MyWorkDrive Technical Overview
Information Architecture Overview: The MyWorkDrive product architecture works by taking existing file shares and making them accessible over https as an IIS Website. The MyWorkDrive software is installed either directly on the Windows File Server (assuming it’s free of other IIS roles) or on another Windows domain member server on the same LAN. MyWorkDrive recognizes the existing Active Directory domain and utilizes it automatically for all authentication including administration to provide users a single sign on (SSO) experience. The System Administrator simply points to the existing shares they wish to make accessible to users in MWD remotely. Traditional mapped drives remain available – company files remain on the internal file servers and are never stored in the cloud.
Our MyWorkDrive service provides Browser, Desktop Mapped Drive, Mobile and Office 365 Online access to Windows File Server Shares from anywhere – all while maintaining corporate control. Unlike basic SSL VPN or FTP Server packages that only provide limited functionality or are complicated to setup, our easy to install File Web Access solution provides all the features employees expect while maintaining local access, security, speed and control.
On the IT administrator side, our solution can be installed in minutes onto any existing or new Active Directory based Windows file server environment. No SQL databases (and associated support and licensing costs), Complicated servers or firewall changes are required. For security, all access and transfers are logged and sharing is configurable by user or group. Since user security utilizes existing NTFS permissions on file shares, and Active Directory, setup is quick and easy with no re-provisioning of shares and users or ongoing management to reduce total cost of ownership (TCO).
•Map drives directly to shares just like in the office using our Map Drive Client
•Integrates with Active Directory, leverage existing shares, users and groups for a Single Sign On user experience
•Office 365 Online Editing while keeping files stored on the customer server
•Web Access to files from any browser including mobile devices
•Browse Files by Date, Size, Type or Name
•Direct editing of office documents online and in Office 365 – all file remain stored on the existing file servers
•Logging of all file access for security, control and auditing
•No syncing needed (or desired)
•Fast Local Access when needed at Gigabit speeds over traditional mapped drives
•Multiple files and folders upload with very large file support
•All files remain on customers servers under their administrative control for compliance and legal protection
•Mobile Apps for iOS & Android devices with online editing of files
•Upload files to OneDrive for secure public sharing
All communications of our Web File Manager, Mapped Drive Client or Mobile Apps are secured over an SSL encrypted tunnel. Web File Manager connections are available at a unique company URL to users for remote access in the cloud through the customers own SSL Certificate & Hostname or optionally using our Cloud Connector – *.myworkdrive.net reverse proxy infrastructure. Either Way, No end user login information or customer files are stored on MyWorkDrive systems as all authentication is done on the customer’s server. For even greater security, Enterprises may also enable our Two Factor Authentication.
MyWorkDrive Mapped Drive and IIS Website : A unique URL is provided for each customer utilizing our Cloud Connector on MyWorkDrive.net. Customers may also use their own SSL Certificate and hostname by simply binding it to the WebClient site in IIS and opening their firewall on TCP port 443. The web site URL is used for accessing files using our Web File Manager, Mapped Drive (Windows), Mobile Clients or WebDAV.
Server Admin: The MyWorkDrive administration website server engine is installed locally on the customers Windows Server alongside of the MyWorkDrive Client Site on it’s own unique port 8358. The internal Admin Website is access on the MWD Server and is provided to provision shares, access rights, user home drives, review access logs and system settings. The internal website can only be accessed on the local MWD server and requires domain admin credentials. A shortcut to the Admin Panel is placed on the server desktop which references the Admin site in IIS.
Once the MWD Software is installed on a Windows server, it automatically recognizes the Windows Active Directory domain that the server is part of. The administrator logs into the Admin Panel using their domain admin credentials. Once logged in, the IT Administrator provisions existing shares to be made available in the cloud and restricts them to existing users or groups. Home Drives are made available by default. Users are able to authenticate with their existing logins by simply entering their domain usernames and passwords for a single sign on experience.
Note: As an additional security precaution we have designed MyWorkDrive so that it is not possible to grant more privileges to shares in MyWorkDrive than are already provisioned in Windows under NTFS – we inherit existing permissions providing for least privilege access.
Should the customer choose to utilize our optional Cloud Connector *.myworkdrive.net domain, when activated, a unique access key is generated that allows the on premise server to communicate with our redundant web servers to make the customers server available over an encrypted tunnel using a hostname on myworkdrive.net. This key is unique to each customer and provides an encrypted reverse proxy connection in listen only mode. No data, passwords or client information of any kind is stored on MyWorkDrive servers. The Cloud Connector simply provides an encrypted tunnel to the customers server to make it available on a unique MyWorkDrive.net URL.
MyWorkDrive Web File Access Portal : The MyWorkDrive Web File Manager portal provides web file access to user’s files and folders. Upon logging in with their existing Windows domain credentials, users are presented with the Web File Manager to manage their work files and folders. The File Server File Web Access client provides access to upload and download of files and folders, search, direct editing of office documents locally and in Microsoft Office Online and our Mapped Drive Client feature which opens the shares in the user’s operating system (file explorer) using a mapped drive over https (SSL). Drag and Drop of files and folders is supported.
Sample Scenario: Enterprise Customer with 500 employees: Ace manufacturing firm has been in business for many years. As part of their business requirements, they process numerous files and photos for clients and have several terabytes of data for both active and archived projects. In addition, new data from projects in the form of documents and photos are growing daily. The company has existing Windows file servers in place with mapped drives to user’s PC’s and Mac’s and leverage traditional VPN access. Users have become frustrated by the complicated and cumbersome VPN access solution currently in place and have expressed a need for an easier solution for accessing files and folders remotely from any PC or mobile device and for sharing data externally with clients. The firm has considered moving all files to the cloud but is concerned about ownership, security, cost and speed of file access. Even if security, ownership and cost were not a concern, they would need extremely fast internet speeds to upload and download the large volume of data they maintain for client projects. The cost of upgrading Internet lines to a minimum of 100 Mbps (both up and down) at their location would run into the thousands of dollars per month which would still be much slower than their current Gigabit network. The firm reviewed other solutions on the market and found them to be both complex (requiring multiple servers) and cost prohibitive. The firm also has a number of users who only have E1 office online subscriptions. By deploying MyWorkDrive they can make internal shares available to all users including E1 within a browser for online editing or sharing. Without MyWorkDrive they would have had to migrate all their files to SharePoint, OneDrive or a Sync and Share system or purchase costly E3 Office licenses for all employees.
Solution: MyWorkDrive has provided the answer to these concerns by installing their Web File Access solution. With the MyWorkDrive mapped drive, Mobile and Web File Access features, employees are able to download and upload files remotely on both their PC’s, tablets and mobile devices and share files with customers easily with no complicated VPN’s or prior setup. For day to day operations or when fast upload or download is needed to transfer a large volume of files, the traditional file servers are available at fast Gigabit speed using the mapped drives users already know. The MyWorkDrive solution has helped their employees be more productive without disrupting current operations or work flows – while improving security and lowering support costs.