File Sharing for Healthcare Organizations

Healthcare professionals accessing files remotely.

Advancing Healthcare Data Security Through Integrated Solutions

In today’s digital landscape, the healthcare industry faces both opportunities and challenges as it seeks to embrace innovation while safeguarding sensitive patient data. As information sharing becomes more widespread, the importance of robust, integrated security solutions intensifies. Crucial security strategies include implementing a zero-trust architecture, data leak prevention (DLP) mechanisms, multifactor authentication (MFA), device management protocols, and ensuring compliance with the Health Insurance Portability and Accountability Act (HIPAA). MyWorkDrive delivers a comprehensive file-sharing solution for healthcare that encompasses these critical components, enabling secure and flexible collaboration while protecting patient privacy.

 

Zero Trust Architecture: The Foundation for Robust Data Security When Sharing Files

A zero trust architecture operates on the principle of “never trust, always verify.” This approach is crucial in healthcare, where the integrity and confidentiality of patient data are paramount. By implementing a zero trust model, healthcare organizations ensure that access to their networks and data is strictly controlled and monitored, with authentication and authorization procedures in place for every access request, regardless of the user’s location or device.

In a zero trust environment, healthcare organizations replace traditional perimeter-based security models with granular access controls and continuous monitoring. This approach involves segmenting networks, enforcing least-privilege access principles, and implementing robust identity and access management (IAM) solutions. By treating every user, device, and application as untrusted, zero trust architecture minimizes the risk of unauthorized access and data breaches.

 

Data Leak Prevention: Safeguarding Sensitive Patient Information Within Healthcare Organizations

Data leak prevention (DLP) mechanisms are essential for identifying, monitoring, and protecting sensitive patient information across an organization’s digital environment. In healthcare, DLP tools can help prevent the unauthorized access, sharing, or exfiltration of patient data, thereby mitigating the risk of data breaches and ensuring compliance with privacy regulations such as HIPAA.

DLP solutions employ a range of techniques, including content inspection, contextual analysis, and machine learning, to identify and classify sensitive data. These tools can monitor data at rest (stored in databases or file servers), data in motion (transmitted over networks or shared via email), and data in use (accessed by applications or users). By implementing DLP controls, healthcare organizations can enforce policies that restrict the flow of sensitive patient data, prevent accidental or malicious data leaks, and maintain a secure and compliant file sharing environment.

 

Multifactor Authentication: An Additional Layer of File Sharing Security

Multifactor authentication (MFA) adds an extra layer of security by requiring users to provide two or more different authentication factors to verify their identity. This method significantly reduces the risk of unauthorized access due to compromised credentials, such as stolen passwords or phishing attacks.

In healthcare settings, where access to patient information must be tightly controlled, MFA is a critical component of a robust security strategy for healthcare file-sharing. Common MFA factors include:

  1. Something you know (e.g., passwords, PINs)
  2. Something you have (e.g., security tokens, mobile apps)
  3. Something you are (e.g., biometrics like fingerprints or facial recognition)

By combining multiple authentication factors, MFA ensures that even if one factor is compromised, unauthorized users cannot gain access to sensitive patient data or systems.

 

Device Approval: Controlling Access at the Endpoint in Your Organization

Device approval processes ensure that only authorized devices can access an organization’s network and resources. This is particularly important in healthcare settings, where the use of personal devices for work purposes is common due to the mobility of healthcare professionals and the need for remote access to patient data.

By implementing device approval protocols, healthcare organizations can maintain visibility and control over the devices connecting to their networks. This typically involves maintaining an inventory of approved devices, enforcing security policies (such as encryption, antivirus, and patching requirements), and implementing network access controls to prevent unauthorized devices from accessing sensitive data.

Device approval measures can also include mobile device management (MDM) solutions, which allow organizations to remotely monitor, manage, and secure mobile devices used for work purposes. These solutions can enforce policies, remotely wipe data from lost or stolen devices, and prevent the installation of unauthorized applications that could compromise data security.

 

HIPAA Compliance: Ensuring the Protection of Patient Information

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data in the United States. This is especially important when sharing healthcare files. Compliance with HIPAA requires healthcare organizations to implement physical, network, and process security measures to safeguard electronic protected health information (ePHI).

Adhering to HIPAA regulations is not just a legal obligation but also a commitment to maintaining patient trust and confidentiality. HIPAA compliance measures include:

  • Conducting risk assessments and implementing appropriate safeguards
  • Implementing access controls and audit trails
  • Ensuring data backup and disaster recovery procedures
  • Providing workforce training on HIPAA privacy and security rules
  • Executing business associate agreements with third-party vendors

By aligning their security practices with HIPAA requirements, healthcare organizations can demonstrate their commitment to protecting patient privacy and avoiding costly data breaches and regulatory fines.

 

MyWorkDrive: The Premier File Sharing Solution for Healthcare

MyWorkDrive integrates all the aforementioned safeguards – zero trust architecture, data leak prevention, multifactor authentication, device management, and HIPAA compliance – into a seamless, flexible, and secure file sharing solution tailored for the healthcare industry. By leveraging MyWorkDrive’s comprehensive framework, healthcare organizations can facilitate data access and collaboration across their ecosystem while ensuring the protection, privacy, and confidentiality of patient information.

Key features of MyWorkDrive’s file sharing solution for healthcare include:

As the healthcare industry undergoes digital transformation, holistic and integrated security solutions like MyWorkDrive are imperative for managing risk and ensuring the secure exchange of sensitive patient data. By implementing layered controls with a zero trust ethos, healthcare organizations can advance data protection amidst growing complexity and interconnectivity, enabling innovation while preserving patient privacy and trust.

SFTP vs SMB: How Do These Popular Protocols for Remote File Access Compare?

Two folders labeled SFTP and SMB, illustrating the contrast between the two secure file transfer methods.Need to securely access files stored on a remote server or share files between devices on a network? The two main options are SFTP (Secure File Transfer Protocol) and SMB (Server Message Block). But what’s the difference between SFTP vs SMB and when should you use each protocol?

We’ll look at the performance, speed, security, and use cases of SFTP vs SMB to help you decide which one better fits your needs for remote file access.

 

What is SFTP?

SFTP, or Secure File Transfer Protocol, or SSH File Transfer Protocol allows the secure transfer of files between a local and remote host using an encrypted SSH data stream. Click here to learn more.

Secure File Transfer Protocol (SFTP) icon, representing encrypted file transfers.

Here are some key facts about SFTP:

  • Encrypted connection: SFTP ensures all data is encrypted in transit, safeguarding your files and transfers via an SSH tunnel.
  • Standard SSH port: It uses SSH port 22 for connections, maintaining standardized secure communications.
  • File-level access: Directly access, edit, delete, rename, upload, and download remote files with ease.
  • Granular permissions: Detailed user access controls can be configured on the server for enhanced security.
  • Cross-platform compatibility: Supported on Linux, Unix, Windows (with clients), and macOS, thanks to its SSH-based protocol.
  • Common uses: web hosting, remote system administration, automating file transfers between servers.

With its strong encryption and file-level controls, SFTP is great for securely accessing files on a remote server, whether for web development, IT management, or any scenario requiring tight file security.

 

What is SMB?

SMB (Server Message Block) is a network file-sharing protocol that allows users to access files stored on a remote server as if they were on their local system. Click here to learn more.

Server Message Block (SMB) icon, representing a communication protocol for transferring files.

Key SMB facts:

  • Share-level access: Unlike SFTP, SMB shares entire directories, allowing them to be mounted as network drives.
  • TCP-based: Operates over TCP for file transfers, without inherent encryption.
  • Native to Windows: A Microsoft creation, included in all Windows versions, utilizing TCP ports 139 & 445.
  • File locking: Manages file access among multiple users effectively.

Originally designed for LAN use, SMB facilitates seamless file sharing between Windows computers but lacks the robust encryption found in SFTP. For more information on SMB file sharing click here.

 

SFTP vs SMB: Security

Security is a major point of difference when assessing each:

  • SFTP offers SSH encryption for all data transfers, contrasting with SMB’s lack of encryption in versions prior to 3.0. However, SMB 3.0 and later versions include encryption capabilities.
  • SMB security can be enhanced with IT policies such as two factor authentication, device approval, VPNs, or using trusted file share access software as versions earlier than 3.0 inherently lack encryption.
  • Authentication in SFTP can use SSH keys or username/password, whereas SMB typically relies on Active Directory credentials.

So SFTP is far more secure overall thanks to its use of SSH encryption. SMB versions earlier than 3.0 lack encryption by design but can be secured by layering the proper tools. For a deeper dive into SFTP and how it relates to security click here. For more information on SMB and how it relates to security, click here.

A burglar reaching into a folder to steal files with a red no symbol overlayed.

SFTP vs SMB: Speed

In terms of speed and performance:

  • SMB is generally faster for small file transfers like documents due to less protocol overhead.
  • But SFTP handles large batches or huge files much more efficiently.
  • SMB performance degrades significantly over high latency networks or the internet due to its “chatty” protocol.
  • SFTP’s simpler protocol makes it more resilient to network lag over long distances.

So for large files or international transfers, SFTP will outperform SMB. But for quick small file reads/writes on a LAN, SMB may be faster.

 

SFTP vs SMB: Usability

For general end-user experience, SMB is easier and more seamless thanks to its native Windows integration:

  • SMB shares automatically appear as standard network drives, while SFTP requires using an FTP client.
  • The Windows file explorer transparently handles SMB, but a third-party tool is needed for basic SFTP tasks.
  • SMB allows coordinated file locking and simultaneous remote access from multiple users.

So if you just want simple drag-and-drop remote file access, SMB certainly provides a better experience, especially for less tech-savvy users.

 

SFTP vs SMB: Operating System Support

Almost all Windows versions include built-in SMB support, while SFTP requires a third-party client on Windows.
macOS and Linux have native SFTP support but may need Samba installed for SMB access.

So for Windows-specific environments, SMB has the advantage. But for heterogeneous networks, SFTP has wider cross-platform support.

 

When to Use SFTP vs SMB?

So when should you use each of these protocols? Some general guidelines:

Use SFTP for:

  • Securely accessing files on remote servers over the internet
  • Automating transfers between servers like backups or syncing
  • Linux server administration and managing hosted websites
  • Transferring large files or batches
  • Cross-platform file sharing

Use SMB for:

  • Quickly networking Windows machines on a LAN
  • Seamless remote file access for Windows users
  • Collaborating on files between Windows apps and users
  • Simultaneous multi-user remote file access

Examples of SFTP and SMB use cases:

  • Web developers use SFTP to manage files on web servers.
  • Businesses use SMB to easily share files and printers within their internal Windows network.
  • IT teams use SFTP for automating secure Linux server administration.
  • Creators leverage SMB for collaborating on artwork files across a Windows network.

Summary

While SFTP offers encrypted SSH-based transfers and file-level access, SMB is tailored for seamless directory sharing within Windows environments. SMB has evolved with versions 3.0 and above to include encryption, enhancing its security stance. SFTP remains the go-to for secure, cross-platform file transfers, whereas SMB excels in user-friendliness for Windows users.

Choosing between SFTP and SMB depends on your specific requirements, including security needs, network setup, and operating systems in use. With their distinct advantages, both protocols continue to be vital for today’s remote file access needs. To learn about alternative protocols for remote access click here.

ownCloud vs Nextcloud: Similarities and Differences

As data privacy concerns drive demand for solutions that let users control their files, open-source platforms like ownCloud and Nextcloud have emerged as popular self-hosted alternatives to closed cloud storage services. Offering easy file syncing, sharing, and collaboration without relying on third-party servers, these projects empower personal and organizational users alike.

However, for IT teams considering a switch to self-hosted storage, a pivotal question arises in the ownCould vs Nextcould debate– which solution best fits their needs? While ownCloud and Nextcloud share common origins, key differences distinguish them today. In this in-depth comparison, we’ll analyze the history, features, community support, security, and use cases of each to help guide your decision.

 

ownCloud: Pioneering an Open Source Cloud Storage Alternative

ownCloud was created in 2010 by developer Frank Karlitschek, who recognized the need for a self-hosted storage platform with the usability of consumer-friendly services like Dropbox, Google Drive, and Box, but without relinquishing data control.

From the start, ownCloud positioned itself as an open-source alternative accessible to non-technical users. Its intuitive web interface enabled easy file syncing across desktop and mobile devices, while supportive features like sharing, versioning, and collaborative document editing made ownCloud a functional, privacy-focused solution.

ownCloud’s open approach also cultivated an ecosystem of third-party developers who created custom apps and integrations. As the software matured, ownCloud Inc. formed to offer commercial support and enterprise services around the platform, though community development continued through the open-source edition.

 

Nextcloud Forks for Greater Openness

While ownCloud grew popular across individual users and organizations seeking self-hosted storage, tension emerged within the open-source community over the project’s changing direction. As ownCloud Inc. increasingly focused on monetizing enterprise features, some felt it came at the expense of open-source contribution and advancement.

Controversy reached a boiling point in 2016 when Frank Karlitschek resigned as CTO from ownCloud Inc., citing disagreements about the company’s commitment to community-driven open-source development versus commercial interests.

Shortly after his departure, Karlitschek announced Nextcloud as a fork of the original ownCloud codebase. Nextcloud aimed to realign with the open, collaborative ethos of the early ownCloud project.

Under an AGPLv3 license, Nextcloud maintained a strict policy of 100% open-source development, accepting community contributions and eschewing any proprietary code or features. This approach quickly earned Nextcloud favor among the open source community, with many of ownCloud’s original developers migrating to the Nextcloud project.

Over the following years, Nextcloud saw rapid development and innovation driven by its community-centered model. While ownCloud progressed steadily, Nextcloud’s more open approach and collaborative culture allowed it to evolve faster. As a result, Nextcloud pulled ahead of ownCloud in terms of features, apps, and overall momentum.

 

ownCloud vs Nextcloud: Comparing Key Features and Capabilities

Thanks to their shared origin story, ownCloud and Nextcloud have substantial overlaps in their core functionality for file management and collaboration. However, some key areas of divergence have also emerged, enabling each platform to play to its unique strengths.

 

File Sync and Sharing

As expected given their common ancestry, both ownCloud and Nextcloud excel at syncing and sharing files across desktop and mobile. Support for Windows, Mac, Linux, iOS, and Android gives users platform-agnostic access to stored files. Both also offer important sync and share capabilities like:

  • End-to-end encryption of file transfer and storage
  • File versioning for easily rolling back changes
  • Advanced permission controls on shared files and folders
  • Password protection and expiration of shared links
  • File commenting for better collaboration

Overall, ownCloud and Nextcloud are on par in handling the fundamentals of file management and sharing. Users can comfortably rely on both platforms to deliver a streamlined, consistent experience across devices.

 

Security

Data security is understandably a top priority for organizations considering self-hosted cloud infrastructure. ownCloud and Nextcloud both incorporate essential security capabilities like SSL/TLS encryption, brute force attack protection, and two-factor authentication (2FA).

However, Nextcloud’s position as a 100% open-source platform gives it an edge in transparency and vulnerability response. With all code out in the open, Nextcloud benefits from many more eyes identifying potential issues. ownCloud’s open-core model means some code remains proprietary and thus less scrutinized.

In terms of encryption, ownCloud reserves its most advanced Encryption 2.0 capability exclusively for paying Enterprise customers. Nextcloud has no such restrictions, giving free open-source users access to cutting-edge security features.

 

Custom Apps and Integrations

A major benefit of self-hosting is the ability to customize your cloud storage platform through apps and API integrations. Both ownCloud and Nextcloud have app marketplaces enabling users to augment functionality, but Nextcloud’s is significantly broader:

  • Nextcloud Apps – Over 300 apps spanning storage, productivity, communications, integration, and more
  • ownCloud Apps – Around 140 apps currently available

With Nextcloud’s more active open-source community continuously contributing new apps and updates, it generally outpaces ownCloud in expanding potential functionality through customization.

 

Mobile Apps

Accessing files from mobile devices is a baseline capability for any modern file storage platform. Both ownCloud and Nextcloud provide official mobile apps for iOS and Android that enable similar functionality like:

  • Browsing, searching, and managing cloud-synced files
  • Sharing files internally and externally through public links
  • Automatically uploading photos/videos from mobile
  • Passcode locks and device-specific access controls

While core mobile capabilities are on par, Nextcloud’s app sees a higher velocity of updates and improvements. Recent additions like auto-upload over WiFi and file suggestions reflect Nextcloud’s more agile open-source development.

 

Collaborative Capabilities

Let’s examine ownCloud vs Nextcloud for teams wanting to collaborate closely on documents. Both incorporate useful productivity features like:

  • Real-time collaborative document editing
  • File version histories for tracking changes
  • Commenting on files
  • Calendar and contacts syncing
  • Instant messaging

Here capabilities are nearly even, though Nextcloud offers richer formatting options in its online document editor. Both provide the basics teams need for close collaboration, with room to augment via third-party apps.

 

Interface and User Experience

Within the ownCloud vs Nextcloud debate is the UI and UX perspective. Both share a similar visual style and layout given their origins. However, Nextcloud’s open-source community has invested heavily in refining and modernizing user experience.

Enhancements include streamlined navigation, mobile optimizations, and overall smoother performance. Nextcloud also offers dark mode and other visual customizations not available in ownCloud. While not radically different, Nextcloud does lead in UX refinement.

 

Release Cadence and Support

By nature of their open source models, ownCloud and Nextcloud show some divergence in release schedules and availability of support:

  • ownCloud follows scheduled major version releases every 4-5 months with “point” updates in between. Paid enterprise support is required.
  • Nextcloud follows a continuous delivery model with new features added weekly. Offers paid enterprise support alongside community forums.

Ultimately, both operate frequent release cycles enabling regular improvements. Nextcloud’s open source model enables more fluid updates, while ownCloud follows a more structured cadence.

 

ownCloud vs Nextcloud: Factors to Consider in Your Decision

With an understanding of their respective strengths, let’s examine key points to consider when choosing between ownCloud and Nextcloud:

  • Open source philosophy – If maintaining a completely transparent, community-driven platform is paramount, Nextcloud is likely the better choice based on its unwavering open-source commitment.
  • Pace of innovation – The open collaboration model of Nextcloud enables it to iterate and release new capabilities faster than ownCloud in most cases.
  • App ecosystem breadth – Nextcloud provides significantly more apps and integrations to extend functionality.
  • Security requirements – Nextcloud’s fully public codebase arguably allows more rapid detection and patching of vulnerabilities.
  • Budget constraints – ownCloud’s open core model requires payment for some advanced features, while Nextcloud is 100% open source.
  • Support needs – ownCloud provides integrated enterprise support, while Nextcloud offers community help to free users.

By weighing these key variables against your organizational needs, you can determine the right self-hosted platform for your environment and use case.

 

An Alternative: MyWorkDrive

For Windows-centric organizations seeking secure remote file access without migrating infrastructure, MyWorkDrive offers a streamlined solution purpose-built for this goal. Rather than a separate Linux-based file hosting platform, MyWorkDrive integrates natively with Active Directory and Windows file shares to extend access.

Key advantages of MyWorkDrive include:

By uniquely integrating with Windows environments without disruption, MyWorkDrive simplifies secure remote file access for distributed teams. Avoiding migration complexity makes it a compelling alternative to consider alongside OwnCloud and NextCloud.

Specifically compared to OwnCloud, MyWorkDrive delivers proper simultaneous file locking, Office document editing, automated AD user provisioning, and a robust browser interface lacking in OwnCloud.

And versus NextCloud, MyWorkDrive similarly provides unparalleled native AD and Windows share integration, avoiding the LAMP stack entirely for easier Windows management.

For IT leaders balancing evolving remote work needs with legacy infrastructure realities, MyWorkDrive warrants evaluation as a frictionless enabler of secure file access for distributed teams.

 

Evaluating the Right Path Forward

Transitioning to self-managed infrastructure for privacy and control is a complex undertaking with many technical and business factors at play. For organizations weighing a move to self-hosted storage, the ownCloud vs Nextcloud debate represents compelling open-source options, each with unique strengths.

By taking a thorough, needs-based approach, IT leaders can chart the right course between these community-driven platforms or alternative solutions like MyWorkDrive. With shared aims but different open-source philosophies, each brings benefits to today’s distributed enterprises.

January MyWorkDrive Newsletter 2024

Exceptional Tech Support

In today’s modern tech world, SaaS products are becoming increasingly complex. With trainings, webinars, and long support calls, finding the solutions to sticky situations can be a costly time suck. That’s why a product with a stellar support staff is vital. Unfortunately, many organizations are making support an afterthought. Once a product is purchased there is little regard for continued customer satisfaction and when a problem arises the customer is pawned off to a token support staff often located offshore.

When customers encounter issues or have questions, the quality of support they receive plays a pivotal role in shaping their perception of a brand. Slow response times, unhelpful or uninformed replies, and a lack of empathy can leave customers feeling undervalued and disheartened. This negative experience not only affects their current transaction but also tarnishes a brand’s reputation, as dissatisfied customers are likely to share their grievances with others.

Moreover, inadequate support can lead to increased customer churn. When customers don’t feel their concerns are addressed promptly and effectively, they are more likely to explore alternatives. Losing customers not only impacts revenue but also erodes the trust and loyalty a brand has worked hard to build.

At MyWorkDrive, we understand the significance of exceptional customer support. That’s why we prioritize providing robust and effective US-based support. Our team is committed to ensuring that your queries are addressed promptly and with the utmost care. We believe in going the extra mile to enhance your experience with our product.

Some vendors seem to value only an initial purchase, charge for poor support, and pester customers with upselling. This goes against the founding principles at MyWorkDrive.

In contrast to the drawbacks of subpar support, investing in a reliable support system can lead to improved customer satisfaction and loyalty. We are proud to offer a support system that stands out in the industry – one that values your time and concerns.

As previously mentioned, we have heard that some other remote file-share access platforms have been dropping the ball lately when it comes to support, with no improvement in sight. This makes us concerned at MyWorkDrive as this is not a norm that should be standardized across our industry. On the other hand, we are proud to do what we do and keep our customers satisfied. MyWorkDrive does not, and will never, charge extra fees for support.

FAQ Spotlight

What is CMMC Compliance and How Does it Relate to File Share Access?

CMMC stands for Cybersecurity Maturity Model Certification. It’s a verification program that helps the US Department of Defense (DoD) determine if an organization is secure enough to work with sensitive data. CMMC is required for anyone in the DoD supply chain, including contractors, vendors, and subcontractors. The goal of CMMC is to protect information from unauthorized use or disclosure.

MyWorkDrive enables organizations to deploy file sharing that meets CMMC compliance standards on their own Windows file server infrastructure while still providing users with an enterprise file share collaboration and remote access solution without migrating files to proprietary cloud storage sync/share services.

Click here to learn more about MyWorkDrive and CMMC compliance.

Version 7 Preview Webinar Recording Now Available

We are excited to announce that the webinar of MyWorkDrive Server 7.0, which is soon to be released to preview, is now available for viewing. Version 7 adds many new features and enhancements including Azure AD(Entra) native authentication and Azure file shares over API support.

In the webinar, we demonstrate the use cases for MyWorkDrive including the new features and enhancements in MyWorkDrive version 7.0.

Azure AD/Entra ID Native Authentication

Starting with version 7.0, we are adding a new option to authenticate using Azure AD/Entra ID which will no longer require setting up SAML or integrating with Active Directory. SMB and Azure file storage will utilize Azure AD/Entra ID users and groups assigned to shares natively when determining user access.

Azure File Shares API Access

Currently, in MyWorkDrive 6.x, Azure File Shares can only be accessed through SMB and Active Directory. In version 7 we are adding the ability to connect to Azure File Shares through Azure APIs and Azure AD/Entra. Providing Azure File Share access over API greatly simplifies setup reducing complexity and ongoing costs as Active Directory will no longer be required on Azure File Shares. In addition, Azure File Shares over API greatly improves performance with lower-tier Azure storage.

Azure Blob Storage API Access

In version 7 we are adding the ability to connect to Azure Blob Storage through Azure APIs and Azure AD/Entra. Azure Blob Storage supports NTFS-style permissioning at the file and folder level using Data Lake Gen2. Our goal will be to support Data Lake/Azure AD fine-grained permissions through our Azure Blob Storage API integration.

Register to view the webinar recording:

Complete the registration form below to view the video instantly:

  • This field is for validation purposes and should be left unchanged.

 

What is Private Cloud Storage?

graphical explanation of private cloud with 3 parts

What is Private Cloud Storage?

A private cloud refers to a dedicated cloud computing environment exclusive to a single organization. All underlying compute resources, such as CPU and storage, are provisioned on demand through a self-service portal, and all resources remain under the control of the organization. Also known as an internal or corporate cloud, a private cloud provides a higher level of control and security compared to public or hybrid cloud solutions.

What Are Public Clouds and Hybrid Clouds?

Public Cloud:

Managed by a third-party provider, offering scalability and automation. It is cost-effective and provides a broad range of services to a global user base. The purchase and upkeep of physical data centers and servers are not required.

For instance, a startup might use AWS to host its web applications and databases. By doing so, the startup can take advantage of the scalability and flexibility offered by AWS, only paying for the resources it consumes on a pay-as-you-go basis. The public cloud model allows businesses to access a vast array of services and resources without the burden of managing and maintaining the underlying infrastructure, making it an attractive option for companies of all sizes. Other examples of public cloud providers include Microsoft Azure, Google Cloud Platform, and IBM Cloud.

Hybrid Cloud:

Integrates both public and private clouds, allowing seamless data and application migration between environments for enhanced flexibility and management. In this case, a private physical infrastructure may be utilized with public cloud resources handling tasks that require less security or more computing power.

For example, a company maintains sensitive customer data and critical business applications on a private cloud hosted in its on-premises data center. Simultaneously, the company uses a public cloud service, such as Amazon Web Services (AWS) or Microsoft Azure, to handle additional computing resources for non-sensitive workloads or to accommodate spikes in demand.

A private cloud storage solution might host the customer database and financial applications to ensure strict control and compliance with regulatory requirements. Meanwhile, the public cloud could be utilized to deploy web applications, conduct data analytics, or manage less sensitive information. The hybrid cloud architecture allows the organization to balance the need for security and compliance with the flexibility and scalability offered by the public cloud.

Origin of the Term Private Cloud:

The term “private cloud” or “private cloud storage” originated in the context of the evolution of cloud computing. Before the advent of cloud services like Amazon Web Services (AWS) or Microsoft Azure, organizations traditionally owned, purchased, and maintained their own hardware, including servers, storage devices, and networking equipment. This infrastructure was typically housed in on-premises data centers or co-location facilities to support the organization’s IT operations.

When the concept of cloud computing was introduced, it allowed users to access computing resources on-demand over the internet, some organizations sought to replicate this cloud model within their internal infrastructure. They aimed to provide similar benefits, such as flexibility and resource scaling, but within the confines of their own data centers.

To distinguish between these internally managed cloud environments and third-party public cloud services, the term “private cloud” was introduced. The “private” designation emphasizes the dedicated and isolated nature of the cloud infrastructure, which is exclusively used by a single organization rather than being shared with multiple users or entities.

Benefits of a Private Cloud Storage:

Private clouds offer a range of advantages that cater to specific organizational needs. One key benefit is enhanced security, as private clouds provide a dedicated environment where organizations have greater control over security measures. This is appealing for industries dealing with sensitive data or those subject to stringent regulatory compliance standards. The customization and control afforded by private clouds allow organizations to tailor their infrastructure to unique specifications, including the selection of hardware, software, and network configurations.

In addition to security and customization, private clouds are recognized for their compliance capabilities. Industries such as healthcare, finance, and government, which face rigorous regulatory standards, often find private clouds to be a suitable solution. The predictability of performance in a private cloud, owing to the lack of resource sharing with other users, is crucial for mission-critical workloads. The scalability of private clouds provides flexibility in resource allocation, enabling organizations to efficiently adapt to varying workloads while maintaining optimal performance.

Private Cloud Architecture:

Private cloud architecture shares similarities with public cloud setups and involves technologies such as virtualization, management software, and automation. Virtualization abstracts IT resources from physical hardware, management software ensures centralized control, and automation speeds up tedious tasks, making infrastructure management more efficient.

Private cloud storage comes in various forms:

  • On-Premises Private Cloud: Deployed in an internal data center, requiring resource purchase, maintenance, and security management.
  • Managed Private Cloud: Fully managed by a third party in an external data center, offering convenience and support.
  • Virtual Private Cloud: Deployed within a public cloud infrastructure, combining the convenience of public cloud resources with additional control and security.

MyWorkDrive and Private Cloud Storage:

MyWorkDrive is the leading choice when implementing private cloud storage.

MyWorkDrive outshines competitors like Egnyte and ShareFile. Unlike Egnyte, MyWorkDrive seamlessly integrates into existing Windows File Share infrastructure, OneDrive, or SharePoint, offering a cost-effective alternative with secure remote file access and no need for data migration.

Using MyWorkDrive to implement private cloud storage, with files remaining in place, can be significantly more cost-effective than Egnyte.

MyWorkDrive uniquely enables remote office document editing with native Office 365 online and Office Mobile Apps on local file shares, avoiding the need for cloud syncing before editing as is the case with ShareFile.

Its reduced administration overhead, better Web Browser Client, and robust security measures, including SHA256 Encryption, make MyWorkDrive the preferred choice for organizations seeking a secure, collaborative, and user-friendly private cloud storage experience.

Entra ID Licensing Features and MFA Options for MyWorkDrive customers

This article summarizes Entra ID subscription and MFA options for MyWorkDrive customers.

Entra ID License Options

A summary of Entra ID (Azure AD) subscription options which may be relevant to MyWorkDrive customers

Summarized From
https://www.microsoft.com/en-us/security/business/microsoft-entra-pricing

Free

Included with Microsoft cloud subscriptions such as Microsoft Azure, Microsoft 365, and others.

Features:
Authentication, single sign-on and application access
Multifactor authentication and conditional access

The Free license would provide the minimum features required to use MyWorkDrive. You can deploy Entra ID Login for MyWorkDrive and use MFA to protect your user accounts.

P1 License

Microsoft Entra ID P1 (formerly Azure Active Directory P1) is available as a standalone or included with Microsoft 365 E3 for enterprise customers and Microsoft 365 Business Premium for small to medium businesses.

P1 includes the same features as Free, with some additional sub-features

Authentication, single sign-on and application access
also includes

  • Group assignment to applications (makes assigning users to applications easier, if you are not selecting the “assign all” option)
  • Application proxy for on-premises, header-based, and integrated Windows authentication. (Read about deploying App Proxy here)

Multifactor authentication and conditional access
also includes

P2 License

Microsoft Entra ID P2 (formerly Azure Active Directory P2) is available as a standalone or included with Microsoft 365 E5 for enterprise customers.

P1 and P2 Entra ID licenses enable additional features and allow additional flexibility for MyWorkDrive customers users.

P2 offers no additional features over P1 which are commonly used by MyWorkDrive customers.

 

MFA options with Entra ID Licenses

MFA Options MyWorkDrive customers may choose to deploy for their users.

MyWorkDrive strongly encourages the use of Multifactor Authentication for all user accounts.

Summarized from
https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mfa-licensing

Free

You can use security defaults to prompt users for multifactor authentication as needed but you don’t have granular control of enabled users or scenarios, but it does provide that additional security step.
Even when security defaults aren’t used to enable multifactor authentication for everyone, users assigned the Microsoft Entra Global Administrator role can be configured to use multifactor authentication. This feature of the free tier makes sure the critical administrator accounts are protected by multifactor authentication.
https://learn.microsoft.com/en-us/entra/fundamentals/security-defaults

Microsoft 365 Plans

Microsoft Entra multifactor authentication can be enabled for all users using security defaults. Management of Microsoft Entra multifactor authentication is through the Microsoft 365 portal.
https://learn.microsoft.com/en-us/entra/fundamentals/security-defaults

P1, P2 Licenses

You can use Microsoft Entra Conditional Access to prompt users for multifactor authentication during certain scenarios or events to fit your business requirements.
https://learn.microsoft.com/en-us/entra/identity/conditional-access/howto-conditional-access-policy-all-users-mfa

The free and Microsoft plans provide sufficient protection, but P1 and P2 licenses offer greater flexibility of options via Conditional Access.

MyWorkDrive now available in the Rippling Store

We’re excited to announce that MyWorkDrive is now available on the Rippling App Shop. Rippling is a leading HR management platform that makes it easy to manage your employees’ apps and workflows.

With Rippling and MyWorkDrive, you can provide your team with secure access to important files without complex VPNs or data migration. This integration creates a streamlined experience for your business.

Rippling offers a comprehensive solution to manage HR and IT, including over 700 app integrations. The activity stream gives you real-time visibility into employee app usage.

MyWorkDrive enables remote access to your files wherever they live. Together with Rippling, we can help you simplify employee onboarding, organize HR documents, and keep your workforce connected.

Check out MyWorkDrive today on the Rippling App Shop or in our Rippling SAML support article to experience the benefits of our integrated platforms. We believe this partnership will create more efficient workflows and an improved experience for your business and employees.

October MyWorkDrive Newsletter 2023

Software Development Risks

In today’s interconnected world, the software we use plays a pivotal role in our lives, from personal communication to business operations. Concerns over the security and privacy of our digital lives are increasing, especially when using software developed and supported in countries whose governments have divergent political motives.

Data privacy is a fundamental right that should be upheld across the globe. However, many governments do not adhere to the same level of data protection as those with a stronger tradition of human rights-based regulatory, legal, and social norms. This is partly due to the absence of robust data protection regulations, oversight, and freedom of expression found in countries like the United States and the European Union. The absence of stringent data privacy laws in some countries can leave users with little recourse when their data is mishandled or exploited. Breaches of data privacy can lead to severe consequences, including identity theft, cyber espionage, and loss of personal information.

One of the central issues contributing to the security risks associated with software from nefarious countries is the stark contrast in regulatory frameworks. Countries like the United States and the European Union enforce the strictest data protection laws in the world, such as the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPPA), the Gramm-Leach-Bliley Act (GLBA), the California Consumer Privacy Act (CCPA), and the Privacy Act of 1974, which demand companies use, protect, and collect data, as well as report data breaches in a highly regulated and responsible way amongst many other things.

On the other hand, other counties might maintain a façade of data privacy and security regulations, while at the same time allowing for greater government involvement and less oversight over data handling practices. This institutional disparity creates an environment where governments may more easily exploit or access user data without their informed consent, or create cases in which firms may be compelled to promptly hand over user data.

The use of software from countries with ambiguous intentions presents substantial security risks. Government control, the looming threat of backdoors, weak data privacy regulations, and regulatory differences all combine to heighten these risks. Users and organizations must approach their digital lives with heightened vigilance and prioritize data security and privacy when vetting software purchases. As the debate on balancing security and access continues globally, users must remain informed and cautious in their choice of software, safeguarding their digital assets.

This is why when choosing a software vendor one must consistently scrutinize its methods, practices, fidelity, and country of origin. MyWorkDrive not only leads the industry in file-share remote access technology but also adheres to the strictest sets of standards and ethics when it comes to data privacy. And of course, all MyWorkDrive assets, employees, and development has always been and will always be located in the United States and the European Union.

FAQ Spotlight

What is Vendor Lock-in and How Does it Relate to File Share Access?

Vendor lock-in refers to a situation where a customer becomes heavily dependent on a particular vendor’s products or services, making it difficult to switch to an alternative vendor without significant cost or disruption. In the context of accessing file shares, vendor lock-in can occur when an organization relies on a file share access platform or service that uses proprietary formats or systems. This dependence can make it challenging to migrate data and processes to a different file-sharing solution if the need arises. It’s important to be aware of vendor lock-in when choosing file-sharing tools to maintain flexibility and avoid potential limitations down the road.

MyWorkDrive’s platform-agnostic approach, avoidance of proprietary formats, and data ownership on your servers prevent vendor lock-in. This empowers organizations to maintain control over their data and infrastructure, eliminating the need to migrate files to cloud storage providers with vendor lock-in. Our file server sharing software allows enterprises to securely access cloud files without compromising security and with easy deployment.

Click here to learn more about vendor lock-in and the associated costs it brings.

 

What is SMB File Sharing? A Comprehensive Guide

 

example of sever message block file sharing

 

Today we will provide an explanation of SMB (Server Message Block) – the bedrock of seamless file sharing and a linchpin of modern business collaboration. What is SMB? What are its uses and what are its drawbacks?

 

SMB: Tracing the Evolution

SMB’s origins can be traced back to the early 1980s, when IBM introduced a protocol to facilitate file and printer sharing within LAN Manager networks. Over subsequent years, it underwent iterative improvements, eventually evolving into the robust SMB protocol integral to contemporary networking landscapes.

 

The Essence of SMB

SMB, which stands for Server Message Block, serves as a fundamental network file-sharing protocol allowing applications and users to effortlessly access and share files, printers, and various resources on a local network. It operates as an application-layer network protocol, supporting shared access to files, printers, serial ports, and facilitating seamless communication between network nodes.

In a more detailed technical perspective, SMB plays a crucial role in enabling the smooth exchange of data between devices operating on different systems, be it Windows, Linux, or Mac. By acting as a universal language for devices within a networked environment, SMB ensures effective collaboration and communication.

This protocol forms the backbone for secure and controlled access to files on remote servers, while also providing the necessary framework for connecting to resources such as printers, mailslots, and named pipes. Through a response-request model, SMB establishes a reliable communication channel by allowing clients to initiate connections with servers, triggering a two-way exchange of information crucial for efficient network operations.

Over time, SMB has evolved from its reliance on NetBIOS over TCP/IP and legacy protocols to directly running over TCP/IP on port 445. It is worth noting that for devices lacking direct SMB support over TCP/IP, the use of NetBIOS over a transport protocol like TCP/IP remains essential for seamless communication.

 

Real-World Applications of SMB

Now let’s illustrate the practicality of SMB through real-world use cases:

Corporate Collaboration and Data Exchange

In a bustling corporate ecosystem, collaboration and data sharing form the lifeblood of efficient operations. SMB makes possible the secure and efficient sharing of files among employees, ensuring that critical documents, projects, and resources are seamlessly accessible to authorized users.

For example, a marketing firm requires SMB file sharing to successfully manage a campaign. The creative team is responsible for designing promotional material and needs swift access to various image and video files stored on the company’s server. Through the integration of SMB, team members can easily share their latest creations with the content writers and marketing strategists. SMB protocol ensures ad concepts, branding visuals, or social media assets, are securely and efficiently shared within the team.

 

Retail and Point-of-Sale Systems

Within the retail sector, SMB is instrumental in enabling smooth communication between point-of-sale (POS) systems, inventory management software, and other vital retail applications. This integration ensures swift and accurate transaction processing, inventory updates, and sales reporting.

For example, in a boutique clothing store when a customer purchases a new outfit at the store’s POS terminal SMB integration is evident. The POS system swiftly records the transaction deducting the purchased items from the inventory. Simultaneously, sales data is transmitted to the accounting software for real-time financial reporting. This integration not only ensures accurate stock levels but also enables the store manager to make informed decisions on restocking popular items based on the sales data, ultimately optimizing the retail operation.

 

Downsides to using SMB for File Sharing

While SMB (Server Message Block) is a powerful tool for seamless file sharing and collaboration, it’s essential to recognize and address its associated security concerns. Understanding these concerns is crucial for implementing robust security measures and ensuring a safe network environment. Let’s delve into the notable security issues related to SMB:

 

SMB Version Vulnerabilities

Different versions of SMB have had various security vulnerabilities. Older versions like SMBv1 have been particularly problematic, with known vulnerabilities like EternalBlue, which was famously exploited in the WannaCry ransomware attack. It’s critical to use the latest and most secure versions of SMB and disable older versions to mitigate these risks.

 

Unencrypted Data Transmission

By default, SMB does not encrypt data during transmission, making it susceptible to eavesdropping and data interception. Attackers can potentially gain unauthorized access to sensitive information passing through the network. Utilizing encryption protocols like SMB over HTTPS (SMB 3.1.1+) or VPNs can significantly enhance data security.

 

Brute Force Attacks

Attackers may attempt to gain unauthorized access by using brute force attacks, trying different username and password combinations until they find the correct credentials. Implementing strong password policies, account lockout mechanisms, and multi-factor authentication (MFA) can help deter these attacks.

 

Weak or Default Credentials

Insecure default passwords or weakly configured credentials are a common point of entry for attackers. It’s crucial to change default passwords and ensure strong, unique passwords for all SMB-enabled devices. Regularly updating and managing credentials is equally important.

 

Unauthorized Access and Permission Issues

Misconfigured access controls and inadequate permission management can lead to unauthorized access to files and directories. Employing the principle of least privilege and regularly reviewing and adjusting permissions based on roles and responsibilities is vital to mitigate this risk.

 

Malware and Ransomware

SMB has been a favored target for malware and ransomware attacks due to its widespread usage. Attackers exploit vulnerabilities in SMB to propagate malware across networks and encrypt files for ransom. Regular security updates, network segmentation, and robust endpoint protection are essential defenses against such threats.

 

Man-in-the-Middle (MitM) Attacks

SMB traffic can be intercepted by malicious actors using MitM attacks. This could lead to session hijacking, data tampering, or data theft. Employing encryption (as in SMB 3.1.1+), using digital certificates, and configuring secure channels can mitigate the risk of MitM attacks.

 

Lateral Movement and Pass-the-Hash Attacks

Once inside a network, attackers may leverage SMB to move laterally across systems by exploiting stolen credentials (e.g., hashed passwords). Implementing network segmentation, regular password changes, and restricting unnecessary SMB traffic can help prevent these attacks.

 

The Significance of SMB in Modern Business

Despite its drawbacks, the utilization of SMB remains commonplace in the contemporary workplace. The magic of SMB lies in its ability to effortlessly unite disparate systems and devices under a common file sharing language. It’s the cornerstone of modern data sharing, a testament to the evolution of networking, and a pivotal component in driving businesses forward into a future of seamless collaboration.

SMB is a fundamental technology that plays a critical role in modern networked environments. While it may be taken for granted by some users due to its ubiquity and ease of use, IT professionals and those responsible for managing network infrastructures understand its significance and work to ensure its proper implementation and security.

However, SMB alternatives do exist for remote file access. MyWorkDrive has been a pioneer in the industry by crafting a unique approach to accomplish this. MyWorkDrive converts Windows-based SMB/CIFS file shares into secure file shares that can be accessed anywhere using TCP https/SSL port 443 over highly encrypted RSA 4096 and TLS 1.2 FIPS compliant protocols.

For businesses of all sizes, SMB (Sever Message Block) is a linchpin that harmonizes diverse operating systems, enabling a cohesive digital ecosystem. MyWorkDrive builds off this to fortify and reinforce security protocols for file sharing across varied organizations.

 

FAQ

What’s The Difference Between Samba and SMB?

Samba and SMB are related in that Samba is an open-source implementation of the SMB protocol for Unix systems and Linux distributions. Released in 1992, Samba acts as a server that allows various client types to access resources using the SMB protocol. SMB, which stands for Server Message Block, is a networking file sharing protocol that operates over TCP/IP networks. Samba essentially provides compatibility and interconnection between Linux/Unix systems and Windows systems using the SMB protocol. Through Samba, Unix/Linux servers can offer file sharing, print services, authentication and authorization, name resolution, service announcements, and integration with Active Directory for Windows clients. In summary, SMB is the protocol, while Samba is a software suite that implements the SMB protocol for Unix/Linux systems.

 

What’s The Difference Between CIFS and SMB?

CIFS (Common Internet File System) is an early version of the SMB (Server Message Block) protocol created by Microsoft. While SMB and CIFS are often used interchangeably, CIFS specifically refers to a particular implementation of SMB. It’s important to note that there are distinctions between different dialects of the SMB protocol. For instance, older versions like SMB 1.0 and CIFS lack the enhanced security features present in newer dialects like SMB 3.0, which offer more advanced security protections against threats like ransomware such as WannaCry. As a result, modern systems typically rely on the newer SMB dialects for improved security measures. For example, Windows 10 supports SMB 3.1.1, the latest version of the protocol at the time of writing.

 

Is The SMB Protocol Safe?

The security of the SMB protocol has evolved over time. In the past, vulnerabilities in older versions like SMB 1.0 were exploited by ransomware attacks such as WannaCry and Petya. These incidents highlighted the risks associated with outdated SMB versions and prompted Microsoft to release patches and recommend disabling SMB 1.0/CIFS to enhance security. However, newer versions like SMB 3.0 and above have introduced significant enhancements to bolster security. These improvements include features such as end-to-end data encryption, protection against eavesdropping, secure dialect negotiation, and enhanced encryption capabilities. Additionally, SMB 3.1.1 further improved security by adding pre-authentication integrity and the ability to negotiate crypto-algorithms on a per-connection basis. Overall, the evolution of SMB versions towards greater security features indicates that modern iterations of the protocol are far more secure than their predecessors. By adopting newer SMB versions and implementing recommended security measures, users and administrators can significantly enhance the safety of their systems and data when using the SMB protocol.

 

What are SMB Protocol Dialects?

SMB protocol dialects refer to various versions and iterations of the Server Message Block protocol that have been developed over time. These dialects have been introduced to enhance the functionalities, security, scalability, and efficiency of the original SMB protocol. Some of the notable SMB protocol dialects include SMB 1.0 (1984), CIFS (1996), SMB 2.0 (2006), SMB 2.1 (2010), SMB 3.0 (2012), SMB 3.02 (2014), and SMB 3.1.1 (2015). Each dialect builds upon the previous version, introducing improvements and new features to meet the evolving needs of network communication and file sharing within SMB environments.

The performance Difference: Apple’s M1 vs. M2 Processors with Single NAND Chip SSDs

MyWorkDrive was heavily invested in the new ARM based Apple processors during their development, with dev kits and active development of our macOS client in the run up to the M1 launch.

When production units arrived, we eagerly picked up a number of new Macs – M1 Pro for development, Minis for QA and your author picked up a MacBook Air to join in as additional testing. It was important to us to ensure we had a stable, reliable macOS client for early adopters.

The M1 Processor Macs showed to be much faster out-of-the-box than Intel based Macs of similar (and even greater) spec. And the battery life was amazing. Our client worked very well (with some small setup challenges for the file system driver).

When the M2 came out, we looked eagerly to upgrade. Expecting even better battery life and performance increases in the M1 to M2 akin to what we’d see going from Intel to M1.
We were surprised to find the M2 was not much faster, and in some cases actually even slower than the M1 equivalents. Customers noted the same thing. Wondering if we’d changed our software or built something different for the M2 – or what was different. Disk operations like loading directories and file writing are significantly slower on the entry level M2 MacBook Air as compared to an equivalent M1 MacBook.
We hadn’t made any changes, and our dev team didn’t find any reason in the macOS software that would have caused any performance changes. And running macOS Ventura (10.13) on M1 Macs didn’t show the performance issues. At was certainly something in the M2 that was different from the M1, that our software seemed particularly impacted by.

Thanks to community research and articles from The Verge and ArsTechinca (1) (2), we now know that the issue relates to Apple’s choice to use a single NAND chip in the 256gb SSD for the M2 processor machines, instead of two NAND chips which where used in the M1 models.

Disk Speed: A Crucial Aspect of Performance

Disk speed is a critical factor that impacts overall system performance. It determines how quickly data can be read from and written to the storage drive, which affects tasks like booting up the system, launching applications, and handling large files. This is particularly true for MyWorkDrive on macOS using Apple’s File Provider to make remove files available to end users. Files and metadata are retrieved from the MyWorkDrive server and passed through Apple’s file provider to Finder, a process which reads data in via API and writes it to disk.

You’ll have both disk writes (to make the data available) and disk reads (by the user accessing the data), so SSD Performance is critical to smooth operation. The M1 does great. The entry level M2 devices, however, suffer some performance decrement.

Apple’s M1: SSD Performance and Beyond

The M1 processor, combined with its unified memory architecture and high-performance SSDs, led to impressive disk speed gains compared to older Intel-based Macs. This was partly due to the efficient integration of the SSD controller and the increased bandwidth of the M1’s memory subsystem. The result was near-instantaneous app launches, swift data transfers, and reduced wait times.

Apple’s M2: The Single NAND Chip SSD Conundrum

As Apple introduced the M2 processor, it continued to prioritize performance and efficiency. However, in certain lower-range M2 Macs, there’s been a shift in the approach to SSD design. Instead of using a multi-chip SSD configuration, some M2 Macs feature a single NAND chip for their SSDs. This design decision might raise eyebrows, considering the potential impact on disk speed.

The Implications of Single NAND Chip SSDs

Using a single NAND chip for an SSD can have both positive and negative implications for disk speed. On one hand, a single NAND chip can lead to cost savings and potentially improved power efficiency due to reduced complexity. On the other hand, it might result in slower disk speeds compared to multi-chip SSD configurations. This is because multi-chip SSDs can leverage parallelism to achieve higher data transfer rates.

For most users, the M2 Macs are still faster than an equivalent Intel based Mac, and performance is as good or better than Windows laptops, so the M2 is still a solid choice.

However, if you haven’t refreshed 256gb Macs from M1, you might want to stick with M1s.
If you do want to upgrade, you might spend the extra money ($200 as of the writing of this article) to upgrade from the 256gb storage model to the 512gb storage model, for users who have high disk utilization demands – creatives, db users, video editors, etc.

Storm-0558 Breach Shakes Microsoft: A Wake-Up Call for Cybersecurity

In recent weeks, the tech world has been abuzz with the news of the “Storm-0558” breach at Microsoft, sending shockwaves throughout the industry. The incident, which occurred on July 20, 2023, has raised serious concerns about cybersecurity and the need for heightened vigilance in safeguarding sensitive information.

The breach was the result of a sophisticated cyberattack carried out by an unknown group of hackers. They managed to infiltrate Microsoft’s systems, gaining unauthorized access to a significant amount of sensitive data. As one of the world’s leading technology giants, Microsoft’s platforms host vast volumes of sensitive information, including customer data, proprietary code, and strategic plans.

The breach gave hackers access to emails for at least 25 US government agencies, and had the potential to be used for “multiple types of Azure Active Directory applications, including every application that supports personal account authentication, such as SharePoint, Teams, OneDrive, customers’ applications that support the ‘login with Microsoft’ functionality, and multitenant applications in certain conditions,” according to research from Shir Tamari on Wiz, published July 21

While Microsoft quickly took action to mitigate the damage and contain the breach, the incident served as a stark reminder that even the most advanced tech companies are not immune to cyber threats. The breach is likely to have far-reaching consequences for Microsoft, its customers, and the broader tech community.

Here are some key takeaways from the Storm-0558 breach:

Heightened Cybersecurity Measures: The breach has underscored the need for companies to invest in robust cybersecurity measures continually. As hackers become increasingly sophisticated, organizations must stay ahead by implementing the latest security protocols and conducting regular risk assessments.

Customer Trust: Data breaches can severely impact customer trust. With cyberattacks on the rise, it’s essential for companies to be transparent with their customers, informing them of any potential data exposure and implementing measures to regain trust.

Raising Cybersecurity Awareness: The breach is a stark reminder to individuals and employees about the importance of cybersecurity awareness. Regular security training and adherence to company policies can go a long way in preventing similar incidents.

While the full impact of Storm-0558 is yet to be seen, the breach serves as a wake-up call for the entire tech industry. Cybersecurity threats are evolving rapidly, and organizations must remain vigilant and proactive in defending against them.

MyWorkDrive solves one of the core issues in the breach noted by Tara Seals on DarkReading (July 21, 2023), the lack of logging about user activities. With MyWorkDrive you have user event logging for all logins and file operations natively, with the ability to pass those events to your SEIM via Syslog.

Addition security features such as DLP/Restricted mode, Device Approval, and deployment behind Azure AppProxy with compliant devices, can be leveraged to mitigate the data exposed in the case of unauthorized access.

The Current State of File Sharing: Comparing Public and Private Cloud for Remote Work

As remote work becomes increasingly prevalent in a post-COVID world, organizations of all sizes must consider the best file sharing options to ensure compliance and maintain high-security standards. This is particularly crucial for compliance and security-minded sectors such as government, military, and healthcare, which handle sensitive and confidential data. Let’s explore the current state of file sharing and compare cloud-based solutions to on-premise private cloud setups in the context of these organizations versus small businesses.

Public-vs-Private-Cloud

Cloud-based file sharing has gained significant traction in recent years, providing scalable and accessible solutions for businesses of all sizes. Cloud storage allows for seamless collaboration, remote access, and automatic synchronization of files. For small businesses, cloud solutions offer several advantages, including reduced upfront costs, minimal maintenance requirements, and the ability to scale resources based on demand. This makes cloud-based file sharing an attractive option for small organizations with limited IT resources.

However, compliance and security-minded organizations, such as government, military, and healthcare, have unique considerations. These sectors handle highly sensitive data, often subject to strict regulations and compliance requirements. For such organizations, on-premise private cloud setups offer greater control and customization options. With an on-premise private cloud, data storage and file sharing infrastructure are maintained within the organization’s own premises, providing a higher level of physical control over data.

By opting for an on-premise private cloud, compliance and security-minded organizations can design and enforce their own security protocols. They can implement specific access controls, encryption methods, and monitoring systems tailored to their unique requirements. This level of control enables organizations to ensure compliance with industry regulations and mitigate potential risks associated with storing and sharing sensitive data.

Moreover, on-premise private cloud setups can address concerns related to data sovereignty, which is particularly crucial for government organizations. By keeping data within their own premises, these organizations can maintain strict control over data residency and ensure that sensitive information remains within the jurisdictional boundaries.

However, it is important to note that on-premise private cloud setups come with higher upfront costs, require dedicated IT infrastructure, and demand specialized technical expertise to set up and maintain. These factors may pose challenges for smaller businesses with limited resources and IT capabilities.

Cloud-based file sharing solutions, on the other hand, offer robust security measures and compliance features. Reputable cloud providers implement industry-standard encryption, authentication protocols, and regular backups to protect data from unauthorized access. Many cloud providers also adhere to stringent compliance frameworks, such as HIPAA for healthcare organizations or FedRAMP for government agencies. These compliance certifications provide added assurance to security-minded organizations that the cloud provider meets specific security standards.

Additionally, cloud providers often have dedicated security teams and resources to monitor and respond to emerging threats promptly. This level of expertise may not be readily available or feasible for smaller organizations to maintain in-house.

Compliance and security-minded organizations, such as government, military, and healthcare, face unique challenges when it comes to file sharing in a remote work environment. While on-premise private cloud setups offer greater control and customization, they come with higher costs and technical complexities. Cloud-based file sharing solutions provide scalability, accessibility, and robust security measures that can meet the compliance requirements of these organizations. However, it is essential for these organizations to conduct a thorough assessment of cloud providers, ensuring that they meet the necessary compliance standards and offer suitable security measures. Ultimately, the choice between cloud-based file sharing and on-premise private cloud will depend on the specific needs, resources, and compliance obligations of each organization.

 

June MyWorkDrive Newsletter 2023

Embracing Multi-Cloud for File Sharing: Breaking Free from Vendor Lock-In

In today’s digital landscape, file sharing has become an integral part of both personal and professional activities. The rise of cloud computing has revolutionized the way we store, access, and collaborate on files, offering unprecedented convenience and scalability. However, relying on a single cloud provider for all file sharing needs can lead to vendor lock-in, limiting flexibility and hindering innovation. This is where the concept of multi-cloud enters the picture, empowering organizations and individuals to break free from the chains of vendor dependency.

What is Multi-Cloud?

Multi-cloud refers to the practice of utilizing multiple cloud service providers simultaneously to meet specific business or personal needs. Rather than relying on a single provider, multi-cloud strategies embrace a diverse ecosystem of cloud solutions, each offering unique features, performance, and pricing models. By leveraging different clouds, organizations gain greater control over their data and applications while reducing the risks associated with vendor lock-in.

Preventing Vendor Lock-In: Vendor lock-in occurs when an organization becomes heavily dependent on a specific cloud provider, making it difficult or costly to switch to an alternative solution. This situation can arise due to proprietary file formats, limited data migration capabilities, or the absence of interoperability between cloud platforms. Multi-cloud strategies, on the other hand, enable users to mitigate these risks and maintain flexibility by distributing workloads across multiple clouds. Here’s how multi-cloud can help prevent vendor lock-in in the context of file sharing:

1. Data Redundancy and Resilience:

By distributing files across multiple clouds, users ensure data redundancy and resilience. In the event of a service outage or disruption from one provider, files can still be accessed from alternative sources. This redundancy reduces the risk of data loss or downtime, safeguarding business continuity and user productivity.

2. Interoperability and Portability:

Multi-cloud environments allow organizations to choose the cloud provider best suited for each specific task. This flexibility prevents reliance on a single provider’s proprietary file formats, APIs, or toolsets, enabling seamless integration between different cloud platforms. It also facilitates easier migration of data and applications between clouds, should the need arise.

3. Cost Optimization: With multi-cloud, companies have the opportunity to optimize costs by selecting the most cost-effective provider for different workloads or storage requirements. Each cloud provider offers varying pricing models, and by strategically distributing files, organizations can take advantage of competitive pricing and avoid vendor lock-in due to escalating costs.

4. Innovation and Agility:

Embracing multi-cloud fosters a culture of innovation and agility. It allows organizations to tap into the unique strengths and services offered by different providers, tailoring solutions to meet specific requirements. This diversity promotes experimentation, encourages faster adoption of emerging technologies, and enables organizations to stay ahead in an ever-evolving digital landscape.

Conclusion: Multi-cloud is emerging as a powerful strategy for file sharing, liberating organizations from the constraints of vendor lock-in. By distributing workloads across multiple cloud providers, organizations can ensure data redundancy and gain greater control over their data and applications while reducing the risks associated with vendor lock-in.

MyWorkDrive Version 6.4 Released to Production

We are excited to announce the Production Release of MyWorkDrive Server 6.4 with support for OneDrive and SharePoint Storage and Public file and folder sharing. Version 6.4 also includes additional improvements and bug fixes.

Get the full details and downloads on our 6.4 Server Launch Page

 

Cloud Storage Pricing

Cloud File Storage Pricing

Considering moving files to Cloud Storage? Cloud file storage has revolutionized the way we store and manage our data. Rather than relying on local storage solutions, cloud storage offers a more flexible, scalable, and cost-effective way to store, share, and access files. However, as with any technology, there are costs associated with cloud file storage. In this article, we’ll take a closer look at the cloud file storage pricing, including monthly storage fees, egress fees, and other charges.

Cloud Storage Pricing

Monthly Storage Fees

One of the most significant costs associated with cloud file storage is the monthly storage fee. This fee is typically charged based on the amount of storage space used by your files, measured in gigabytes (GB) or terabytes (TB). Most cloud storage providers offer a tiered pricing structure, which means that the more storage space you use, the lower the cost per GB or TB.

For example, Amazon Web Services (AWS) offers Simple Storage Service (S3), which charges a monthly storage fee of $0.023 per GB for the first 50 TB of storage. If you exceed 50 TB, the cost drops to $0.022 per GB, and if you exceed 500 TB, the cost drops to $0.021 per GB.

Microsoft offers Azure Blob and File Share Storage, which charges a monthly storage fee of $0.020 per GB of storage for standard tier and .030 for Azure file shares. In comparison, SharePoint Online costs .20 per GB after the 1st TB or 10GB per user.

Egress Fees

Egress fees are another significant cost associated with cloud file storage. Egress refers to the transfer of data out of a cloud storage service to another location, such as downloading a file to your computer or streaming a video from the cloud. Egress fees are typically charged based on the amount of data transferred, measured in gigabytes (GB) or terabytes (TB).

For example, AWS charges an egress fee of $0.09 per GB for data transferred out of its US East region to the internet. If you transfer data out of a different region or to a different AWS service, the cost may vary.

Similarly, GCP charges an egress fee of $0.12 per GB for data transferred out of its US region to the internet. If you transfer data out of a different region or to a different GCP service, the cost may vary.

Other Fees

In addition to monthly storage fees and egress fees, there may be other fees associated with cloud file storage. These fees may include:

  • Request fees: Some cloud storage providers charge a fee for each request made to their service, such as creating a new file, reading a file, or deleting a file.
  • Data retrieval fees: If you need to retrieve data that has been archived or stored in a different type of storage, such as Glacier storage in AWS, there may be additional fees.
  • Transfer acceleration fees: Some cloud storage providers offer a feature called transfer acceleration, which speeds up data transfer by using a content delivery network (CDN). However, this feature may come with additional fees.

It’s important to review the pricing structure and terms of service for your chosen cloud storage provider to fully understand the costs associated with cloud file storage.

Conclusion

Cloud file storage offers many benefits, but it’s important to understand the costs associated with this technology. Monthly storage fees, egress fees, and other fees may add up quickly, especially if you’re storing a large amount of data or transferring data frequently. However, with careful planning and consideration, you can optimize your use of cloud file storage to minimize costs and maximize the benefits of this technology.

While there are numerous benefits to using cloud for file sharing in small businesses, in larger firms and enterprises the file storage costs and security risks can outweigh the benefits.

We compiled this list of the file sharing costs and security risks associated with using the cloud for file sharing for businesses that are influencing IT decision-makers in our blog article here.

March MyWorkDrive Newsletter 2023

Migrate to the Cloud with MyWorkDrive

Moving to the Cloud? Think MyWorkDrive First.

MyWorkDrive is a core component of many Cloud First or Cloud Migration strategies, owing to map drive functionality in the Windows/macOS Clients which uses HTTPS and doesn’t require insecure ports like 445 or complicated VPN connections; coupled with flexible storage sources like SMB/Windows Shares, non-windows CIFS shares, Azure File Shares with SMB, and now OneDrive and SharePoint with version 6.4 (currently in Preview). Users who’s file shares have been migrated to the cloud can still have their same share paths, without having any on-premise file servers.

MyWorkDrive Cloud Based File Server Benefits

  • Keep the same user experience with no training needed
  • No vendor Lock-in with storage that you control
  • Simple, Easy Setup with No Migration
  • No hardware to maintain on-premises
  • Unlimited Capacity and no file count limits
  • Reduce cost compared to cloud only services
  • Maintain Data Privacy, Control of files and storage location

Many new customers come to MyWorkDrive at the point they migrate to the cloud, discovering SMB ports blocked by their ISP, file limits, syncing issues or struggling under the user requests related to failed VPN connections. The deployment options for MyWorkDrive are flexible, to suit your organization’s preferences for scale, redundancy and reliably.

MyWorkDrive can work with any SMB file storage

MyWorkDrive now also connects to OneDrive and SharePoint Sites, folders, and Libraries in version 6.4 (currently in preview).

Active Directory

MyWorkDrive authenticates users using Active Directory (Active Directory Domain Services). What is commonly thought of as “on prem active directory”, this is also easy to run in the cloud.

  • It could be Domain Controllers moved to the cloud as VMs.
  • It could be a read only domain controller sync’d from On Prem via VPN
  • Or it could be Azure AD Domain Services (“Hosted Active Directory”) from Microsoft or Directory Services from AWS.

A sample configuration in Azure might include

  • Azure File Shares (Premium for daily work loads, Standard for archival data) with SMB Multi-Channel enabled
  • Azure AD Domain Services hosted AD
  • Domain Joined Windows Server with MyWorkDrive with Accelerated Networking enabled.

View SMB and OneDrive/SharePoint files in one interface

When clients initially size their file shares, they often include the user’s home folders that they’re migrating in their size estimates. Often, users with Microsoft or Office 365 licenses will have OneDrive storage included with their license, and user folders can be migrated to OneDrive, cutting back on enterprise storage needs.

With 6.4, those home folders and SharePoint sites can be mapped through MyWorkDrive, eliminating the need to deploy the OneDrive sync client, or retrain users – since the drive letter can still be “U:” for their user data, but now pointed to OneDrive instead of an SMB Path (or “h” or “j” or whatever letter is being used).

What’s coming next

MyWorkDrive was founded around the core value that organizations should have the option to retain ownership and control of their files – wherever they are stored. With that in mind, our future road map items include:

  • Broader support for file storage beyond SMB. You already see that with our introduction of OneDrive/SharePoint.
  • Azure File Shares and Azure Blob Storage via API Key with the possibility of other API Key integrations such as Amazon S3, Cloudflare R2, Google Cloud Storage, Back Blaze, etc.
  • AzureAD SSO for user validation without Active Directory Domain Services

In the future look for support for other SSOs and directory-less alternatives as likely possibilities.

Looking to migrates files or services to the cloud? Learn more..

February MyWorkDrive Newsletter 2023

Introduction to Web Storage Server Solutions

With enterprise, businesses and government employees working remotely, reliable and secure web based file access is critical. This is where web storage server solutions come into play. With a web storage server solution, you can store, manage, and share your data securely using a secure web browser.. In this article, we will take a closer look at the benefits and features of web storage a server solutions and how implementing them can improve employee productivity and file security. Learn more..

 

MyWorkDrive Version 6.4 Released to Preview

We are excited to announce the Preview Release of MyWorkDrive Server 6.4 with support for OneDrive and SharePoint Storage and Public file and folder sharing. Version 6.4 preview also includes additional improvements and bug fixes. MyWorkDrive Server Version 6.4 is a major update in preview. Customers are advised to test version 6.4 in a separate or standalone environment.

OneDrive/SharePoint Storage

SharePoint and OneDrive are collaboration and document management platforms by Microsoft which can now be integrated with MyWorkDrive for file access and storage services. By enabling OneDrive and SharePoint Storage in MyWorkDrive, customers can now access OneDrive and SharePoint files side by side with standard SMB File Shares. OneDrive/SharePoint File Share Access allows MyWorkDrive Servers to connect to OneDrive and SharePoint Sites and make them available to clients via the MyWorkDrive Web Browser, Desktop as a Mapped Drive and Mobile Clients. In addition to accessing, saving and updating files, OneDrive/SharePoint in MyWorkDrive supports external public file sharing. Support Articles: SharePoint OneDrive

Public Sharing

Starting with version 6.4, With Public Sharing in MyWorkDrive you can securely collaborate with people outside your organization such as your business partners, vendors, clients, or customers — without the recipient needing a MyWorkDrive account. You can share files or folders with them by creating a link that you can send via email or other methods. You can also control who can view or edit your files and set expiration date and password for your link. Public Share links can be created from the Web, Windows and macOS clients, with a public link management tool for users included in the Web client. Support Article

New Consolidated Integrations Tab

We moved all 3rd party integrations to their own tab in the Server Admin Panel called Integrations. This simplifies and enhances support and availability of 3rd party services and storage providers. Support Article

Cloudflare File Size Limits Removed

We removed the file size limits for MyWorkDrive sites utilizing our Cloudflare hosts under MyWorkDrive.net reverse proxy. MyWorkDrive can be easily integrated with Cloudflare® Tunnel services to automatically provide a secure web address without exposing the MyWorkDrive server to the internet or provisioning security appliances.

 

Get the full details and downloads on our 6.4 Preview Server Launch Page

MyWorkDrive 6.4 Preview Webinar Registration

On Thursday March 16th, 2023, 9:00 AM PST (12:00 PM EDT, 5:00 PM UTC) we will demonstrate new the features and enhancements in MyWorkDrive version 6.4 currently in preview. Complete the form below to register.

  • This field is for validation purposes and should be left unchanged.

Features Covered:

  • OneDrive/SharePoint Storage
  • Public Sharing
  • New Consolidated Integrations Tab
  • Mapped Drive Client Updates
  • Mobile Client Updates

Join us: Thursday March 16th, 2023
Start Time: 09:00 AM PST, (12:00 PM EDT, 5:00 PM UTC)