MyWorkDrive Version 5 now available for download preview!

We are pleased to announce version 5 of MyWorkDrive is now available for preview download.  We have dubbed this our “Security Update” and released it as version 5 as it’s the most robust security release in the history of the company.  MyWorkDrive CEO Dan Gordon says, “We are proud of Version 5 and happy to offer major security updates including a new critical feature that allows encrypted views of locked down documents and sixty other file types in MyWorkDrive’s web browser client. Version 5 also prevents a user from downloading, printing or copying with watermarking text overlays and extensive logging. Our clients asked for critical security enhancements and we are happy to deliver them.”

Join us for our Webinar on September 13th at 10:00 AM Pacific/1:00 PM Eastern/6:00 PM GMT

 

 

New Version 5 features

Web Browser Client

  • View 60+ file types in the browser without downloading
  • Data Leak Prevention Features: Access files while preventing downloads, clipboard copy or printing
  • Watermarking of all files to prevent printing and screen photos

Mapped Drive

Server

Mobile

  • Mobile Browser Client Improvements
  • Open documents for viewing without needing Office in Mobile Apps

Numerous enhancements and fixes – Release notes are here.

 

To Download Login to our portal here.

*Upgrade note: Existing customers can upgrade for free in place.

Questions? Need a trial extension? Email us at sales@myworkdrive.com or Phone: 877-705-4997

Why MyWorkDrive?

Version 5 continues our strident efforts on providing data leak prevention best practices and governance compliance with many security enhancements especially tailored to the Government, Healthcare, Financial, and Educational sectors.  MyWorkDrive connects to your Windows Active Directory and enables instant secure online collaboration and editing with O365 using active directory and optional Duo.com two factor authentication.  You own your data, no third-party cloud migration needed with a secure web client, desktop mapped drive, or iOS and android app enabled editing.  MyWorkDrive is easy to install and manage for multiple stakeholders in various remote locations.  Major regulatory compliance standards including HIPAA, GDPR, FINRA, and FIPS are easily attained while using MyWorkDrive to securely access and share files for Enterprise agility, efficiency, and lower cost of ownership.

The mobile workplace is a reality that every CTO knows that involves multiple stakeholders across various time zones and locations who need to collaborate often in real time. As we have heard in the headlines, one simple click on a wrong link in a phishing type email could compromise an entire network’s security, an enterprise’s brand reputation, eradicate customer loyalty, or render an institution’s governance compliance null and void. Conventional remote access via VPNs do not guarantee privacy and are expensive to maintain. MyWorkDrive’s Version 5 solves critical data protection problems.

 

Join us for our Launch Webinar on September 13th at 10:00 AM Pacific/1:00 PM Eastern/6:00 PM GMT

 

HIPAA Compliant Secure File Sharing Access

The Healthcare industry is a valued target for cyber criminals because of the information gleaned which includes social security numbers, medical histories, insurance information, email address, and more.  HIPAA and HITECH compliance standards ensure the privacy of personally identifiable information (PII).File Share HIPAA Compliance

Valuable targets include health insurers, healthcare providers, various entities who are service providers and insured individuals because on the black-market prices are higher for health records rather than just credit card numbers. Healthcare industry cyberattacks result in identity theft from files shares where more data can be stolen, your insurance information can be held hostage and major brute force attacks and phishing attacks are easy to carry out because with more information the attacks can seem more legitimate and easier to execute.

Similarly, when it comes to medical data correspondence it’s easy to get unsuspecting people to open the correspondence or respond to a malicious solicitation unknowingly.

The Healthcare industry is focused on total digital transformation more than ever.  Cybersecurity and data theft prevention of PII stored in file sharing systems must be at the forefront of an operational enterprise’s business priorities and they must plan accordingly like any big business and not carry out initiatives like a minor service provider.

For most enterprises who provide medical benefits to employees, most of the interaction is with the actual broker and insurance provider or aggregator including major HMOs who have their own apps for health information file sharing which can be easily compromised.

Data Theft Prevention to comply with HIPAA and HITECH needs to start with deciding what files will be preserved and migrated to critical file servers.  As with any digital transformation endeavor, the first stage is deciding what files to keep, how to categorize that information and finally to prioritize it all.

Consider this typical patient scenario:  Unless you are able to visit your family doctor who has treated you since you were a child, you know you are only as relevant as the latest medical information uploaded and entered into your ‘file’ and even then there are always corrections needed.  Your last doctor visit may have included checking in to the appropriate department and building by swiping your medical card which then brought up a plethora of information to the admin person running the front desk.  Any balance still owed to the provider and any co-pay payment was promptly taken care of before waiting to see the doctor.  At this point you are then inserting or swiping a credit or debit card in a payment terminal and entering a PIN number if necessary and approving the transaction. You are then shuttled to the appropriate exam room and then wait again for another person to enter, confirm your information on a portable wall mounted computer and then proceed to take your vitals and enter them into the digital chart open in front of them. Any medications are confirmed and re-ordered as necessary to be filled at the pharmacy of your choice and then you wait again for the actual doctor to follow through on the exam you made the appointment for.

Your chart and medical history and personal information is confirmed yet again and more info is entered about you including an email address where you can be corresponded with and contacted.  If you have a medical provider HMO like Kaiser then you visit the pharmacy in the same building and swipe all your personal information yet again.

Additionally, you have made several points of contact and given them everything but a pint of blood or your first born. But wait! What if you did have a child at this hospital? They do have your first child’s info and probably your blood type and then lab results on any of your blood taken. Maybe you had a certain genetic test ordered as well for cancer prevention.  At this point, literally your entire life, your chromosomes, your blood, your prescriptions, everything that makes up YOU is stored in a computer or computers and your only protection or guarantee that all of this will remain private is how well this particular healthcare enterprise has put some kind of firewall between your critical information and any cybercriminal with a keyboard who makes their living on the black market of ransomware, brute force attacks, phishing, and exploiting any weakness possible. A stolen credit card number spending spree has nothing on a healthcare provider falling victim to a calculated file share cyberattack targeting Personally Identifiable Information (PII).

Besides deciding on what data must be migrated and preserved then the issue becomes one of monitoring and controlling and being constantly vigilant.  Data theft prevention and Disaster Recovery planning becomes a full-time job whether it’s employing staff and/or engaging resources and providers to be at the ready for solutions to mitigate any known or unforeseen pending threat.  Healthcare professionals, insurers, doctors, nurses, and medical staff are trained to be the epitome of trust however what happens to an institution or healthcare brand hit with a major attack like what happened to credit score companies like Experian? They will lose customers.   In the United States, patients are customers and customers have choices of providers.

For affordable health care exchanges, a simple hack of the enrollment web site would render some State governments into a complete state of chaos and an already burdened system is not too big to fail and if enrollment drops off then costs soar. Emergency rooms become the main source of medical care and even then, there is no guarantee of adequate care.  In other words, the Healthcare industry in this country is ripe for a major attack and it’s not a matter of if, it’s a matter of when.

So, what to do? First off, don’t panic and then you need to engage trusted partners to help you navigate the quagmire of data loss prevention, data theft, and data protection. There are laws already governing medical privacy including the well-known HIPAA that is the gold standard for all things concerning patient’s privacy. HIPAA stands for the Health Insurance Portability and Accountability Act of 1996. Also known as the HIPAA Act for short. It’s a US privacy law put in place to protect medical information including patients’ records and allow for confidential communication between patients and medical professionals. The HIPAA Act has many components including portability of medical coverage in case of job status change and to prevent fraud and abuse and mandate a set of universal standards that the Department of Health and Human Services has jurisdiction over. The main component that is most well known in the data security business and enterprise employment rules and regulations is the right of patients’ medical history and information –  No matter what.

Being HIPAA compliant is understandably the number one goal and that compliance is regulated so it must be controlled and monitored constantly and checks and balances must be put in place and regularly used. There’s no such thing as being mostly HIPAA or HITECH compliant. On the heels of regulation additional service providers have stepped up to fill the void of data security where the need of most healthcare institutions is treating patients – not data privacy file share protection. The healthcare industry is already rife with critical obstacles and now is exploding as everyone is trying to streamline and become totally digital and have information shared easily across multiple platforms or those multiple platforms being coalesced into a single storage provider. Healthcare related Start Ups are popping up everywhere and are ubiquitous and plentiful wherever Venture Capital investors and interested parties are gathering because of the urgent need for major disruption in the industry behemoth.  Apps and online accounts are replacing advise nurses and mailed post card appointment reminders. Several app Start Ups in the Healthcare sector are seeking to be the go to woven fabric or data aggregator that joins the ecosystem of a patients’ medical history and ongoing care across several providers and platforms.

But who stores these company files and keeps this data from getting into the wrong hands? Several cloud storage providers have made their services known by targeting this industry with very expensive advertising campaigns. Cloud storage and cloud-based file share servers are more popular than ever but just because technology has streamlined, organized, and centralized, does that mean that several industries must follow suit and hand over their critical digital assets for outside ownership and storage just because it’s easier now?

Take a step back and picture the doctor’s office of days of not so old. Rows and rows and rows of manila folders full of paper and test results and meticulous notes stacked from floor to ceiling and categorized by year and alphabetized by patients’ last names. Imagine if a truck pulled up and took all those files and then drove thousands of miles away and loaded them all into a warehouse and then told you not to worry, that they have industrial locks on the doors and a climate-controlled environment and that there are guards on duty 24/7. The only way you can access the files are by opening a computer screen and typing some words or numbers into a search box and hope the right search result comes up with the best information. Now imagine that the power goes out, the warehouse has a disastrous fire, or armed thieves break in and run off with all the manila folders and sell them to the highest bidder who can never be traced, then what?

Healthcare service providers and insurers and medical institutions are in the business of providing the best care possible to customers who qualify based on cost and services provided. They are in the business of making people well and preventing disease and curing the sick and conducting research to combat the latest real-world viruses. They are not in the business of constantly upkeeping and transferring and sharing files across the country in the most secure way possible and having to worry about computer viruses – Until now. There is no excuse for any modern PPO, HMO, EPO, POS, or private practice specialist to not have a HIPAA & HITECH compliant file share theft prevention and disaster recovery system in place.  That includes State and Federal governments who monitor and administer exchanges under the Affordable Care Act.

Major enterprises including HMOs and Government entities that administer healthcare exchanges are in desperate need of consolidating systems and having a data security tool that allows on premise users to access and share data remotely as needed with guaranteed secure access and mandated HIPAA and HITECH privacy precautions in place. If disaster strikes and a cloud storage provider is hacked, or data is breached somehow these users should be redirected to an on-premise server and/or standby server that has been backing up and storing data. With an encrypted secure tool, users could instantly access that data by using a secure web login, a local active directory mapped drive or a mobile app and instantly be still in business and have a patients’ info at the ready while maintaining security.  MyWorkDrive.com provides this extra layer of protection, privacy, and recovery.  An army of IT staff does not have to be employed ongoing and deployed at every instance or issue of downtime or data loss.  MyWorkDrive has recently been certified as a DUO Authentication partner, Skyhigh Cloud Trust Enterprise Cloud Ready and the US Federal Government FIPS encryption standards and now offers encrypted view and watermarking of all files preventing users from downloading, copying or printing files as an added layer of data theft prevention   No files are ever stored, migrated or processed by MyWorkDrive – All files remain stored on the customers own secure file shares.

There are many choices for cloud storage and file sharing including huge providers like AWS and Google Drive and smaller players as well including Egnyte and Sharecloud.  None of these providers can guarantee absolute total compliance and by their very nature of being cloud based and depending on shared cloud storage and mobile user management to secure files. If you are in the Healthcare provider business or a government institution mandating and monitoring the healthcare industry you need a data security tool that will do what no one else is able to do including OneDrive, Dropbox and Azure cloud.  You need total control over data storage, access, ownership, privacy, management, and recovery.  MyWorkDrive allows flexibility, lower cost of ownership, agility, more productivity, and guaranteed privacy so you can focus on the core competence of your practice. There is no need to compromise and go with a cloud-based file storage solution with MyWorkDrive.  If you are going to go with a cloud-based solution then you need to take a long hard look at the best plan of action for disaster recovery, file security, ownership and control.  Again, it’s not a matter of if PII information is leaked, it’s a matter of when.   In healthcare, prevention is the mantra as it should be.  Your patients’ medical information and data privacy should be no exception.

 

 

 

 

Private Cloud vs Public Cloud: Secure File Sharing and Data Security in 2018

Private Cloud

Private Cloud and Public Cloud – what’s the difference and why should you care?   Your photos are in iCloud, your music is in iTunes, your documents are on Google Drive, your work email is in Outlook, your Excel spread sheets are in One Drive via your office network, you have web hosting solutions with Amazon Web Services, your books are on Audible, your car payment, electric bill, mortgage if you own a house are on automatic pay via your service providers’ access to your online checking account, your favorite movies are on demand or streaming, and your house is run by Alexa.  Basically, your entire personal and professional life is in the Public Cloud. The Cloud is everywhere. But at the end of the day, the Cloud is just someone else’s server.  What happens when VPNs leak data or ransomware runs amok? Geeky insular terms like ‘botnets’, ‘DDoS’, and ‘Malware’ have become the new science fiction buzz words in popular culture and have replaced the old generic term ‘spam’ which doesn’t sound as fierce as the term ‘hacking.’  People have come to expect random messages from friends or family members stating their Facebook account was hacked and to not accept a recent invite or ‘my gmail was hacked’ so don’t respond to an email from me.  The alarm bells have already gone off regarding the energy grid being attacked in a cyber war and there are popular TV series and movies based on post-apocalyptic society fighting over resources.

Most of our devices have been made elsewhere including factories in countries where intellectual property and patents are not as protected and regulated like they are here in the United States. Cell phones may be personal and always kept in your private possession but when you are carrying a mini computer in your pocket and using wifi all the time you are not private and you are not secure.  Short of carrying an old-fashioned flip phone, having your own exchange server behind your own firewall or paying all your bills using the US postal service, what can you do?

Keep data in your own Private Cloud. What is a private Cloud? According to Gartner, Private Cloud Computing is a form of cloud computing that is used by only one organization, or in other words- a private cloud ensures that an organization’s critical digital assets are completely isolated from others.  Learn more

Try to minimize how much you rely on public cloud services by keeping data in your own private cloud.  Lock down your passwords and do not click on any link or email you are not sure about.  Keep all your critical digital data assets on premise and secure your on premise data servers with back up virtual machines housed at a Tier 3 or Tier 4 collocation hosting facility.  Get MyWorkDrive to sit on your windows active directory and use it with an app and secure browser login to have secure remote access to your files without having to use VPNs or migrate your business files to the cloud.

You may have some initial start up costs but the lower monthly re-occurring costs will be well worth it as you watch everyone else around you get hacked, have data lost or stolen, or having to employ a disaster recovery service to stay competitive and relevant.

Content collaboration platforms have replaced enterprise file sync and share services, different name, same methodology. You create a document, you sync it and send it to a cloud to live. Your co-worker accesses the file, edits it and uploads new edited version back to the cloud.  Staying productive and efficient is any CEO’s dream but their number one goal is cost of ownership savings.  So why migrate when you ultimately just want to collaborate? This is a business question that must be answered clearly and succinctly.  VPNs cost a lot to maintain and upgrade and 3 year licenses may save some money in the long run but we have done a deep dive on the actual annual spend to support VPNs for an Enterprise with 1000 or more users.   You are looking at potentially spending $260,800/year!   That doesn’t even factor in the cost of mobile device management and constant vigilance by the IT department as well as the costs of seats and admin permissions for various portals you are using on any given day.

Cyber security professionals have predicted that within the next 5 years we will experience some kind of frightening attack that will disrupt life as we know it and render your cloud files absolutely useless.

Data security needs has led to data regulation compliance where simply relying on another company’s servers may not be good enough anymore. What happens when cloud providers go down or a hostile enemy holds data for ransom? Months or years’ worth of work and critical digital assets get lost or stolen.

If you run a design company your file share needs may vary. But what if you are running a research lab or a government defense project? Data security is relevant and always critical.  Every eCommerce operator knows that you must comply with data encryption for credit card numbers and customers’ data.  Other rules apply depending on the enterprises’ needs. The Healthcare industry must comply with HIPAA regulations.  Companies doing business with the EU have strict rules dictating general data protection regulation known as ‘GDPR.’  FNRA for the financial sector and on and on so that no one should assume that just because you use cloud storage for files that your cloud provider is also compliant with all data security regulations.

Top 10 reasons to keep data and secure file sharing under your control

  1. File sharing and content collaboration is key to company growth, productivity and staying agile.
  2. Current Cloud based file share solutions rely on Enterprises migrating all crucial assets to the Cloud.  These endeavors take months to plan and sometimes years to execute as budgets are revised and personnel and priorities can change.
  3. Clouds get hacked and ownership and control of data is lost.
  4. Mobile Device Management is time consuming and costly
  5. Data regulation compliance is a huge endeavor and costly
  6. Productivity is lost when files have to be synced before being shared
  7. Compliance- HIPAA, FNRA, GDPR, FERPA and more depending on sector and industry
  8. Agility- staying productive is key for staying competitive & relevant
  9. Collaboration- how to instantly edit and share online w/o syncing
  10. Productivity – critical time is consumed by migration projects. Who decides what gets saved to the Cloud?

 

Jackie R. Bruckman, CMO

MyWorkDrive

jbruckman@MyWorkDrive.com

Top 5 File Sharing Content Collaboration Risks

Organizations of all sizes are reviewing the impact of moving files to the cloud for content collaboration.   We put together these 5 risks of cloud based content collaboration.

Content Collaboraton

  1. Security– The number one risk facing any Enterprise that decides to put most, if not all their critical digital assets on a third-party cloud provider’s platform is security. ‘The Cloud’ after all is just some other company’s server.  Depending on the line of business or sector you are in, your Enterprise may use a mixture of several platforms for content collaboration among Enterprise users.  You may employ a mixture of private, public, and hybrid cloud services for day to day operations.  If you run an eCommerce business maybe you rely solely on AWS while managing your own Exchange server.  If you are a healthcare conglomerate you may use a mix of cloud providers that are HIPAA compliant as well as critical data hosted on-premise but managed by third party vendors.  Some financial firms and legal firms still use Google docs for content collaboration on cases and logging client attorney privileged information. Governments and Educational institutions are still relying on some mixture of on premise main frames with various communications living on cloud-based services and hybrids of networks having to be supported, updated, and maintained for running operations.  What happens when cloud providers are hacked?  Whether it’s malware, ransomware, data breaches, or outright data theft, the news is rife with scary headlines about data integrity loss and massive breaches whether it’s voting machines, financial records, personal information like social security numbers and credit cards, or private conversations that have severe repercussions.  The DNC, Sony Pictures, Equifax, and the Pentagon are just some of the victims of security breaches and data theft.  Worrying about security with cloud computing is not just worrying about identity theft, it’s also a matter of national security.
  2. Secure Access– most often you log in to content collaboration platforms with a username and password. These identifying factors are stored in the cloud computing service you are using and paying for on a monthly or annual basis.  Some providers give you the option of two factor authentication and it’s highly recommended to employ it for an added layer of security.  Setting up a text to your phone with a code to add when logging on is a great way to protect your login information.  But what happens when these third-party cloud providers get hacked?  Suddenly your user data and passwords are not controlled by you anymore and depending on the time it takes for disaster recovery or prevention and data loss mitigation, you are no longer compliant and you no longer have access to your most critical personal information.  Not being able to see your bank balance is one thing but also not being able to see your medical test results or purchase history is at best totally annoying and at worst, completely debilitating.  We have grown accustomed to even the most trusted partners sending an ominous message requesting you change your password immediately and we have learned the hard way to not trust that initial message as it may have come from a nefarious source.  As we have seen repeatedly, password change requests are often phishing from bad actors.  Mobile Device Management (MDM) and Bring Your Own Device (BYOD) are added layers of what any IT Department must consider and factor in when maintaining and mitigating security risks.  The CEO wants to access files from their phones from any remote location and the CRM wants to be able to update customer accounts on the fly so there is no such thing as just a single point of failure across a network anymore.
  3. Data Ownership and Control– once you upload your data to the cloud, you are essentially giving up control and ownership of your data and critical files. For any kind of real content collaboration you are reliant on your files always be there and always being accessible.  You usually have to sync your files before you can share.  Enterprise File Sync and Share platforms are made to house your company assets whether you are a graphic design firm having to share images with clients or a company that relies on google drive as some of kind of data room to house passwords, share reporting across multiple stakeholders and locations or edit and collaborate with several different types of files whether it be Profit and Loss files, Excel spreadsheets or project management assets.  All these files may be yours or a mixture of yours and your various clients but at the end of the day you are not in control of these files and assets.  They are housed elsewhere and relying on VPN or remote access logins and licenses that are complicated in scope and cumbersome in any kind of recovery.
  4. Migration– data migration to the cloud is a huge project for most Enterprises. First, decisions have to be made around what will be migrated and synced and shared to the cloud. Folders and files have to be cleaned up, backed up, and servers that need to be decommissioned because they are too full, too old, or too vulnerable for whatever reason need to have their housed data live somewhere before they are sent to the hardware graveyard.  An entire Enterprise has to be restructured, analyzed, and strategized around best practices moving forward. How will be files be organized and what departments have access to what data ongoing are only part of what needs to be folded in as CTOs and CISOs draw up migration steps.   FNRA, HIPAA, and GDPR are only some of the regulations and compliance rules that dictate how data must be treated and shared in this modern digital age.  There may be a public server being utilized in any size Enterprise that allows departments and offices across geo locations and time zones to be able to access files and update them and share information but who decides what stays and what goes and how public that public server will remain.  Most companies need to stay agile to maintain growth and productivity and efficiencies can be lost during migration periods as files go missing or access is denied or remote VPNs no longer are happening the same way.  If a user base is not totally tech savvy then learning curves and new ways of conducting business have to be factored in as data migration projects kick off.
  5. Cost of Ownership– Step 4 reminds us that migrating to the cloud can be just as costly and cumbersome as relying on the cloud for normal operations. Most cloud service providers for content collaboration average about $20/license per month and that’s an average.  There are also added costs of support sometimes and premium services charged depending on the sector and needs of the business ongoing.  VPN maintenance ongoing for most Enterprises comprised of 500 to 1000 users cost on average around $288,000 per year.  Enterprises need to keep costs down as competition and innovation rule the game and company growth is paramount.  If you have to add yet another expense line item that includes IT budgets then productivity is compromised as any Enterprise may rely on several cloud providers for normal operations depending on where accounting, reporting, customer service, critical files, and more are housed. Access to all and communication between them is silo-ed and mutually exclusive depending on the nature of your business and how fast you have been growing.

MyWorkDrive is the answer to all these risks.  Security, secure remote access, migration, cost of ownership, and data control and ownership are all mitigated and risks diminished whether you maintain a private, public, or hybrid solution to content collaboration and cloud computing.  You don’t have to migrate, you pay less for each license, you are guaranteed secure access with tried and true NTFS permissions and no one single point of failure.  Your users can access data rooms from a mobile phone and edit instantly online.  No more having to sync in order to share. MyWorkDrive also offers Duo authentication and has been certified as a trusted partner with various vendors including Azure and Office365.  Stay agile and stay secure and keep your cost centers down as you seek to make your Enterprise stay competitive, relevant, and productive in this digital transformation age.  If your organization is a government regulated Enterprise or involved in Healthcare administration or a financial institution then all the more reason to check out MyWorkDrive.  No more VPN headaches and ongoing maintenance and renewals.  No more complicated remote logins or confusing approved access.  MyWorkDrive is easy to install, easy to login, and easy to start working immediately.  No more headaches around what to do with what file and what stays and what gets erased.  MyWorkDrive is a secure way to remote access your most important files and edit and collaborate online instantly with whoever you give permission to.  Using a secure browser login, a mapped drive from a network desktop, or a mobile login on an iPhone or Android keeps you connected, collaborating, and productive without massive costs, security risks, or migration worries as all data stays on your own servers under your control.

 

 

RSA Conference 2018 Takeaway: Cloud Computing Is Not Secure

Data security and privacy compliance regulation was top priority at RSAC2018 because of the EU’s GDPR deadline looming next month on May 25th. Last week San Francisco’s Moscone’s Center was host to the security show of all shows, RSA2018 with over 500 vendors and 40,000 attendees from all over the world.  One thing became very clear from all the exhibitors, keynotes, speakers, special programs, and podcasts – if you rely on the cloud then protecting your data and securing it is critical for file sharing.

As the only file sharing/file remote access software solution vendor at the RSAC show, MyWorkDrive had amazing feedback and an overwhelmingly positive response exhibiting and providing demos at our booth of our latest version release.   RSAC Broadcast Alley was host to MyWorkDrive’s CMO, Jackie R. Bruckman and MyWorkDrive’s CEO, Dan Gordon recorded live discussing all the ways MyWorkDrive can help Enterprise in all sectors stay secure and compliant.

MyWorkDrive met with decision makers and security professionals from all over the world and has been busy on-boarding new clients this week immediately following the show.   MyWorkDrive had an overwhelmingly positive response demonstrating our secure file share remote access solution at RSAC2018 for enterprises .   The overwhelming take away was that many Enterprises need MyWorkDrive to simplify their data security compliance for safe file sharing while making users more productive and reducing costs of support or migrations to new Enterprise File Sync and Share (EFSS) systems.

The Cloud is only someone else’s server after all and it’s time for many sectors to think outside the cloud.   Windows file sharing with NTFS security is tried and true and may not be as glamorous but we are empowering Enterprises across the globe to make the right decision about their most critical data while making users more productive and eliminating the security risks of cloud storage.

Windows File Server GDPR Best Practices

Windows File Server GDPR Best Practices On May 25th, 2018 all business that handle EU personal data must be GDPR Compliant.   From the perspective of a Windows File Server, personal data is of the greatest concern for GDPR compliance.    Companies outside the EU assume that GDPR does not apply to them however every interaction with […]

Cloud Computing and File Sharing in 2018

Cloud Computing File Sharing

Enterprise File Sync and Share (EFSS) are now known as Content Collaboration Platforms (CCP).

“Gartner, the revered US based research firm, defines the Content Collaboration Platform (CCP) market as a range of content-centric platforms enabling secure file productivity and content collaboration for individuals and teams as well as supporting the creation of a modern digital workplace.”

Big names in the file share space have rebranded themselves to sound more productive and efficient but there is still an issue of clunky, cumbersome, and costly migrations and no instant access until syncing has happened. Even Sharepoint is being marketed as a web based collaborative platform.

Cloud Computing and File Sharing in 2018

It happens to all of us, from the board room to the mail room, you are on deadline and need to share a report update with a remote user across the Enterprise. You have been told by Legal and by IT to not send it via regular email. What to do?

Depending on who you talk to there are several different answers to that question. Production may tell you to just use Dropbox but then the important document is in Dropbox’s cloud and you have to login and sync and your recipient needs a Dropbox account to view it.

The Legal department says they just use Google Drive or Box. This is still uploading the document to a third-party cloud provider where the company loses control of their data and the recipient has to have a compatible account to view the document or be granted editing capabilities on the other end.  You still have a need to collaborate in real time. Google Drive may be free but you have to sync first to share it and migrate your data losing control, legal retention and ownership.  Box and other services are also an option but again require extensive planning, migration and cost $15 per user or higher.

Your CRM department may tell you how great Huddle or other web platform products are but again, you have to sync and migrate in order to share assets and the cost can go up to $15 to $20/user.

Stop wasting time and money and worrying about productivity and the cost of VPN support and maintenance and get MyWorkDrive. MyWorkDrive is easy to install, fast to implement, you don’t have to migrate your data, you will have secure access for any remote user with permissions, and cost effective especially for large enterprises.

Don’t migrate. Collaborate with MyWorkDrive anytime anywhere. For More Info: MyWorkDrive

Are you ready for GDPR Compliance?

EU GDPCompliance Deadline Fast Approaching

GDPR Compliance

Is your company’s data ready to meet the EU’s General Data Protection Regulation (GDPR) compliance deadline on May 25th?  The EU has mandated that companies must comply or be fined heavily.  The pending GDPR compliance deadline isn’t on everyone’s minds like things were during the Y2K doomsday prophecies around 18 years ago.  But the first American company to be levied a huge fine will make headline news.  Data protection compliance on any level can send shudders through the global marketplace as viruses, data breaches, malware, and ransomware become more virulent and ubiquitous.  The simple mandate from the EU is to protect your data. Achieving that mandate quickly is not that easy if you have multiple stakeholders and headquarters and devices to manage.  The cost of ownership maintaining VPNs and Firewalls and hardware upgrades and the daunting project of migrating data to a cloud-based service to be compliant takes precious resources.

Don’t waste time and money. Get compliant with MyWorkDrive.

MyWorkDrive will ‘cloudify’ your data center and with a mapped drive you can access your files securely from anywhere anytime on a desktop, browser, or mobile app. Set permissions and Instantly collaborate, edit, and share your files with who you want to share with in real time.   No need for VPNs, migrating, syncing or sharing first.

All 28 EU countries are moving forward with enforcing compliance by May 25th, 2018.  GDPR compliance is a regulation where the EU will strengthen and unify data protection for all individuals within the European Union.  The fines for not being compliant could reach 20 M Euros or 4% of global annual turnover for some companies. GDPR compliance should be taken extremely serious by any company doing business in this global marketplace. Have you identified your company’s risk level?

Contact MyWorkDrive now for a free trial and more info.   We have proudly partnered with several institutions including major universities, healthcare providers, City governments, tech and financial sectors.  We are ready to work for you.

Contact: Jackie Rednour-Bruckman Chief Marketing Officer MyWorkDrive jrbruckman@myworkdrive.com

MyWorkDrive is a product and dba of Wanpath LLC, founded in 2014 and based in San Francisco, CA. For Enterprise and Standard Edition visit MyWorkDrive

 

MyWorkDrive redefines Enterprise File Sharing

enterprise file sharing

MyWorkDrive is an innovative solution that is redefining how Enterprises access files and collaborate.

With MyWorkDrive, file sync-and-share systems are not needed; nor are outsourced cloud services.  MyWorkDrive uses your cloud and your data center as its collaboration hub.  With a simple set up, you are securely connected with a mapped tool that also works across all iOS and Mac platforms.  MyWorkDrive is a hybrid solution that allow users to instantly connect and edit online without having to first migrate or sync data.

The latest reports from Forrester Wave Research on “enterprise file sync-and-share” (EFSS) platforms confirm that by providing a viable, stable, and secure alternative, MyWorkDrive is poised to capture market share from powerful players like Google, Citrix, Dropbox, and Egnyte.

Referencing the highly respected Forrester report, a recent post in StorageNewsletter differentiates EFSS providers by the following key criteria:

  • Improved business agility
  • Lower aggregate costs
  • Fast and simple implementation
  • Ease of collaboration
  • Simplicity of maintenance
  • Strong user support (especially mobile and remote)

During 2018, 74% of global senior technology executives plan to implement, upgrade, or expand file share solutions to reduce risks associated with sensitive data.  Current file storage platforms are burdensome, expensive, and have significant hardware and mobile-device support requirements.  Thus, many enterprises are moving towards cloud platforms for sync-and-share file sharing to increase productivity and reduce costs…but cloud platforms require migration of data, extra maintenance and their own security mechanisms that carry significant viral and malware infections risks, as we all have recently witnessed with massive data breaches across all sectors.

From the financial sector to government to education and beyond, enterprises require a viable and secure solution that will enable their users to stay connected, stay secure, and stay productive on a global scale.  MyWorkDrive is that solution.

Furthermore, a critical deadline looming:  as of May 2018, the EU–via the General Data Protection Regulation (GDPR)–mandates that all customer/user data must be highly secure.   It is imperative that enterprises become compliant with GDPR security standards as soon as possible.   MyWorkDrive  is the answer.

MyWorkDrive will enable enterprises across the global marketplace to access and manage their data securely, instantly, and remotely on virtually any device or platform.

 

8 Security and Support Concerns to consider before deploying Microsoft’s new Always On VPN

Windows Server 2016’s new “Always on VPN” provides new options for remote access to internal network resources.  With Windows 10 Virtual Private Networking (VPN), you can create Always On VPN connections so that remote computers and devices are always connected to your organization network when they are turned on and Internet connected.

Is the new Always On VPN more secure or easier to administer and use than Direct Access or 3rd Party VPN’s?  We looked at numerous blog articles to gather the requirements to deploy Always on VPN.   Here are potential items that may lead to additional support costs and security concerns that enterprises will want to be aware of.

  1. Always On VPN cannot be managed natively using Active Directory and group policy. It must be configured and managed using Microsoft System Center Configuration Manager (SCCM), Microsoft Intune, or PowerShell

  2. AO VPN works only with Windows 10. It is not supported for Windows 7 or other operating systems

  3. While AO VPN does add extensive filtering options, however no additional blocking technologies exist to prevent viruses or malware such as crypto locker from encrypting files

  4. A Public Key Infrastructure (PKI) is required along with Active Directory Certificate Services to authenticate clients

  5. Like Direct Access, Always On VPN requires two network adapters with one directly connects to the external perimeter network.

  6. Remote Client Computers must be joined to the active directory domain

  7. The IT Department will need to maintain an additional fleet of corporate laptops with VPN pre-configured for each potential remote user eliminating the BYOD option.

  8. Windows 2016 Server infrastructure is required

Browser Based VPN Alternatives

Techtarget.com encourages companies to consider Web Based VPN Software Alternatives – “Browser-based remote access services offer both cost and ease-of-use advantages. Web browsers are already present on nearly every computing device, public or private, large or small. Web-based solutions use this browser and dynamically downloaded code to avoid installing and configuring VPN client software on the worker’s device. This approach facilitates remote access from just about anywhere and can significantly reduce per-user VPN administration costs.  Savings are even greater for companies that eliminate corporate laptops by leveraging existing desktops for Web-based remote access.”

MyWorkDrive.com’s browser based file access software helps companies reduce their VPN support costs while reducing their security exposure risks.  User’s simply open a browser to access their work files using their existing Windows Active Directory credentials from any device.  Once logged in they can access company shares, home drives and edit/view documents online.  For security all MyWorkDrive clients also supports DUO Two Factor authentication.  Even if only half of a company’s employees are directed to use MyWorkDrive’s Browser Based File Access client they can achieve annual savings of up to 50% while improving security when compared to traditional VPN alternatives.

 

Secure File Sharing

Secure File Sharing Remote Access to Windows Shares

Secure File Sharing

MyWorkDrive allows secure file sharing without the risks of cloud storage or migrating files to unproven sync and share systems.   In just minutes, you can activate a web client portal for secure file sharing, branded with your company logo, color scheme, and URL.   Access to files are based on Active Directory security and NTFS permissions out of the box.   Should you wish, additional security features can be easily activated including;  Data Loss Prevention and Two Factor Authentication.

Our MyWorkDrive secure file sharing server is the only software that exclusively uses security based on NTFS permissions.   There are no overriding logins, databases, service accounts or services that can be leveraged to gain unauthorized access.   When a user logs into MyWorkDrive they gain access to only files and folders as defined in NTFS.  Even if an administrator of MyWorkDrive were to attempt to provide access to shares using MyWorkDrive, no additional access could be granted since authentication runs under the users security context when they log into the system.   MyWorkDrive integrates with Microsoft Server Access Based Enumeration to provide visibility to files and folders based on NTFS permissions.   NTFS security is the tried and true backbone of companies secure file sharing networks since it was released in over 20 years ago.

Consider the risks of competing data base driven sync and share companies that use their own security mechanisms.  It was recently revealed that a leading secure file sharing firm utilized an alternative access mechanism that exposed customers sensitive data between accounts… this from a company that bills itself as a security-minded firm, stewards of sensitive and confidential information.

MyWorkDrive converts Windows based SMB/CIFS file shares into a secure file share that can be accessed anywhere over https/SSL using highly encrypted RSA 4096 and TLS 1.2 FIPS compliant protocols.    By default Windows file shares are accessed internally on a local area network by mapping drives using Windows file explorer clients.   While this is great for local area network access, however when remote access is needed the additional burden of managing, installing and supporting a VPN to secure File Shares has been the only option for enterprise businesses since accessing files over SMB port 445 is typically blocked on most firewalls and considered insecure.  The SMB protocol is not designed for internet communications slowing down remote access further.

With the MyWorkDrive add-on for Windows File Share servers, SMB based Windows File Shares are converted into a secure file share that can be accessed over https.  https is the secure port used to protect data communications and is supported in modern web browsers.  In fact, one of the primary ways companies used MyWorkDrive is to manage and access files using our Web File Manager.  Secure File Shares are easily accessed by users with minimal training and support.  Users can edit, upload, create and share files all within a browser.  This reduces the support burden on internal IT and improves security since files are only accessed one file at a time.  All user access is logged and searchable for compliance and auditing.  To further secure file shares, IT Administrators can enable two factor security and data loss prevention features built into MyWorkDrive.  With the addition of these security options IT can feel confident that internal file shares are secured in any environment with the highest levels of encryption and security to meet or exceed compliance standards including HIPAA, GDPR, FINRA and FIPS.

In addition to browser-based file access, MyWorkDrive offers our desktop mapped drive clients.  Both clients provide a mapped drive type experience to secure file shares over https.   Users can simply access secure file shares using the mapped drive in real time.  Traditional access to internal users is also supported side-by-side with MyWorkDrive clients with support for file locking.   Unlike traditional file shares, MyWorkDrive permits blocking of file extensions in our Mapped Drive Secure File Sharing client to further enhance and lock down security.   Any changes made to files are saved back directly to the internal file servers eliminating files scattered over insecure local pc’s or mobile devices reducing the need for mobile device management software.

 

More than just secure file share remote access…

 

Enjoy the ease and convenience of cloud file access with proven best-in-class security and the advanced file sharing features that you need to run your business without VPN, syncing or storing data in a public cloud.  Securely share files and stay in compliance with MyWorkDrive enterprise features including:

  • Integrated tools for secure file sharing made easy with OneDrive
  • Online document access built-in, so you can edit documents in Office 365 without migrating them or storing them in the cloud.
  • Mobile apps for secure file sharing on-the-go
  • Support for Windows Server file encryption of documents in transit and at rest
  • Extensive logging lets you know who accessed or modified files – All user access is logged and searchable to meet your compliance requirements
  • Granular user permissions based on Windows Security let you control access to every folder
  • Data Loss Prevention options to eliminate file downloads and external sharing

More Info..

 

Quantifying Technology Costs of VPN Software

VPN Software Costs

Businesses of all types utilize VPN software solutions to provide remote access to their employees.  How do we quantify the true Total Cost of Ownership (TCO) of supporting VPN software?  Why is TCO Important?

Gartner, Inc. (www.gartner.com) defines TCO as the total cost of using and maintaining an IT investment over time.  TCO calculations include a combination of direct costs (hardware, software acquisition, management and support) and indirect costs (end-user training and downtime).   TCO is often overlooked and unbudgeted, presenting an incomplete projection of overall IT costs.

Most organizations look at their direct costs and setup labor only at the time of purchase.  However, research shows that a system’s software & hardware costs typically represents less than 20% of its TCO, with ongoing technical support, maintenance and labor costs accounting for the remaining 80%.  These ongoing VPN Software support costs represent the largest piece of the TCO pie and should therefore warrant the highest levels of scrutiny.

Consider the following chart that demonstrates the potential annual costs of supporting VPN clients for 1000 Users:

VPN Software Costs

Hardware/Software and Labor Support Direct Costs:

  • Hardware & VPN Software Costs: A business of 1000 employees can expect to pay between $6000-$8000 for a dedicated VPN device with a hot spare + Annual Maintenance.
  • VPN Software Setup Costs: For large enterprises VPN services can take up to 40 Hours for procurement, basic setup and deployment.
  • Ongoing Maintenance: VPN Devices require continual updating and refinement – expect ongoing maintenance, after hours updating and security patching.
  • User Support: Plan on providing technical support time to setup VPN Software on end user devices at a minimum of 30-60 Minutes per device with basic training for initial setup and an average of 15 Minutes/User per month for ongoing support.
  • Two Factor: Add costs for supporting various two factor solutions – Some solutions allow use of third party services (at an additional cost), requiring additional configuration while others such as Microsoft VPN can utilize machine certificates which require additional support hours to manage and setup.

Potential Indirect Costs:

  • Internal Systems open to potential compromise – By default, an end user’s Windows network is routed through the office VPN network. As a result, this leaves the internal network open to Malware such as Crypto Locker and exposes the network up cyber security threats.
  • IPsec type VPN’s are blocked at many locations resulting in calls to the help desk to resolve connectivity issues and results in lost employee productivity.
  • Minor network fluctuations can disconnect the VPN clients potentially corrupting open files resulting in support costs for restores and lost work.
  • The IT Department will need to maintain an additional fleet of corporate laptops with VPN pre-configured for each potential remote user.

Browser Based VPN Alternatives

Techtarget.com encourages companies to consider Web Based VPN Software Alternatives – “Browser-based remote access services offer both cost and ease-of-use advantages. Web browsers are already present on nearly every computing device, public or private, large or small. Web-based solutions use this browser and dynamically downloaded code to avoid installing and configuring VPN client software on the worker’s device. This approach facilitates remote access from just about anywhere and can significantly reduce per-user VPN administration costs.  Savings are even greater for companies that eliminate corporate laptops by leveraging existing desktops for Web-based remote access.”

MyWorkDrive.com’s browser based file access software helps companies reduce their VPN support costs while reducing their security exposure risks.  User’s simply open a browser to access their work files using their existing Windows Active Directory credentials.  Once logged in they can access company shares, home drives and edit/view documents online.  For security all MyWorkDrive clients also support DUO Two Factor authentication.  Even if only half of a company’s employees are directed to use MyWorkDrive’s Browser Based File Access client they can achieve annual savings of up to 50% while improving security.

 

10 Reasons why SharePoint is not a File Server

sharepoint file server

Many companies are migrating to Office 365.   SharePoint Online is included with most subscriptions for free. Often, IT professionals are asked to evaluate moving their company file servers to SharePoint Online.  While SharePoint is great for collaborating on documents with teams inside or outside of the company, can it completely replace an on-premise file server for larger firms?

Here’s the list of the top 10 reasons we compiled on why SharePoint is not a file file server:

 

  1. Speed – Nothing can beat the speed of local network file server access. While Internet speeds are measured in Megabits, local network speeds are measured in Megabytes.  A local network connection is at least 10 times faster than any Internet connection.  For example, a fast 100 Mbp/s home Internet connection only equates to 12.2 MB/S.   In the office, networks are typically 1GB – a whopping 125 MB/s!!  For large files access, nothing beats a local area network connection.

 

  1. Simplicity – Users are trained to easily grab their files from a mapped drive. With SharePoint, files are stored in libraries that are accessed using a web-based interface. The interface looks nothing like Windows File Explorer.  Alternatively user can access file using the OneDrive for Business client which requires user training and  intervention to sync and to locate the shares they need.

 

  1. Storage Capacities – Even the smallest companies have easily terabytes of data. SharePoint Online has a 1TB limit on each library, a  5000 item display limit, a 15GB file size limit and a maximum 100,000 file sync limit.   Even if you did store this much data, or files this large, accessing them over the Internet may be unworkable (see Reason #1).

Microsoft Azure File Share Sync – seamlessly extend file services across servers and cloud storage

Microsoft announced the public preview of Azure File Share Sync at it’s 2017 Ignite Conference.  This technology extends file services from on-premise to Cloud Storage on Azure File Shares and across windows servers in multi locations.   Microsoft engineers interviewed customers and confirmed that Windows File Shares are still in use for a multitude of reasons.    The customer pain points identified include speed of access, control of data and large storage capacities.   Azure File Share Sync addresses these concerns.

Watch the Microsoft Ignite Session Herecloud storage

Some of the key features and include:

  • Bi-Directional Sync – from Windows Server to Azure Cloud Storage with write back capabilities
  • Multi-Site Sync – Sync a share across multiple Windows Servers through Azure File Shares to Cloud Storage with the ability to cache and edit data in real time at each site.
  • Backup of Azure File Shares to Azure Backup
  • Tiering of data – set the maximum data storage capacities for each Windows server and only replicate the most recent data to each server with the balance stored in Azure File Shares in the cloud.

The MyWorkDrive team is very excited about this announcement as it will give our customers the ability to setup a MyWorkDrive server in Azure, sync files to it and use it access file shares remotely or during a disaster.   Using MyWorkDrive, windows file shares can be accessed from any location worldwide over https (Azure File Sharing  only supports access over smb port 445 which is typically blocked from most remote locations).

This technology also provides a seamless way for MyWorkDrive customers to migrate their servers completely to Azure Cloud Storage and remove them from on-premise entirely utilizing MyWorkDrive to map drives or access them using our Web File Manager.