8 Security and Support Concerns to consider before deploying Microsoft’s new Always On VPN

Windows Server 2016’s new “Always on VPN” provides new options for remote access to internal network resources.  With Windows 10 Virtual Private Networking (VPN), you can create Always On VPN connections so that remote computers and devices are always connected to your organization network when they are turned on and Internet connected.

Is the new Always On VPN more secure or easier to administer and use than Direct Access or 3rd Party VPN’s?  We looked at numerous blog articles to gather the requirements to deploy Always on VPN.   Here are potential items that may lead to additional support costs and security concerns that enterprises will want to be aware of.

  1. Always On VPN cannot be managed natively using Active Directory and group policy. It must be configured and managed using Microsoft System Center Configuration Manager (SCCM), Microsoft Intune, or PowerShell

  2. AO VPN works only with Windows 10. It is not supported for Windows 7 or other operating systems

  3. While AO VPN does add extensive filtering options, however no additional blocking technologies exist to prevent viruses or malware such as crypto locker from encrypting files

  4. A Public Key Infrastructure (PKI) is required along with Active Directory Certificate Services to authenticate clients

  5. Like Direct Access, Always On VPN requires two network adapters with one directly connects to the external perimeter network.

  6. Remote Client Computers must be joined to the active directory domain

  7. The IT Department will need to maintain an additional fleet of corporate laptops with VPN pre-configured for each potential remote user eliminating the BYOD option.

  8. Windows 2016 Server infrastructure is required

Browser Based VPN Alternatives

Techtarget.com encourages companies to consider Web Based VPN Software Alternatives – “Browser-based remote access services offer both cost and ease-of-use advantages. Web browsers are already present on nearly every computing device, public or private, large or small. Web-based solutions use this browser and dynamically downloaded code to avoid installing and configuring VPN client software on the worker’s device. This approach facilitates remote access from just about anywhere and can significantly reduce per-user VPN administration costs.  Savings are even greater for companies that eliminate corporate laptops by leveraging existing desktops for Web-based remote access.”

MyWorkDrive.com’s browser based file access software helps companies reduce their VPN support costs while reducing their security exposure risks.  User’s simply open a browser to access their work files using their existing Windows Active Directory credentials from any device.  Once logged in they can access company shares, home drives and edit/view documents online.  For security all MyWorkDrive clients also supports DUO Two Factor authentication.  Even if only half of a company’s employees are directed to use MyWorkDrive’s Browser Based File Access client they can achieve annual savings of up to 50% while improving security when compared to traditional VPN alternatives.

 

Secure File Sharing

Secure File Sharing Remote Access to Windows Shares

Secure File Sharing

MyWorkDrive allows secure file sharing without the risks of cloud storage or migrating files to unproven sync and share systems.   In just minutes, you can activate a web client portal for secure file sharing, branded with your company logo, color scheme, and URL.   Access to files are based on Active Directory security and NTFS permissions out of the box.   Should you wish, additional security features can be easily activated including;  Data Loss Prevention and Two Factor Authentication.

Our MyWorkDrive secure file sharing server is the only software that exclusively uses security based on NTFS permissions.   There are no overriding logins, databases, service accounts or services that can be leveraged to gain unauthorized access.   When a user logs into MyWorkDrive they gain access to only files and folders as defined in NTFS.  Even if an administrator of MyWorkDrive were to attempt to provide access to shares using MyWorkDrive, no additional access could be granted since authentication runs under the users security context when they log into the system.   MyWorkDrive integrates with Microsoft Server Access Based Enumeration to provide visibility to files and folders based on NTFS permissions.   NTFS security is the tried and true backbone of companies secure file sharing networks since it was released in over 20 years ago.

Consider the risks of competing data base driven sync and share companies that use their own security mechanisms.  It was recently revealed that a leading secure file sharing firm utilized an alternative access mechanism that exposed customers sensitive data between accounts… this from a company that bills itself as a security-minded firm, stewards of sensitive and confidential information.

MyWorkDrive converts Windows based SMB/CIFS file shares into a secure file share that can be accessed anywhere over https/SSL using highly encrypted RSA 4096 and TLS 1.2 FIPS compliant protocols.    By default Windows file shares are accessed internally on a local area network by mapping drives using Windows file explorer clients.   While this is great for local area network access, however when remote access is needed the additional burden of managing, installing and supporting a VPN to secure File Shares has been the only option for enterprise businesses since accessing files over SMB port 445 is typically blocked on most firewalls and considered insecure.  The SMB protocol is not designed for internet communications slowing down remote access further.

With the MyWorkDrive add-on for Windows File Share servers, SMB based Windows File Shares are converted into a secure file share that can be accessed over https.  https is the secure port used to protect data communications and is supported in modern web browsers.  In fact, one of the primary ways companies used MyWorkDrive is to manage and access files using our Web File Manager.  Secure File Shares are easily accessed by users with minimal training and support.  Users can edit, upload, create and share files all within a browser.  This reduces the support burden on internal IT and improves security since files are only accessed one file at a time.  All user access is logged and searchable for compliance and auditing.  To further secure file shares, IT Administrators can enable two factor security and data loss prevention features built into MyWorkDrive.  With the addition of these security options IT can feel confident that internal file shares are secured in any environment with the highest levels of encryption and security to meet or exceed compliance standards including HIPAA, GDPR, FINRA and FIPS.

In addition to browser-based file access, MyWorkDrive offers our desktop mapped drive clients.  Both clients provide a mapped drive type experience to secure file shares over https.   Users can simply access secure file shares using the mapped drive in real time.  Traditional access to internal users is also supported side-by-side with MyWorkDrive clients with support for file locking.   Unlike traditional file shares, MyWorkDrive permits blocking of file extensions in our Mapped Drive Secure File Sharing client to further enhance and lock down security.   Any changes made to files are saved back directly to the internal file servers eliminating files scattered over insecure local pc’s or mobile devices reducing the need for mobile device management software.

 

More than just secure file share remote access…

 

Enjoy the ease and convenience of cloud file access with proven best-in-class security and the advanced file sharing features that you need to run your business without VPN, syncing or storing data in a public cloud.  Securely share files and stay in compliance with MyWorkDrive enterprise features including:

  • Integrated tools for secure file sharing made easy with OneDrive
  • Online document access built-in, so you can edit documents in Office 365 without migrating them or storing them in the cloud.
  • Mobile apps for secure file sharing on-the-go
  • Support for Windows Server file encryption of documents in transit and at rest
  • Extensive logging lets you know who accessed or modified files – All user access is logged and searchable to meet your compliance requirements
  • Granular user permissions based on Windows Security let you control access to every folder
  • Data Loss Prevention options to eliminate file downloads and external sharing

More Info..

 

Quantifying Technology Costs of VPN Software

VPN Software Costs

Businesses of all types utilize VPN software solutions to provide remote access to their employees.  How do we quantify the true Total Cost of Ownership (TCO) of supporting VPN software?  Why is TCO Important?

Gartner, Inc. (www.gartner.com) defines TCO as the total cost of using and maintaining an IT investment over time.  TCO calculations include a combination of direct costs (hardware, software acquisition, management and support) and indirect costs (end-user training and downtime).   TCO is often overlooked and unbudgeted, presenting an incomplete projection of overall IT costs.

Most organizations look at their direct costs and setup labor only at the time of purchase.  However, research shows that a system’s software & hardware costs typically represents less than 20% of its TCO, with ongoing technical support, maintenance and labor costs accounting for the remaining 80%.  These ongoing VPN Software support costs represent the largest piece of the TCO pie and should therefore warrant the highest levels of scrutiny.

Consider the following chart that demonstrates the potential annual costs of supporting VPN clients for 1000 Users:

VPN Software Costs

Hardware/Software and Labor Support Direct Costs:

  • Hardware & VPN Software Costs: A business of 1000 employees can expect to pay between $6000-$8000 for a dedicated VPN device with a hot spare + Annual Maintenance.
  • VPN Software Setup Costs: For large enterprises VPN services can take up to 40 Hours for procurement, basic setup and deployment.
  • Ongoing Maintenance: VPN Devices require continual updating and refinement – expect ongoing maintenance, after hours updating and security patching.
  • User Support: Plan on providing technical support time to setup VPN Software on end user devices at a minimum of 30-60 Minutes per device with basic training for initial setup and an average of 15 Minutes/User per month for ongoing support.
  • Two Factor: Add costs for supporting various two factor solutions – Some solutions allow use of third party services (at an additional cost), requiring additional configuration while others such as Microsoft VPN can utilize machine certificates which require additional support hours to manage and setup.

Potential Indirect Costs:

  • Internal Systems open to potential compromise – By default, an end user’s Windows network is routed through the office VPN network. As a result, this leaves the internal network open to Malware such as Crypto Locker and exposes the network up cyber security threats.
  • IPsec type VPN’s are blocked at many locations resulting in calls to the help desk to resolve connectivity issues and results in lost employee productivity.
  • Minor network fluctuations can disconnect the VPN clients potentially corrupting open files resulting in support costs for restores and lost work.
  • The IT Department will need to maintain an additional fleet of corporate laptops with VPN pre-configured for each potential remote user.

Browser Based VPN Alternatives

Techtarget.com encourages companies to consider Web Based VPN Software Alternatives – “Browser-based remote access services offer both cost and ease-of-use advantages. Web browsers are already present on nearly every computing device, public or private, large or small. Web-based solutions use this browser and dynamically downloaded code to avoid installing and configuring VPN client software on the worker’s device. This approach facilitates remote access from just about anywhere and can significantly reduce per-user VPN administration costs.  Savings are even greater for companies that eliminate corporate laptops by leveraging existing desktops for Web-based remote access.”

MyWorkDrive.com’s browser based file access software helps companies reduce their VPN support costs while reducing their security exposure risks.  User’s simply open a browser to access their work files using their existing Windows Active Directory credentials.  Once logged in they can access company shares, home drives and edit/view documents online.  For security all MyWorkDrive clients also support DUO Two Factor authentication.  Even if only half of a company’s employees are directed to use MyWorkDrive’s Browser Based File Access client they can achieve annual savings of up to 50% while improving security.

 

10 Reasons why SharePoint is not a File Server

sharepoint file server

Many companies are migrating to Office 365.   SharePoint Online is included with most subscriptions for free. Often, IT professionals are asked to evaluate moving their company file servers to SharePoint Online.  While SharePoint is great for collaborating on documents with teams inside or outside of the company, can it completely replace an on-premise file server for larger firms?

Here’s the list of the top 10 reasons we compiled on why SharePoint is not a file file server:

 

  1. Speed – Nothing can beat the speed of local network file server access. While Internet speeds are measured in Megabits, local network speeds are measured in Megabytes.  A local network connection is at least 10 times faster than any Internet connection.  For example, a fast 100 Mbp/s home Internet connection only equates to 12.2 MB/S.   In the office, networks are typically 1GB – a whopping 125 MB/s!!  For large files access, nothing beats a local area network connection.

 

  1. Simplicity – Users are trained to easily grab their files from a mapped drive. With SharePoint, files are stored in libraries that are accessed using a web-based interface. The interface looks nothing like Windows File Explorer.  Alternatively user can access file using the OneDrive for Business client which requires user training and  intervention to sync and to locate the shares they need.

 

  1. Storage Capacities – Even the smallest companies have easily terabytes of data. SharePoint Online has a 1TB limit on each library, a  5000 item display limit, a 15GB file size limit and a maximum 100,000 file sync limit.   Even if you did store this much data, or files this large, accessing them over the Internet may be unworkable (see Reason #1).

Microsoft Azure File Share Sync – seamlessly extend file services across servers and cloud storage

Microsoft announced the public preview of Azure File Share Sync at it’s 2017 Ignite Conference.  This technology extends file services from on-premise to Cloud Storage on Azure File Shares and across windows servers in multi locations.   Microsoft engineers interviewed customers and confirmed that Windows File Shares are still in use for a multitude of reasons.    The customer pain points identified include speed of access, control of data and large storage capacities.   Azure File Share Sync addresses these concerns.

Watch the Microsoft Ignite Session Herecloud storage

Some of the key features and include:

  • Bi-Directional Sync – from Windows Server to Azure Cloud Storage with write back capabilities
  • Multi-Site Sync – Sync a share across multiple Windows Servers through Azure File Shares to Cloud Storage with the ability to cache and edit data in real time at each site.
  • Backup of Azure File Shares to Azure Backup
  • Tiering of data – set the maximum data storage capacities for each Windows server and only replicate the most recent data to each server with the balance stored in Azure File Shares in the cloud.

The MyWorkDrive team is very excited about this announcement as it will give our customers the ability to setup a MyWorkDrive server in Azure, sync files to it and use it access file shares remotely or during a disaster.   Using MyWorkDrive, windows file shares can be accessed from any location worldwide over https (Azure File Sharing  only supports access over smb port 445 which is typically blocked from most remote locations).

This technology also provides a seamless way for MyWorkDrive customers to migrate their servers completely to Azure Cloud Storage and remove them from on-premise entirely utilizing MyWorkDrive to map drives or access them using our Web File Manager.

 

Harden IIS SSL for Compliance and Security

IIS SSL by default leaves older versions of SSL2, SSL3 and TLS enabled for compatibility.  MyWorkDrive has been engineered to support TLS 1.2.  Disabling insecure and weak ciphers is necessary to comply with security best practices including PCI, HIPAA, FINRA and GDPR.

 

While registry entries can be set manually, a great free tool exists for this called IIS Crypto by Nartac Software.

 

To lock down your Server’s IIS SSL ciphers, download the tool and apply one of the templates – at a minimum we suggest the “Best Practices Template”.

IIS SSL

 

The PCI Template 3.1 provides the most complete protection however some software may still require TLS 1.0 communication (MyWorkDrive does not).   One option is to apply the template settings to the Server only by unchecking “Set Client Side Protocols”.  This ensures only the “Server” portions are locked down and any client software ( e.g. Backup Software) continues to run.

After you have run the IIS Crypto tool and applied a minimum of the best practice template and restarted your server, you may wish to verify that your server responds on only the more secure IIS SSL cyphers.

 

There is great free SSL scanning tool at  https://www.ssllabs.com/ssltest/  that’s also built into the Nartac IIS Cryptol software that gives you a rating on how secure your SSL connections are.   Simply input your https web address and run the test.

You should get a Summary like this:

SSL Scanner

MyWorkDrive Recognized by Microsoft as an Industry Leader

What does it take to be a Microsoft Partner that leads the way in digital transformation solutions for business?

Secure File Access

It takes innovation, forward thinking, and a willingness to be just a little bit disruptive in a space that can at times be very traditional. The tech industry calls it, “digital transformation.”

What is “digital transformation?”

Digital transformation takes place when companies adopt a technology that changes the course of their workflow – making their workflow better, easier, or more efficient. This use of information technology to “transform” how businesses work is now one of the main focuses of Microsoft and its partners.

Intivix leaders, Rob Schenk and Dan Gordon, were pleased to have had MyWorkDrive mentioned during a session at an industry conference hosted by Microsoft called Inspire. At Inspire, Microsoft gathers its partners and resellers from around the globe to update them on the latest Microsoft offerings and industry trends. It is a great opportunity for technology providers to network and to interact with those who are innovating within the industry. According to Microsoft, Inspire is where “the world meets to transform business.”

Like many industry-specific conferences, Inspire is made up of many sessions and workshops.

At a special workshop called, “US14p The Art of the Possible: Digital Transformation for US Partners”, the Intivix team received commendation from Microsoft speaker, Sri Ganapathy for their work in developing MyWorkDrive.

Sri Ganapathy is a Partner Technology Strategist with Microsoft. It is Sri’s job to advise and encourage those that sell Microsoft’s products and services to follow the example of industry leaders. At this significant workshop, Sri Ganapathy made the point that technology providers should be moving their concentration from services that they want to offer to their clients to developing solutions to their client’s challenges that they can then promote across that particular industry vertical.

Some solutions that have been developed – such as MyWorkDrive – address business challenges across multiple industry verticals.

MyWorkDrive is an application developed by Intivix that allows companies to leverage their existing storage infrastructure while providing cloud availability features to that storage – allowing companies to move to the cloud at their own pace.

MyWorkDrive gives employees cloud access to their work files without VPN, syncing, or storing data in a public cloud.

This is different than VPN or file sync solutions. VPN and file sync are challenging in that they require employee retraining, are expensive to maintain, present an element of data-loss risk, and do not always conform to compliance standards. MyWorkDrive is the answer to all of these problems.

One of the outstanding features of MyWorkDrive is the solution’s seamless integration with Microsoft Office 365 online. With MyWorkDrive, employees can directly edit their Office documents in Office 365 online and collaboratively edit in real time without moving the files to the cloud. Once they are ready, employees can share Office 365 documents externally using OneDrive without compromising security.

Some of the other significant benefits of MyWorkDrive are:

  • The ability for a company to move to the cloud at its own pace
  • The advantage of leveraging existing infrastructure, Active Directory, and File Permissions
  • Two-factor authentication
  • Single Sign On (SSO)
  • Mapped Drive from anywhere
  • Mobile App for working away from the office

Because of the business problems that MyWorkDrive solves for companies across multiple verticals, Microsoft chose to highlight the MyWorkDrive solution within their presentation on innovative approaches that are driving business transformation today.

Rob Schenk, one of the partners at Intivix, said, “We were grateful for Microsoft’s recognition of MyWorkDrive. We’ve worked hard on it. We’re especially proud of MyWorkDrive because it combines fresh elements in file sharing that aren’t available in this configuration anywhere else. MyWorkDrive solves the user problems that were inherent in older file sharing technologies, and as a result, provides significant efficiencies for the end user.”

To find out more about MyWorkDrive and what we can do to improve your file access workflow, contact us now at 877-705-4997 or sales@myworkdrive.com

Striking The Right Balance Between Cloud And On-Premise

Cloud or On-Premise

 

Cloud adoption is continuing to pick up speed, with businesses of all sizes moving towards hosted technology solutions. The numerous benefits of making the switch to the cloud appeal to a wide range of industries, and leave many businesses eager to leave their on-premise solutions behind.  However, there have been a few hiccups along the way for a lot of these businesses, especially where their important apps are concerned.

 

The cloud’s versatility and flexibility make it an ideal platform for many of the resources and tools businesses rely on, but the fact of the matter is that no two businesses have the exact same needs or existing infrastructure.  Certain compliance or regulatory guidelines can also limit a business’ ability to leverage the cloud successfully.

 

Requirements that dictate where and how data can be stored – such as restrictions tied to certain government contracts – can make transitioning to the cloud a more difficult process.  But that’s not to say that the cloud isn’t an option.

A typical cloud migration sees an infrastructure move from on-premise systems and servers to a cloud platform in stages, offering an incremental upgrade that won’t hinder operations by taking huge chunks of your IT environment offline or leaving your staff to relearn a bevy of basic tasks in a short amount of time.  Businesses that have restrictions placed on certain data or applications can still move other pieces of their operations to the cloud without jeopardizing compliance.

 

Client data may need to be restricted to a secure on-premise server, but internal back-office data and applications such as accounting, human resources, and legal can be moved into the cloud. Your business can still move from legacy systems to software as a service (SaaS) and benefit from the cost savings, mobility, and scalability the cloud has to offer while still meeting your obligations to your clients.

 

This balancing act of sorts between on-premise and the cloud isn’t limited to compliance restrictions. Those providing municipal services such as the Department of Transportation can redistribute resources in a way that makes growth and innovation a smoother process.  Back-office functions can be shifted to the cloud along with other non-critical applications in order to allow mission-critical data and programs to be stored and maintained on secure on-premise servers and systems.  A hybrid on-premise/cloud solution can also be used in this scenario to support better scalability and allow for the adoption of platform as a service or infrastructure as a service down the road.

 

While most cloud providers offer built-in cyber security measures as part of their offerings as well as round-the-clock monitoring and maintenance of your virtual servers to prevent intrusions or data loss, some data can be considered too sensitive to trust to the cloud.  For some businesses, the fact of having to collaborate with an outside provider to manage IT security is something they’re simply not comfortable with. For others, it may be slightly more complicated.  Applications that, for example, control municipal resources such as traffic lights or waste water release require a level of protection from potential hackers that is, for the moment, better provided by an on-premise system.

 

Data that needs to be accessed quickly and at a moment’s notice may also be a poor candidate for cloud storage.  Despite the extremely high up-time guarantee offered by most cloud providers, there is always a chance that access could be delayed by a minor service disruption, whereas data stored on-premise would remain accessible.

 

For many businesses that either cannot or are not comfortable with trusting their mission-critical data and applications to a cloud solution, the cloud still offers an invaluable service – data backup and business continuity.

 

Your day-to-day operations might function based entirely on an on-premise infrastructure, but data and applications that are backed up to the cloud provide businesses with the ability to work around disruptions that would otherwise see their operations grind to a halt.  In the event of a fire, flood, or storm that leaves your office inaccessible or damages your on-premise hardware, the cloud allows for offsite disaster recovery.

 

Businesses that are fully open to moving to the cloud may find themselves facing challenges of their own. Adopting a cloud solution based entirely on functionality without considering connectivity or security can lead to major headaches.  It’s important to remember that while there are numerous applications designed to work in the cloud – or designed specifically for the cloud – not every legacy application can integrate with cloud technology seamlessly, or at all.

 

Taking the time to plan out your cloud migration carefully will give you better results, and save you the cost and frustration of having to revert back to on-premise solutions. When done right, most businesses that adopt cloud technology stay with it long-term.  Knowing which applications are best suited to the cloud, which applications need to be moved together to boost performance, and how your team relies on and uses resources will help your cloud migration to be a successful one.

 

The key to benefiting from the cost savings the cloud can offer is being smart about how and when you begin to move away from on-premise solutions. A business that is relying on onsite hardware that is ten years old and in need of constant maintenance will likely see a huge boost in productivity and efficiency along with a reduction in IT costs by moving applications out of their on-premise data center.  A business with relatively new technology powering its infrastructure wouldn’t see as dramatic a change in performance or cost, but could still benefit from the added accessibility and speed cloud-based applications can offer.

 

Something else businesses considering the cloud should keep in mind is their IT department. There is a common misconception that by moving part or all of their infrastructure off-premise, the need for IT personnel decreases.  The reality is that your technology is still there. While the day-to-day maintenance tasks associated with onsite technology may not demand the level of attention they once did, your cloud solutions cannot run or maintain themselves.  There will be new challenges for your IT staff to take on, and new uses for their skills. Your IT staff can now focus on leveraging your technology to increase performance and productivity, staying on top of upgrades and innovations, and helping your team to make better use of the resources available to them.

 

There is no right or wrong way to go about implementing cloud technology that applies to everyone. Each business has its own unique needs and goals.  Figuring out whether the cloud, an on-premise solution, or some combination of both is the right fit for your business requires taking a look at what your business’ requirements are and discussing your options with your IT department or IT provider.

Version 3.1 Released!

Install Server Software

 

 

 

 

 

We are happy to announce the release of MyWorkDrive version 3.1 with numerous new features and improvements including:

  • Data Loss Prevention
  • Public File Sharing link functionality using Office 365 OneDrive integration
  • MyWorkDrive Mapped Drive and Mobile Client updates
  • DUO Two Factor Security in Web, Mobile or Mapped Drive Clients

 

MyWorkDrive is the ONLY Microsoft Office 365 Partner that allows you to collaborate with and edit office documents online in Office 365 while keeping files stored on your own server.

 

Download MyWorkDrive Version 3.1 upgrade or Trial for 30 days now

Download Mapped Drive and Mobile Clients

 

See our Server Setup Guide for more information. The latest release allows you to trial all features including enterprise functions during your trial.   Existing customers may upgrade in-place.

 

Data Loss Prevention (DLP) allows you to prevent downloading and external sharing of files made available in MyWorkDrive.   Details are in the DLP Support Article Here

 

 

Questions? Need a trial extension? Email us at sales@myworkdrive.com or Phone: 877-705-4997

MyWorkDrive Featured In May 2017 Microsoft Azure Newsletter

MyWorkDrive had the honor of being included as a feature in this month’s Microsoft Azure newsletter alongside a series of great articles on the latest Azure news and developments.  This recognition is beyond thrilling for the MyWorkDrive team and something we’re proud to share with our clients.

 

Here is the write-up as featured in the May 2017 Azure Newsletter:

 

MyWorkDrive.com relies on Azure to provide the infrastructure for its cloud-based file access as a service offering. MyWorkDrive provides enterprise cloud file sharing services for Windows networks. Businesses use MyWorkDrive to access, share, and collaborate on work files using their lightning-fast web file manager, mapped drive client, or mobile devices. Leveraging MyWorkDrive’s Azure infrastructure, companies can securely edit and share documents in real-time using Office Online while keeping their files stored on Windows file servers on premises or in their own Azure subscription. MyWorkDrive’s service on Azure is growing fast, and is being adopted by an increasing number of enterprises.

 

You can see the original write-up here, along with the rest of the newsletter’s exciting content.

Want to find out more about MyWorkDrive? Contact us at sales@myworkdrive.com  call 877-705-4997.

Resolve Business Challenges Quickly with MyWorkDrive

In today’s working world, whether your business is large or small, you require remote access to your files. You may rely on a Virtual Private Network (VPN), with syncing to do this. Regardless of the solution type, you just need to access your files from any location in a secure, reliable, cost-effective way. This is the genesis of MyWorkDrive. It allows you to work from anywhere, and access your files without the need for a VPN, or syncing files.

 

 

Why MyWorkDrive?

You need reliable, fast and secure access to your files from anywhere, without the worries about:

  • Ransomware, like Cryptolocker, that can access your network via VPN.
  • Costly sync/share solutions that expose you to data vulnerabilities if a laptop is stolen.
  • Cloud solutions with bandwidth constraints and support issues.
  • Putting all of your data in the cloud—You may just want an incremental move due to regulatory issues, or just because you’re not comfortable with this.

With MyWorkDrive, you have fast, easy and secure remote access to your organization’s files using YOUR server storage: 

  • No more privacy worries about data being stored in the cloud, or not syncing to your remote computers.
  • No more downloading and syncing all your data to access files. (This doesn’t work if you maintain a lot of data.)
  • All your files remain on your local server when large files or data sets are needed, and available at Gigabit network speeds though the same mapped drives you already use.

MyWorkDrive provides a Lightning-Fast Web Browser, Mapped Drive and Mobile Access to your work files without all the administration hassles and time wasted waiting for connections. Plus, it offers native or Office 365 integration without the need to download files to your system.

 

How MyWorkDrive Works

 

  • You simply log in to MyWorkDrive with your network credentials. Or you can opt for Single Sign On (SSO) ADFS with Two-Factor Authentication Security.

 

  • Permissions can be set for each user to designate what access they have to files. Plus, you’ll have a log of all file access for security and control.

 

  • All files remain on YOUR server, and under YOUR control.

 

  • Documents can be edited directly from MyWorkDrive without downloading them, and then saved securely.

 

  • Your employees can co-edit documents in Office 365 in real time. And when one person needs to work on a file, it will be locked until they have completed and saved their work, notifying others if they try to work on it at the same time.

 

  • Users can find files easily with an Integrated Search function and shortcuts to folders

 

  • Take advantage of Drag & Drop for file and folder uploads.

 

  • Enjoy Mobile Support for iOS & Droid with File Upload/Download and Viewing capabilities

 

  • MyWorkDrive provides Multi-Language support.

 

Both large and small organizations have benefited from increased security, productivity and efficiency with MyWorkDrive. They enjoy private and simple file access from any device. 

Release of MyWorkDrive 2.0 Brings Competitive Advantages to Modern Business Professionals!

San Francisco Company Thrilled to Announce Latest Version of Groundbreaking Remote Access Solution

FOR IMMEDIATE RELEASE

SAN FRANCISCO, CA – December 12th 2016 – The modern business landscape is fast-moving and evolves rapidly, more often demanding significant adaptability and efficiency from entrepreneurs and business staff. Rob Schenk and Dan Gordon of San Francisco IT support and consultancy firm, Intivix, set out on a mission to help respond to this increasing demand by creating MyWorkDrive. MyWorkDrive is a remote file access solution for business-owners that is poised to replace its expensive and complex competitors.

To help modern business professionals thrive, MyWorkDrive is defined by three centralizing features: ease of access, speed and cost efficiency. Users can easily access the contents of their business server remotely, without concerns about security or complexity. The entire MyWorkDrive team is committed to continually optimizing the product to best suit the evolving demands of the modern business landscape.

In light of this commitment, Schenk and Gordon are incredibly excited to announce the release of MyWorkDrive Version 2! The latest version offers product optimizations and added benefits for users including:
• Expanded localization settings that include: English, Spanish, French & German.
• Windows Server Search service integration
• Capacity to download folders/files as ZIP
• Increased support for installing on a Domain Controller
• Improved setup and integration improvements in Windows Server 2012 R2
• Support for Windows Server 2016

“We’ve had such a great response from users who absolutely love MyWorkDrive and the advantages it offers over traditional remote access solutions.” Gordon claims. “It really means the world to us because helping business owners drive productivity and competitiveness through technology is a huge part of why we started MyWorkDrive. We look forward to making continual improvements to help business owners make the most of their MyWorkDrive use.”

The entire MyWorkDrive team looks forward to continually growing with the business landscape to offer the most user-friendly, comprehensive and cost-effective remote file access solutions for every kind of modern professional. In hopes of driving increased simplicity and security, features planned for future implementation include:
• Windows Mapped Drive Client
• Office Online Editing
• Two Factor Authentication
• Post Setup Configuration Wizard

About MyWorkDrive
Founded by San Francisco IT experts Dan Gordon and Rob Schenk of Intivix, MyWorkDrive seeks to offer cost effective remote file access solutions for business owners, without sacrificing speed or efficiency. MyWorkDrive allows users to remotely and securely access organizational files and data in a way that is designed to maintain productivity and ease of use. MyWorkDrive is rooted in a philosophy of helping modern business-owners harness technology to better support business needs and help realize organizational goals.

MyWorkDrive showcased in Small Business Trends

Great article explaining the MyWorkDrive solution and problem we fix for small businesses!!

 

MyWorkDrive Featured at Microsoft World Partner Conference

staff-dan-gordon

This past summer MyWorkDrive was highlighted at the Microsoft World Partner Conference.   We were excited to share our cloud success with other partners!  In addition to presenting at the conference MyWorkDrive has been accepted into Microsoft’s invitation only Enterprise Cloud Alliance.   We look forward to a great partnership!

Check out the Microsoft blog article here: 
 
 
The Video is here: http://resources.wpc.microsoft.com/#key=searchTerm&value=us04 Dan Gordon, Co-Founder presented.  MyWorkDrive Presentation starts at 33:19

 

MyWorkDrive:Faster, Cheaper, Better.

MyWorkDrive is not another File Sync and Share product. In fact, it is a NEW PARADIGM for providing remote workers with faster, easier, and direct access to their work files.

The premise for Enterprise File Sync & Share (EFSS ) products is that company files are synced across managed user devices, permissions are managed outside of Active Directory, and the process of connecting to existing file shares is more of an afterthought.

We designed MyWorkDrive from the ground up to provide simple, secure, and fast web browser & mapped drive access to existing file shares—leveraging native Active Directory integration.  For example, with other Sync and Share products, even if they do have an option to connect to existing Windows file shares, users must be manually imported from Active Directory every time a new user is created. With MyWorkDrive, since we tie directly into Active Directory, there is no user management maintenance needed going forward. As users are added or removed from a group in Active Directory, they are automatically added or removed from MyWorkDrive.

From an engineering perspective, MyWorkDrive has a much stronger and secure engine that utilizes Microsoft Internet Information Server (IIS) as opposed to many Sync and Share products that leverage Apache. This makes it much easier to manage, patch and add your own SSL Certificates, leveraging skills your technicians already have.

With MyWorkDrive, there are no databases to manage, unlike Sync and Share products. Therefore, administrators do not need to worry about databases that need pruning, patching or backups. Furthermore, MyWorkDrive can be installed on existing servers due to the smaller footprint.   MyWorkDrive price point is also much lower than Sync and Share products—ranging from $1 – $3 per user, instead of up to $15 per user per month.

With a much lighter footprint, easy management, and fast deployment, MyWorkDrive can be setup in UNDER 30 MINUTES.  With Sync and Share on-premises solutions,  you need to setup multiple servers, manage databases, configure your own file editors, configure LDAP, connectors and numerous other items to deploy the software.   With MyWorkDrive, native Active Directory integration is included in all pricing levels OUT OF THE BOX. Therefore, ALL user and group permissions are inherited and utilized automatically.

Another big differentiator of MyWorkDrive is our patent-pending Cloud Connector. We are unique in this respect.  The included Cloud Connector option enables direct access to your MyWorkDrive server through our patent-pending integration system.  This means there are no SSL Certificates to setup, no firewall/NAT policy rules to change, nor DNS settings to adjust.  Your files remain on your server UNDER YOUR CONTROL but are made available to your users through our network in minutes.  This means you can get a Proof of Concept or long-term MyWorkDrive solution up and running quickly—all with minimal technical skills and no ongoing maintenance.

File Sharing and Cloud Services

coud file sharing

A review of recent internet posts on file sharing and cloud solutions reveals an ongoing demand for an easy file web access and map drive solution for existing Windows File Servers that’s not currently available in typical file sharing services.  Intivix – our MSP in San Francisco – looked for products to fill this demand and came up short. All the products assumed clients are looking to sync all their data to the cloud or users’ desktops – this is not feasible when file server storage for even the smallest client exceeds 1 terabyte. Intivix ended up designing their own product – MyWorkDrive.com – and setup a new company around it. Intivix now uses it at numerous clients and for their own secure file remote access solution.

Some of the most requested features MyWorkDrive fulfills include:

  1. 100% native windows product – easy to patch and ties into active directory (with nothing to configure) and inherits existing NTFS permissions, users and groups.
  2. File access solution – no VPN – end users utilize the file web access browser client or WebDAV to map drives, no sync clients to maintain or troubleshoot – We leave synching to whatever service the client prefers for a subset of their files – Box, Dropbox, OneDrive, etc..
  3. Files can be viewed on iPad’s or for power users they can utilize WebDAV to connect to shares using 3rd party apps – we recommend WebDAV Navigator for both IOS and Android powered phones.
  4. Security utilizes Windows IIS so it’s easy to scan, update and manage. Our optional free relay service allows small clients to access files through our azure service bus relay – so no Firewalls, SSL Certificates or host names to configure – meaning no open ports to servers. We regularly scan our relay servers using Qualys SSL Labs to ensure an A rating.

With MyWorkDrive users can connect to internal files & shares using any web browser, map drives over WebDAV and enjoy ease of access on any mobile device – all while providing internal access at gigabit speeds using mapped drives users already know.

With MyWorkDrive users enjoy all the benefits of cloud file server access without giving up their data!

Configure Windows File Shares - MyWorkDrive

What makes MyWorkDrive different?

What makes MyWorkDrive different?

MyWorkDrive is designed to integrate with existing on-premise Windows File Servers while providing end users with fast cloud file cloud access – all while maintaining local IT control over the data.  The server software is very lightweight – no databases or complicated LDAP requirements – and can be installed directly on existing Windows File Servers.

Server Services

Other products utilize 3rd party integration software to integrate into Window Active Directory and create error-prone, bloated databases that must be maintained, pruned, and backed up.  With MyWorkDrive, there are no databases or additional servers to maintain.   Our software components utilize native Windows components that can be easily patched as opposed to fragile open source software.  Backing up the MyWorkDrive configuration is as simple as copying a few XML files.

User Integration

Since MyWorkDrive utilizes native Windows components and runs within IIS, existing Active Directory users and groups are accessible and manageable right out of the box.  Provisioning shares is simple – the systems administrator simply points to the existing file folders (if installed on an existing file server) or share paths such as \\server1\share and chooses what user groups to allow access.  Existing NTFS permissions are supported automatically. Other products require complicated LDAP configurations and the continual import of new users & groups. With MyWorkDrive, an end user’s home drives are made available by default with no extra setup, formulas, or added configuration required.  Once the shares are set up, new users who are added to Active Directory, can login to MyWorkDrive with no additional requirements.

Web Publishing

Our optional MyWorkDrive Cloud Connector service allows the system administrator to publish the end user web file manager portal in minutes.  This means the administrator can simply choose their preferred client URL such as https://MyBusiness.myworkdrive.net and publish it to the end users without opening up firewall ports nor purchasing and maintaining SSL certificates.  Our Cloud Connector service utilizes the highest encryption available and is locked down to prevent all known threats. All files remain on the customer’s server, flowing through our encrypted relay channel as they are accessed by end users.  Unlike other vendors, we have no access to data – all data stays on the customer’s server. We regularly test our relay servers to ensure the highest rating on Qualys SSL Labs.   Self-hosted options from other vendors require significant security expertise to achieve the same level of encryption and availability with some vendors defaulting to no encryption all.  MyWorkDrive’s level of security expertise is not typically available to a small business nor is it maintained when using competing products.

Web File Access

MyWorkDrive’s Web File Manager access browser client is the most advanced and user friendly in the industry. Upon login, the user is presented with their home drive and file shares in a view similar to Windows File Explorer.  Files and folders are displayed in Detail view for easy sorting, by name and date.  Our browser client provides the unique ability to double-click on a Microsoft Office document, edit it and save it back – all without requiring the file to be downloaded or synced first to the user’s remote PC.  This unique function ensures data remains on premise and under business control.   Other vendor’s products require downloading of files and utilize an unfriendly user interface with only basic file and folder functions.

File Syncing

Competing products all assume System Administrators will maintain a file sync client on all user’s desktops.   Syncing clients generate a tremendous amount of network traffic that fills up an end user’s PC with files which creates a substantial support burden on System Administrators.  Since MyWorkDrive connects to existing file shares and the end users home drive with both a Web client and mapped drives, syncing is not needed.  It’s not uncommon for even the smallest business to have over 1TB of files on even the smallest of file servers.  Syncing that amount of data across multiple user’s desktops is unsupportable in these scenarios.  With fast Internet access available just about anywhere, error prone file syncing is not required nor desired by many businesses.

 

VPN Security Concerns

VPN Security Concerns Reduced by Utilizing MyWorkDrive

With More and more employees working remotely VPN Security is a huge concern. Businesses have traditionally used virtual private network (VPN) technology to enable this remote connectivity, but security concerns are requiring companies to leverage new ways of enabling secure remote access.

The problem with utilizing VPN software to connect to work resources is that end users are creating an open tunnel between their home and corporate networks.  This method allows full remote access to the entire work network from outside the office, bypassing most firewall rules (the VPN connection is technically initiated from inside the work LAN).  In most cases, the entire corporate network is accessible to the remote worker, exposing all servers and desktops rather than just the resources needed.

In this scenario, any security vulnerability or malware present on the remote worker’s computer and network can infect the work network for the duration of the VPN connection. This includes viruses. For example, if the remote PC has a nasty virus, it can spread across the VPN to the corporate network and could bypass work firewall protections.  In addition, if the remote PC is compromised, it could be used as a conduit directly into the office LAN where hackers can exploit vulnerabilities to gain unauthorized systems access.

To reduce exposure to the corporate network, VPN users should be prevented from opening a VPN session to the corporate office (especially from unmanaged home PCs). The connection should be locked down to only what the teleworker needs to access to and prevented from leaving the connection established when not in use.  Furthermore, Network Access Protection (NAP) technologies should be enabled on the VPN access point to prevent access from PCs without firewall and current antivirus protection enabled.

MyWorkDrive alleviates these security issues and complexities because only a single port (SSL Port 443) is exposed to the remote worker’s PC and network—all other connections are blocked. This greatly reduces the surface area for attack by virus infections and hackers.  In addition MyWorkDrive allows administrators to add two factor authentication for improved VPN Security using our DUO.com integration.

Users can still map network drives using our own Mapped Drive or Mobile clients or access files using our Web File Access client—this enables the same user experience they have to come to expect when in the office.  Additionally, threats such as Cryptolocker viruses, which typically rely on Windows file shares (SMB) to encrypt files, are prevented– since no Windows File Shares are exposed VPN Security is improved.

 

The following is a home VPN user scenario that keeps IT managers up at night:

A remote teleworker is connected to the VPN from their home PC and gets infected by Cryptolocker. At the time of infection, they happened to be mapped to a corporate network drive.  Perhaps they pay the ransom or perhaps not (maybe they don’t because they have backups of the work on their own home machine). The timer lapses and the teleworker runs a malware cleaner to remove the infection.  They’re relieved, but unaware that they’ve encrypted several files on our network drive due to the original infection. They don’t think to inform the IT department, because it’s an issue with their home PC and not “work-related.”

A few weeks pass and other workers discovers that a file on the network drive won’t open. They flag it to the IT department.  The IT team restore the file from backup, but unfortunately it turns out that only encrypted files have been backed up for the past 4 weeks… So the company has now lost the data as a result.

This situation could become exponentially worse, as thousands of network files could be encrypted and the business would never know until somebody tries to open them and is unable to do so because of the infection.

 

_____________________________________________________________________________________

Contact us today to get started setting up a secure remote access solution with MyWorkDrive – https://www.myworkdrive.com

© Copyright Wanpath LLC. dba MyWorkDrive, All Rights Reserved

Secure File Sharing

5 Tips to Minimize Enterprise File Sharing Risks

Regardless of the industry your business falls under, the ability of your employees to securely access tools and information to perform their duties is critical.  Providing employees easy access to files and folders is essential to keep business operations flowing and to avoid serious file sharing risks.

Since the days of the floppy disk, users have come up with some pretty creative ways to quickly and easily save information, as well as share it with each other. Technology has advanced to the point where email is no longer considered a convenient or secure way to share data.  Consumer level file sharing and sync options being utilized by individuals without IT knowledge lack security and increase risks to your business.

According to a study done by Gigaom Research and Harris Interactive, a staggering 84% of IT professionals reported security problems caused by use of consumer-oriented file sharing services for company business. Even for personal use, only about one-third of those users polled stated they trusted file sharing services.

There are many reasons why consumer-oriented file sharing platforms aren’t trusted – chief among them being lack of control over how company data is shared, service reliability and the fact these platforms steer users to set up automatic file syncing of work files to the cloud whether required or not.

All is not lost however, as organizations can utilize Enterprise File Sharing and Sync platforms. Although there are still risks involved with even enterprise file share and remote access solutions. Here are five tips that you should take into account when developing policies for enterprise level file sharing.

 

Set Permissions: By documenting which network activities are allowed and which are not, you are making it clear to employees what is an acceptable use of your network.

 

Passwords Matter: You’d be amazed at how often employees use very basic passwords for their workstations on-site or remote. Some don’t even bother to change the default password that was initially set up. Having password rules with a minimum length of 9 characters and complexity restrictions in place can mitigate the security risk of generic passwords and can also control how data flows into your network and who has access.

 

Define Mobile Policy: BYOD isn’t going away, so if you haven’t taken the time to implement controls and policies as part of your IT strategy you need to. With the amount of employees utilizing their mobile devices to access proprietary business data, keeping it secure and off personal devices that cannot be managed is a high priority.

 

Meet Employee Needs: If you don’t have the right tools in place for employees to do what they are supposed to do, you likely don’t have visibility or control over how they are sharing and accessing sensitive data. By meeting the needs of your workforce, you are also keeping your company secure.  MyWorkDrive provides employees this easy remote access to work files and folders.

 

Teach Security Best Practices: If you have a remote workforce of any kind you will want to ensure they are aware of security best practices for sharing and accessing company data, connecting to secure Wi-Fi and not using public Wi-Fi, and always locking their personal devices. Education is key.