MyWorkDrive Security Overview
The MyWorkDrive product architecture works by taking existing file shares and making them accessible over https as an IIS Website. No files are ever stored or migrated from existing file shares. MyWorkDrive recognizes the existing Active Directory domain and utilizes it automatically for all authentication including administration to provide users a secure single sign on (SSO) experience. No data, passwords or client information of any kind is stored on MyWorkDrive servers.
Using MyWorkDrive, organizations can provide truly secure file share access to their employees. MyWorkDrive supports the complex username/password requirements built into Active Directory as well as DUO, SAML & ADFS two-factor authentication. All data exchanged transmitted is encrypted using SSL, a standard security technology for encrypting data transmission. MyWorkDrive ensures data is fully encrypted using advanced encryption with TLS 1.2 during transmission. In addition, MyWorkDrive fully supports accessing files encrypted with Windows Server file encryption (Encryption at rest).
With native support for NTFS and Access Based Enumeration no login information, services or access to files is ever stored or used by MyWorkDrive. All file access is granted in the context of the currently logged on user only. As an additional security precaution, we have designed MyWorkDrive so that it is not possible to grant more privileges to shares in MyWorkDrive than are already provisioned in Windows under NTFS – we inherit existing permissions providing for least privilege access.
File Access Security Controls
MyWorkDrive adds intelligence around access windows file shares remotely. Unlike VPN, MyWorkDrive has numerous components that enable enterprise to protect critical company files from unauthorized access and data theft including:
- File Type Blocking/Allow Lists for mapped drive clients
- File download, delete and modification alerts
- Data Leak Prevention Controls
- Extensive logging
- Two Factor Authentication
- SHA 256/TLS High Encryption Support
- SAML/ADFS MFA Support
- Zero Trust Access provides access to Web, Mapped Drive or mobile clients over a single secure port
- Granular Session Timeouts
- Native Windows IIS sites easily patched and locked down.
- MyWorkDrive fully supports placement behind front end proxy security appliances in the DMZ in addition to Cloudflare to additionally protect and secure the MyWorkDrive Web File Access portal.
MyWorkDrive provides the necessary safeguards to help companies meet their security requirements and compliance standards such as FIPS, FINRA, FEDRAMP HIPAA and the EU Data Protection Directive GDPR. MyWorkDrive enables organizations to deploy their own private cloud that meet compliance standards on their own Windows file server infrastructure while still providing users with an enterprise file collaboration and remote access solution under their corporate control. MyWorkDrive has been issued a FIPS 186-4 RSA algorithm validation certificate #3018 from the US Government National Institute for Standards and Technology (NIST). FIPS compliance adds to the list of MyWorkDrive’s data security compliance partners including Duo Security and SkyHigh CloudTrust.™ More..