequent target for hackers. 

The chances are you’ve seen countless news stories about groups that have been able to break through into public cloud environments. 

Some enterprises will also be concerned about the shared space that they can access on a public cloud. With the public cloud, workloads from numerous organizations are running within the same physical server. 

This means that it could be easier for people to create holes in the system to access potentially private data. 

The other big problem with public cloud environments is the fact that they’re often not compliant with specific laws and regulations that are critical for certain industries. In the US, healthcare providers and financial service providers need to meet with very specific requirements when it comes to how they store and manage customer information. 

HIPAA FINRA GDPR Compliance

Not all cloud providers will fit the requirements in these areas. Additionally, in Europe, sensitive information gathering and processing is much stricter since they adopted GDPR, and no matter whether you are based, you need to be compliant with this regulation if you wish to obtain and process data from EU subjects. 

Not all public cloud environments meet these requirements. 

Even the cost benefits of the public cloud can be problematic at times. Although the pay-per-use option will appeal to some companies, if your usage in a particular application suddenly skyrockets, there’s a risk that you could be left with a huge bill.

On-Premise Private Cloud Computing Benefits

The public cloud has its advantages for smaller companies and those who have fewer concerns to think about when it comes to addressing compliance.

There are some environments where a public cloud doesn’t make sense. 

That’s why private cloud solutions were designed to support those with a need for higher security, resilience, and control. 

As mentioned above, the private cloud is a computing environment that’s built and reserved for one specific enterprise to use. In a private cloud, every appliance and service is only available to one organization. 

The benefits and issues with the private cloud depend on how you choose to access it. There are two distinct versions of the private cloud:

  • Self-managed: You build your cloud environment with hardware and data centers that are managed by your own team.
  • Hosted: Some vendors provide hosted private clouds, where someone else hosts and manages your cloud computing resources – similar to the experience you get with the public cloud. However, the servers are not shared among customers.

The benefits of a self-managed private cloud are:

  • Greater security and control: This is the most prominent reason that companies generally choose a private cloud over a public option. With an in-house cloud environment, organizations are able to retain control over their infrastructure, which means that they can deploy security measures that have been chosen by their team. It’s possible to create a best-in-class environment that’s specifically suited to the needs of your business and industry.
  • Improved compliance: With in-house private cloud environments, organizations also get the option to make sure that all of their data storage solutions comply with the regulations that are relevant to their industry. There’s complete control over all security measures here, and it’s easy to make sure that data remains within a specific geographic area too.
  • Customization: An in-house private cloud will also provide enterprises with the ability to choose which hardware they’re going to use to store their data and run their applications. Like with a private cloud, it’s possible to access this environment from any location, using any internet-connected device.
  • Agility and scalability: There are plenty of options for growth with a private cloud environment. You’ll be able to build out and extend your cloud however you see fit.
  • Predictable costs: While the private cloud can be more expensive than the public cloud, the prices are far more predictable and more comfortable to account for. You’ll know exactly how much you’re going to be spending from one month to the next. 

The Problems with On-Premise Private Cloud Computing 

While private cloud computing is more secure and easier to control than public cloud solutions, there are some downsides to this option too. 

In the case of on-premise private cloud computing, for instance, because organizations are required to manage and purchase their infrastructure, private cloud solutions are often costly. 

You’ll need to pay for professionals to manage your cloud infrastructure on the back-end too. 

Additionally, with a private cloud, companies need to handle all of the standard in-house services that would be managed by a public cloud vendor on the other side of the coin. 

This means that deploying, provisioning, and monitoring hardware is much more difficult. 

If you do decide to scale your cloud solutions in a private cloud infrastructure that’s on-premise, that also means investing extra time and resources into the process. 

Acquiring additional resources and adding them to your cloud can be a very expensive and exhausting process. 

In some instances, you may find that it’s difficult to access the latest cloud solutions on a private cloud environment too. 

After all, you won’t be able to simply tap into the tools that your cloud vendor invests in. You’ll be required to purchase your own additional systems and innovations if and when you need them. 

The Benefits of a Hosted Private Cloud Environment 

Hosted cloud provider solutions were designed to overcome many of the issues that are common with on-premise private deployments. 

These solutions are intended to give businesses access to the security and control benefits that they can get from the private cloud. Most of them will offer scalability and accessibility that’s common with public cloud environments too. 

Like a public cloud, the hosted private cloud comes with the option to store your databases and required infrastructure on the vendor’s site, so that you don’t need to invest in or manage your infrastructure yourself. 

Hosted private cloud offers a combination of what you get from the public and the private cloud. 

Because only one company has access to the physical hardware and applications on the hosted private cloud, this eliminates many of the security and control concerns associated with the public cloud. 

The only downside security-wise is that you still won’t have physical control over your servers – however, this might not be a problem if you know that your private provider is compliant with your industry’s needs. 

Additionally, giving up control of your hardware means that you also get a more simplified management solution for your private cloud. 

If you can find a hosted provider that you’re comfortable with, you won’t need to pay for a new IT team to manage and provision your physical hardware. Just like in the public cloud, your vendor will handle this side of the work for you, reducing the need for monitoring and maintaining complex tools. 

Even though you don’t have complete control over the hardware, some vendors will also give you the option to customize your operations by specifying what kind of equipment is used to power your private cloud. 

Another point to note with the private cloud is that the costs of this investment often remain highly predictable. Hosted private cloud models can vary. In general, you’ll be asked to sign a contract that specifies the amount of bandwidth you can use. This makes costs much easier to manage and a lot more predictable than with many public cloud offerings. 

Although, some hosted private cloud providers will still increase costs if your usage starts to rise. 

Like with the public and private on-premise cloud, hosted private clouds also come with additional agility, scalability, and availability compared to the conventional data center and computing strategies.

You’ll be able to build on your infrastructure quickly and efficiently as your business continues to evolve, ensuring that you always have access to the tools that you need. 

What is Hybrid Cloud Computing?

Up until this point, we’ve discussed two of the most common cloud computing models: public and private environments

As the technology landscape has continued to expand and evolve, we’ve also seen the arrival of another solution for growing enterprises: hybrid cloud

74% of enterprises have said that they’re beginning to explore multi-cloud and hybrid cloud environments so far, hoping to gain some of the positives of both the public and private cloud environment. 

Hybrid clouds combine multiple public and private cloud solutions, that are managed as part of a complete single entity. 

This unique arrangement allows businesses to overcome some of the drawbacks of both private and public clouds and create their own unique environments instead. 

For instance, companies with specific compliance requirements to consider could store more sensitive data in a secure private cloud

They could still access data from an application that’s running in a low-cost public cloud too. 

Companies could also choose to run most of their eCommerce and sales operations from the private cloud to ensure that the customer data stays secure. They’d also be able to scale up to public cloud environments at times when they need extra functionality. 

Benefits of the hybrid cloud environment include:

  • Enhanced flexibility: A hybrid cloud allows organizations to use the private setting for workloads and requirements that would be best served by a situation that they can completely control. 

At the same time, the company can also use public clouds in times when it makes the most sense. There’s no need to choose between two options, users can instead access the cloud that simply makes the most sense. 

  • Security and compliance: Hybrid clouds can provide multiple forms of data security solutions when provided by the right vendor. 

You can store customer credit card numbers and payments data in the private cloud – to ensure that there’s less access to outside sources. 

At the same time, you can store public-facing web content in a slightly less-secure public cloud. This makes meeting compliance requirements a lot easier and more affordable. 

  • Improved scalability, agility, and availability: Because hybrid environments connect both public and private clouds, they offer the same kind of accessibility, agility, and scalability you would get with a public cloud, in an environment that’s as secure as you need it to be. 

Additionally, as with any cloud, you can still access your applications and data from any environment or device that you choose. 

Problems with the Hybrid Cloud

According to data presented at the AWS Summit, 65% of companies have a hybrid cloud strategy today. 

Although the hybrid cloud was intended to overcome all the issues associated with both the public and the private cloud – it still has its negative points. 

  • The biggest downside is how complicated it can be to manage. Organizations often need to invest in special automation and other tool solutions if they’re going to manage different kinds of cloud in one environment.
  • Enterprises will also need to invest in making sure that their staff has the right training required to manage, integrate, and monitor a secure hybrid cloud environment. 

It’s a significant challenge to do this in many situations – and a problem that might be difficult to overcome for smaller businesses. 

One point to note is that because the hybrid cloud also uses some public services, organizations face the risk of having to deal with surprisingly high bills resulting from periods of excessive usage. 

Some companies believe that the unpredictability of the costs is often outweighed by the financial benefits of using the public cloud for certain operations. 

The key to success with hybrid cloud environments, as with most cloud solutions, is making sure that you research your options carefully. Choosing the perfect cloud solution means looking at all of the solutions on the market and finding the one that’s best suited to your needs. 

How Secure is Cloud Storage in General? 

Before you decide whether cloud storage is the right solution for you, either in a public, private, or hybrid environment, it’s important to make sure you can see the benefits of this solution. 

All files stored on a secure cloud server can benefit from an enhanced and more reliable level of security than you would be able to access a basic on-premise storage environment. 

When choosing your provider, look for the following: 

  • Advanced firewalls: These firewalls inspect traveling data packets: Simple options will only examine the source and destination data, while advanced options verify the integrity of content packets. These programs also map packet contents to security threats.
  • Intrusion detection: Cloud online storage can identify when someone is attempting to break into your systems, sending real-time notifications to business leaders to help you avoid problematic attacks.
  • Event logging: Most cloud storage solutions also come with access to event logs that help security analysts to better understand the threats you face on a regular basis. These logs record network actions and help you to predict and prevent attacks in the future.
  • Internal firewalls: All accounts shouldn’t always have access to all the data you have in the cloud. Limiting cloud access through internal firewalls can boost your security levels significantly.
  • Encryption: Cloud security solutions come with the option to encrypt data both at rest and in-transit. This keeps your information safe from unauthorized users. If an attacker steals a file, they still won’t be able to read your data without an encryption key.
  • Enhanced physical security: Many cloud data centers are very secure. Certified data centers come with 24-hour monitoring facilities and even armed guards. These places are far more secure than most traditional on-site data centers. 

Choosing your Cloud Solution 

The key to a successful cloud solution is making sure you recognize the specific needs of your business

Consider your privacy concerns and the regulations that you need to comply with in your industry. If your organization handles things like medical records and credit card information, there’s a chance that even the most robust public cloud won’t be suitable for you. 

The more research you do into your available cloud environments, the easier it will be for you to take advantage of all the benefits the cloud has to offer while avoiding unnecessary risks. 

 

Windows File Server

MyWorkDrive Version 5.3 Released to Production

We are pleased to announce the production release of version 5.3 of MyWorkDrive server, Mobile and Mapped Drive Clients.

New Features

Version 5.3 includes many new features requested by our customers including:

Server

  • Support for multiple mapped drive letters
  • Admin panel updates to support shared public user
  • New licensing process to ease support for upgrades and migrations
  • Security updates to cookies and headers
  • Added preconfigured shibboleth SAML integration
  • Customized password expired and lockout messages
  • Support for locked down environments and outbound proxy

Numerous other enhancements and fixes.  Server release notes here.

Mobile Apps

  • Open files in local app
  • Download multiple files
  • Upload multiple photos
  • New file display by date/name
  • Display company custom logo

Web Browser Client

Windows Mapped Drive

Numerous other enhancements and fixes – Release notes are here.

 

Version 5.3 also includes support for additional SAML providers including a built in integration for Shibeloth.  During the webinar we provided an in-depth demonstration of our multiple mapped drive letters and shared public user features.

We recommend all customers upgrade to our latest 5.3 production server and mapped drive client.   See our server release notes here. 

Webinar Recording Link

Questions? Need a trial extension? Email us at [email protected] or Phone: 877-705-4997

 

What is Remote Work?

There’s a steady rise in remote work positions. Why do people and businesses choose to work remotely, and how do they do it?

Remote employees work either from home or outside of the traditional working environment, such as at an office or on a specific job site. It increases morale and encourages successful completion of tasks and goals in a much more efficient, timely, and cost-effective manner.

All remote work can be summed up into two distinct categories:  

  • A fully remote job allows an employee, whether they be part-time, full-time, or on a freelance basis, to work 100% from home without needing to commute to an office location.
  • A partial remote job offers employees some remote work capabilities but does not allow the employee to engage in their work without visiting the office or job site at least some of the time.

So how does a company decide whether they should go the fully or just the partial remote job route? This largely depends on the type of job, but the tree deciding factors usually are:

  • Travel is a necessary part of the job.
  • Staff meetings and face time is required.
  • Certain aspects of a particular job can not be done from home or outside of the office.

Whether full-time or part-time, one thing is for sure, remote work is no longer considered a trend but is now a fully viable option, as is confirmed by numerous studies and statistics, which we will address right now. Read more

MyWorkDrive Version 5.3 Preview Now Live

We are pleased to announce the preview release of version 5.3 of MyWorkDrive server, Mobile and Mapped Drive Clients.

New Features

Version 5.3 includes many new features requested by our customers including:

Server

  • Support for multiple mapped drive letters
  • Admin panel updates to support shared public user
  • New licensing process to ease support for upgrades and migrations
  • Security updates to cookies and headers
  • Added preconfigured shibboleth SAML integration
  • Customized password expired and lockout messages

Numerous other enhancements and fixes.  Server release notes here.

Mobile Apps

  • Open files in local app
  • Download multiple files
  • Upload multiple photos
  • New file display by date/name
  • Display company custom logo

Web Browser Client

Windows Mapped Drive

Numerous other enhancements and fixes – Release notes are here.

Mac Mappped Drive 5.2.1

  • Display company branded logo
  • Improved Office file locking support
  • Remind user to install Fuse during setup and launch
  • Bug fixes and enhancements – Release notes are here.

 

Version 5.3 also includes support for additional SAML providers including a built in integration for Shibeloth.  During the webinar we provided an in-depth demonstration of our multiple mapped drive letters and shared public user features.

In addition to 5.3 preview we have updated Version 5.2 production with important updates to file locking to support extended refresh of file locks in Office Online and our mapped drive and numerous other fixes.    We recommend all customers upgrade to our latest 5.2 production server build 5.2.18 and mapped drive client 5.2.2.   See our server release notes here. 

Webinar Recording Link

Questions? Need a trial extension? Email us at [email protected] or Phone: 877-705-4997

 

MyWorkDrive Version 5.3 Preview Webinar Recording Now Live

We are pleased to announce version 5.3 of MyWorkDrive server, Mobile and Mapped Drive Clients has been previewed during our Webinar held on May 9th, 2019.

Features

Version 5.3 includes many new features requested by our customers including:

  • Multiple Mapped Drive Letters for each Share
  • Shared Public User Access
  • File Filtering and Alerts
  • Open/Save Multiple Files in Mobile Client
  • Zip and Share files from the Web Client
  • Server Admin Panel Enhancements

Version 5.3 also includes support for additional SAML providers including a built in integration for Shibeloth.  During the webinar we will an in depth demonstration of our mobile app that now includes support for iOS files provider, Image previews and new offline capabilities.   With iOS file provider enhancements user’s can access, upload, download and edit files stored on MWD shares from any app.  See our updated mobile user guide here.

MyWorkDrive CEO Dan Gordon says, “We are very excited to these major enhancements for secure file remote access from any device or authentication provider.   With these speed and functionality improvements, now more then ever, our customers can eliminate file share VPN security risks while enabling their users to work from anywhere without VPN or remote desktop login headaches.”

Webinar Recording Link

Questions? Need a trial extension? Email us at [email protected] or Phone: 877-705-4997

 

MyWorkDrive Version 5.2 Released to Production

We are pleased to announce version 5.2 of MyWorkDrive server, Mobile and Windows client is now available for full production download.  This release includes a major update that now supports logging in using ADFS/SAML from any device when connecting to server version 5.2.  With this update secure remote access using Windows and Mobile Apps from any SAML provider with two factor authentication is now possible.   An example would be Azure AD integration with MFA enabled – When enabled in MyWorkDrive and ADFS/SAML is set to required, users can access MyWorkDrive shares with our  Mapped Drive and Mobile clients using SSO and MFA Two Factor as part of Azure AD.

Version 5.2 also includes a major overhaul to our mobile app that includes support for iOS files provider, Image previews (5.2 server required) and new offline capabilities.   With iOS file provider enhancements user’s can access, upload, download and edit files stored on MWD shares from any app.  See our updated mobile user guide here.

MyWorkDrive CEO Dan Gordon says, “We are very excited to these major enhancements for secure access from any device or authentication provider.   With these speed and functionality improvements, now more then ever, our customers can eliminate file share VPN costs and security concerns while enabling their users to work from anywhere without VPN or remote desktop login headaches.”

 

New Version 5.2 features

Mobile Apps

  • Login using ADFS/SAML provider
  • Prevent password saving policy support
  • iOS files provider support for accessing files in any app

Web Browser Client

  • User favorites to folder locations
  • Alternative viewer for large text files
  • Improved support for ADFS and SAML SSO providers

Windows Mapped Drive

  • Login using ADFS/SAML provider
  • New command line options for unattended setup
  • Improved login/logout performance
  • Improved handing of custom branding
  • Numerous other enhancements and fixes – Release notes are here.

Mac Mapped Drive

  • Speed and performance improvements
  • Login using ADFS/SAML provider
  • Support for server password policies
  • Bug fixes and enhancements – Release notes are here.

Server

  • Administrative Alerts for file downloads, delete or modify
  • Simplified SAML setup for Okta and OneLogin
  • Export/Import of settings for easy backup/restore
  • Azure AD single logout support
  • Numerous other enhancements and fixes – Release notes are here.

*Upgrade note: Existing customers can upgrade for free in place.

Questions? Need a trial extension? Email us at [email protected] or Phone: 877-705-4997

Cloud storage: Is it for you?

Cloud storage is a model of computer data storage where files are stored in logical pools.  With Cloud Storage, the actual physical storage typically spans multiple servers (which can also be in located in multiple physical locations).   While the storage is typically owned and managed by a hosting company many organization have their own private cloud storage.   Cloud storage can fit the demand for convenience, mobility and cost-efficiency for data storage. With all of the advantages cloud storage provides, do not forget security.

The sophistication of the security options available for cloud storage are growing but there is no single set of solutions yet available. Just as there are layers of security required for on premise storage, even more are required for securely transporting, storing and accessing data in the cloud. Your data will be in the hands of a third-party. Security measures must be examined prior to selecting a vendor. Do not let cost be the determining factor in your vendor selection.

Cloud Storage Security

The cloud provider chooses authentication, authorization, and access control mechanisms that meet their needs to host multiple tenants in their cloud. Choosing the cloud provider that best meets your business and security needs are the primary selection criteria for choosing a cloud vendor. The vendor is responsible for securing your data on their servers. They will select the firewalls and chose the security polices they will enforce. Make sure those polices meet your needs. Insuring your data is safe and accessible to only you, this is what you are paying for. Limit security risks by encrypting the files before transferring them to the cloud storage location. Use a vendor that allows you to maintain your own encryption keys, instead of the cloud storage provider retaining them.

The portions of security the end users are responsible for need to be easy to use, flexible to manage and secure. The more complex the security the more effort the user will expend to get around them or ignore them. For a security solution to be effective, it must be used as designed and deployed. Citrix remote desktop is not only very expensive it is difficult to use and support. VPN’s are often not used because of the complexity of this technology. Your access solutions needs to be easy to use and not require a lot of training for the end user or the support staff.

With so many mobile devices accessing your data from different locations around the world, the tools you use to access your data must have excellent security. Security that not only prevents remote devices from being used by the wrong person (DUO, SSO), uses encryption in transit to and from the server behind the firewall. Insure no data is left behind on the remote device after the transaction has been completed.

Ease of Use

Usability is one of the biggest changes that cloud storage brings. Most solutions address both Mac and PCs. They use the ‘drag and drop’ option, moving any file easily to your cloud storage device. Backup and Disaster Recovery systems are a lot more user-friendly. Once set up, backups can be done quickly and automatically. Simpler interfaces are easier to use and manage; reducing the burden of extensive training.

Accessing Files in the Cloud

As long as you have an Internet connection, you have access to your files in the cloud. The cloud storage server is device agnostic, you can access your files with any Smartphone, notebook, tablet, laptop, desktop or thin client workstation using iOS, Windows, Unix or Android OS’s.

With the massive growth in remote work. With employees increasingly working from home for at least two days a week, and the growing use of the gig economy labor model, remote access to shared files is essential for worker efficiency and productivity.

Risk Factors

Cloud storage needs to be backed up just like your on-premise file shares. Control your backups; it is your data and your future. If the vendor says they do a full back up of the data, ask how often, where the backup is physically, if they test the backup and if you can restore and run your business quickly from that backup. Good backups are the best defense against disaster.

Data format and migration is another consideration since files migrated to proprietary hosted cloud storage will be converted away from NTFS native file storage with built-in security permissions to the vendors format making portability and future migration away from the vendor difficult. If possible choose a cloud storage vendor that natively integrates with Active Directory NTFS permissions and groups to maintain future portability.

Most cloud service providers are reliable; however, they are only as reliable as your Internet connection. Having a poor Internet connection can keep your businesses from being able to access your data. Determine your bandwidth needs prior to selecting an ISP or cloud storage vendor.

Ask if you will share a common namespace with other clients of the cloud provider, if you use a single-sign-on authentication option it can make it easier to access your data and increase your risks.

Find out if when you upload your company data to a public cloud provider, if you still own it. Read the fine print in the contract of the cloud providers; find out if that cloud provider, not you, owns the data you save in their cloud service. Read the fine print, details are critical in the cloud vendor contracts.

In many cases issues around compliance or data sovereignty may eliminate some vendors or require the use of files stored in a private cloud.

Rising costs can also be a risk if you do not plan efficiently. Extensive research must be done prior to selecting a vendor to ensure scalability and that costs will remain reasonable over time.

Customization

One of the best benefits in cloud services is the ability to customize the services you need for your business. Even the least expensive cloud service providers can provide levels of customization greater than traditional on premise storage and networking systems. Because these systems are software driven they require very little investment in hardware (if any), so you may be able to afford new and additional services.

Although entry-level systems offer customization, if you have specific needs, care is needed in selecting a provider that best addresses your business needs. Do not sacrifice performance for price.

Conclusion

Cloud storage can be an excellent way to save on capital expense (CAPX) and reduce the internal IT support workload. But buyer beware, thoroughly research the vendor you choose and ensure that they are the best fit to help your company succeed and maintain control of your data in the future if you need an exit plan. MyWorkDrive provides the ability to maintain control of files using your own private cloud storage or interfacing with Azure File Share Sync or Netapp OnTap storage providers.

Data Loss Prevention Strategies

Data is the lifeblood of your business. How do you protect it?

Data Loss Prevention

What is Data Loss Prevention (DLP)?

With information security theft on the rise, enterprises must find effective ways to protect their data, and many such enterprises are turning to data loss prevention (DLP) implementations to secure their networks. Data loss is a serious issue for any business of any size. Losing files means losing time and money to restore or recover information that is essential to your business. Data loss occurs when data is accidentally deleted, stolen, or corrupted. Viruses, physical damage to memory devices or formatting errors can render data unreadable by either humans or software. Losing files and documents often have a lasting impact on your company’s financial health.

Some data is recoverable, but this process can require the assistance of IT professionals and will cost time and resources the business could apply elsewhere. In some instances, lost files and information cannot be recovered, making data loss prevention even more essential. You can minimize your business’s potential for data loss by understanding what leads to data loss.

DLP is also a policy issue.

Identify where the existing data resides and how this data is classified. Examine controls and data stores currently in place. Focus on first protecting the most sensitive category of data. In a large enterprise, it is advisable to start with a small segment of the network, rather than tackle the network as a whole. Only when the most sensitive category of data has been protected throughout the enterprise is it safe to move to the next tier.

The focus of DLP is to prevent confidential information from leaving the organization and from being accessed by unapproved recipients. At the very least, DLP should be able to detect when such an event occurs. This is assuming that the organization has boundaries; with the implementation of a document classification matrix and with strong policies in effect, confidential data is likely to be segmented into secure data stores (rather than being copied to the cloud), thereby implementing boundaries.

Effects of Data Loss on Businesses

Data loss is a major inconvenience that disrupts the day-to-day function of any business. When important files and documents are lost, your business must spend time and resources recreating or recovering these files to fill the gaps left by loss. While you may be able to locate hard copies of information, these may not be as up-to-date as the digital copies that were lost. Data loss caused by corruption or viruses poses particular problems as the extent of data loss caused can sometimes be difficult to determine. It can be costly for your business to weed out and repair damaged files.

Data Loss Prevention Strategies

With information security theft on the rise, enterprises must find effective ways to protect their data, and many such enterprises are turning to DLP implementations to secure their networks. Data Loss Prevention strategies have been evolving for several years. Successful implementation of DLP requires that it be approached as part of an overall program, rather than as a technology solution. DLP protection is limited to documents within the perimeter of the enterprise, or those documents stored on enterprise-managed hardware.

Since data is everywhere in the Enterprise there is no one tool by itself that can fully protect your data. To implement an effective Data Loss Prevention solution multiple layers of policy, procedures, and toolsets are required. Many of these seem like common sense, and most are basic to normal operations of a functioning Enterprise. The trick is to make sure that they all overlap with no holes for data to leak thru. Since data can only be fully protected and controlled by maintaining the location of your data; behind your firewall with all of the multiple layers of data protection that you can provide.

Operational Integrity

  • Monthly Computer Hygiene: Defrag HD, Delete duplicate/unnecessary files, run anti-virus/anti-malware
  • Patch Management
  • Software Upgrades
  • Endpoint protection: Anti-Virus/Anti-Malware-keep them updated
  • Monthly Server Maintenance
  • Server/workstation Backup: 3 backups-2 different mediums-1 offsite (all encrypted) monthly back-up testing

Layered Cybersecurity

Antivirus Software

Cybersecurity technology starts with antivirus software. Antivirus is designed to detect, block, and remove viruses and malware. Use products that are also designed to detect other threats, such as malicious URLs, phishing attacks, social engineering techniques, identity theft, and distributed denial of service (DDoS) attacks.

Firewalls

Firewalls are designed to monitor incoming and outgoing network traffic based on a set of configurable rules—separating your secure internal network from the Internet. Minimizing the number of open ports Firewalls are deployed as an appliance on the network and may offer additional functionality, of virtual private network (VPN) for remote workers.

Patch Management

Criminals design their attacks around vulnerabilities in software products such as Microsoft Office or Adobe Flash Player. As vulnerabilities are exploited, software vendors issue updates to address them. Using outdated versions of software products will expose your business to security risks.

Password Management

Weak passwords are at the heart of the rise in cyber theft, causing 76% of data breaches. Adopt strong passwords, 8 + alphanumeric characters.

Data Protection Technologies

These data loss prevention measures protect against a wide array of cyber-attacks. However, because threats like ransomware are always evolving, security solutions are just one part of an effective defense strategy. You also need solutions in place that enable you to return to operations quickly if you do suffer a cyber-attack. Data protection technologies are an essential second layer of defense against cybercrime.

Controlled Access to Data

Ensure that only the authorized user has access to data on your Network. Use Multi-factor Authentication (MFA) and Single-Sign On (SSO) tools in conjunction with Data Leak Prevention to limit external access, add watermarks and prevent printing or clipboard access.

When accessing corporate data remotely ensure data is encrypted when in motion and at rest. There are multiple technologies that will achieve these results, the key is to choose the one that is the securest, easiest to implement and maintain, and the most economical for your needs.

Occam’s razor essentially states that simpler solutions are more likely to be correct than complex ones. Applying this theory to Cybersecurity, it would state, “The easiest technology to use will be the one most used and thus the most effective”.

VPNs are complex and expensive to maintain and are frequently ignored when the user is stressed and pressed for time (ever been in an airport?). The next level in expense and complexity for remote file access is the virtual desktop technology.  Deploying virtual desktops is a costly and difficult solution requiring extensive hardware and software investment. Supporting this technology requires dedicated engineering support and significant training for your end-users and support staff.   Research, research, research; measure twice buy once.   To avoid complex VPN’s and remote desktop support companies are employing web based file management software to enable secure file access with DLP features built-in avoiding the complexity and expense of VPN software.

Sources: Exabeam, Digital Guardian, NSS Labs