by Fran Howarth
In a new report, ‘Taking control of file sharing services’, Bloor Research outlines best practice for large file sharing in the enterprise and assesses current vendors.
Online file sharing services, which were initially developed to share personal files with friends and family, have spilled over into the workplace. Office workers turned to these services as their corporate email systems limited the size of attachments – it’s a challenging time for IT teams seeking to protect and manage their organization’s confidential information.
Surprisingly few companies have an IT sanctioned file sharing service, which is why Bloor’s new ‘Taking control of file sharing services’ white paper will become so useful to IT teams over the coming months and years.
The research, in partnership with Mimecast, identifies the key considerations for selecting an enterprise-grade service. For those who may not have the time to read the full report, I thought it’d be useful to summarize these considerations on Mimecast’s blog:
Security is the key criteria when selecting a file sharing service – in particular, safeguarding confidential files in the cloud. Therefore, role-based access control and encryption for files in transit and in storage is a must. Plus, enhanced authentication features, such as security tokens attesting to the user identity or mobile pass codes, should be used during very sensitive transactions or for access from less secure locations like public Wi-Fi hotspots.
Also, as malware infections can lead to security breaches, the service should provide integrated anti-malware controls, including content inspection for files and metadata protection. It should also protect against spam and phishing attacks, especially since the latter are used in the majority of advanced targeted attacks.
In addition to external threats, the service should be capable of limiting where and with whom files can be shared, as well as the ability to check content against data leakage prevention policies in order to protect against sensitive content leakage.
Administrative processes. For end user control, clear communication is required of expectations and procedures throughout the file transfer process. In order to ensure that such services can be used throughout an organization, the service should be highly scalable, providing support for an unlimited number of users. There should also be no file upload limit – both in terms of the volume of files and the size of files that can be uploaded. Otherwise, users are likely to bypass the service and continue to use consumer-oriented services.
Device and file support - a wide range of devices, including smartphones and tablets should be designed for. It should provide access via mobile browsers, web, desktop and mobile applications and provide support for a wide range of document types. Therefore, it should integrate with applications and document types commonly used by organizations, such as Microsoft Office, Office 365, email messaging systems, SharePoint and instant messaging.
End user tools such as self-service signup, file recovery and password resets aid in productivity. Users should also be provided with the ability to perform search and retrieval activities without IT support and no action should be required on the part of the user in the event of a service outage, with the service providing automatic failover should a disruption occur. Ease of use should be at least as good as consumer oriented services, but the functionality offered must be far superior to provide a frictionless service. For example, it should be so tightly integrated with programs such as Outlook that users feel the experience to be seamless.
Centralized administration is one of the key features of an enterprise-grade file sharing and storage service, allowing for central administration and enforcement of policies covering document retention and deletion, scheduling, alerts and error handling. The console should provide reporting functions, including tracking of all activity, including logins, devices connected, and user identities and locations. To ensure that all actions can be attributed to particular users and to assist in provisioning and de-provisioning users, the service should provide native integration with Active Directory and other LDAP directories.
There are also a number of features of any service that should be considered for help in achieving governance and compliance objectives. These should include policy-based archiving according to attributes such as file type, size and date when last actions were taken. It must also provide the ability to adhere to e-discovery and legal hold requests, and ought to provide quick search and unlimited file retrieval capabilities for both administrators and end users.
Awareness and user training is of vital importance, but that is often overlooked. Users should be made aware of the security issues surrounding the use of online file sharing services and the behavior that is expected of them. Policies should be developed and communicated to employees regarding the use of unsanctioned file sharing services to prevent them bypassing the approved corporate service and they should be provided with training regarding the use of the corporate service as ease of use is of paramount importance for ensuring that the service is actively used.
To provide the necessary level of data protection and to benefit from what file sharing services offer in terms of reduced cost, added convenience and improved productivity, my advice is to take a step back – organizations should take a close look at what is already happening within their organization and look to implement a service that caters to all file sharing needs across the organization in a holistic manner. If you’d like to see the full version of the report, you can download a free copy here.
The ‘Taking control of file sharing services’ white paper was commissioned by Mimecast – if you’d like to find out more about Mimecast’s file sharing service, Large File Send, please click here.
by Dan Sloshberg
IT teams around the world know significant amounts of valuable corporate data are leaving their organization every day. They often can’t be sure where it’s going. They can’t be sure what it is. But they know who’s doing it.
LFS now provides users and their contacts with the functionality they need to perform their daily tasks, and IT departments’ control of all sensitive corporate data.
Is this the work of shadowy hackers intent on stealing their corporate secrets? Or perhaps rogue governments or intelligence agencies?
No – it’s confidential corporate information their own employees are happily sending out onto the web via consumer-grade cloud file sharing and storage services like Dropbox, Box and Google Drive every day. Done without a second thought. Without malicious intent. Done to get their job, well, done.
This is a major worry for IT teams. They often have legal and regulatory responsibility for it too. Not to mention they are required by the organization itself to act as guardians for this highly valuable data.
So why is this happening?
The files users need to share to be productive are growing in size significantly. Video, graphics, audio, PDFs, databases and ever larger documents have become commonplace.
As a result, we have seen a major bloat in the storage enterprises have to put on their networks to cope with the data explosion they are seeing. Not to mention rampant inflation in the cost of network and email infrastructure. Now this is good for on-premise networking and storage vendors but it’s bad news for IT teams. More bandwidth and storage means more infrastructure, cost and complexity.
It also means more traffic on an already strained email infrastructure and networks. The file size limitations the IT team put on email to help are now often too small for users’ needs. This is a cause of daily frustration for employees.
So end-users turn in droves to cloud storage or file sharing services out on the public, unsecured web to get around these limitations. They circumvent corporate IT and data policies to get their job done. It’s hard not to sympathize. But in the process they are giving their already hard-pressed IT, security and compliance teams headaches.
But it doesn’t have to be that way. You can have the best of both worlds. You can allow users to send large files easily and do it securely, complying with your corporate IT and data security and content policies.
We just updated Mimecast Large File Send (LFS), a service we originally launched in July 2013 to tackle this very issue.
LFS still enables users to send and receive large files securely from within their email client without contravening IT and data polices. They can send and receive these files internally and externally, even with non-Mimecast users, safe in the knowledge they are protected by the Mimecast secure cloud platform. Staying within the rules their company has in place to protect data.
In Outlook or our new Mimecast for Mac app, they simply attach the file and send. Mimecast does the rest. In fact, the user won’t even have to consider the size of the file – they just send it in the normal way, and LFS does the rest.
If we’re to lure our end-users away from familiar services like Dropbox and back into our corporate control, we need to make sure their experience is a good and easier one. Well with LFS, it couldn’t be simpler. They just send an email as usual, from within Outlook. No more need to come out of email, go to the web, log in to one of many cloud services they use, upload or download a file, make changes, and repeat ad nauseam.
For the IT team it means all data is accounted for, fully discoverable, and subject to corporate DLP policies. More than that, the large files aren’t even sitting on their own corporate infrastructure either. They save on all that storage and email infrastructure, and related management headaches. They don’t have huge files zipping around clogging up their network.
So the IT teams become the heroes. End users get a much better and safer way of sharing large files. The compliance officer knows all that corporate data is safe, traceable and all communication is e-discoverable.
In one step, you can stop the compliance and potential data loss menace these unauthorized or unsecure cloud file sharing services represent and be popular at the same time. What’s not to like about that?
by Mark O'Hare
Mimecast can confirm that its services are secure and unaffected now, and in the past, by the recently reported OpenSSL vulnerability known as the Heartbleed Bug or officially CVE-2014-0160. Mimecast has never used OpenSSL to provide TLS/SSL encryption. There is therefore no need for customers to take any action on their accounts related to the Heartbleed Bug. If you have any questions about your account, please contact customer support.
by Orlando Scott-Cowley
Today we’re pleased to unveil both a new Mimecast for Mac native app and a major upgrade to our popular Large File Send (LFS) service.
Mimecast for Mac
We know that today’s office has a mixture of PCs, Macs and mobile devices, and IT managers often have to battle to support the same level of email continuity and security, as well as archive access across all these platforms. With this in mind, we developed the new Mimecast for Mac app – it delivers the capabilities and ease of use previously only available to customers using Microsoft Outlook for Windows or the Mimecast web portal.
The new native app allows Mac users to search their personal email archive, effectively manage their spam and gain access to their full email account when Exchange goes down – enabling them to continue working normally. And, to help ease the burden on over-stretched IT administrators, Mac users can now be managed alongside existing Windows users from within the same central Mimecast Administration Console making their integration seamless and straight-forward. A video explaining the Mimecast for Mac app can be found here.
Large File Send Upgrade – Enabling Secure Collaboration
LFS allows users to send files up to 2GB securely and directly from within Outlook or the new Mimecast for Mac app. It’s a simple matter of attaching the large file as normal and pressing send – Mimecast does the rest.
LFS allows users to securely send and receive files up to 2GB in size directly from within Outlook or the new Mimecast for Mac app.
Before this, file size limitations put in place on Exchange by the administrator or by Office 365 made this difficult. To send large files, users were often forced to leave the safety of the corporate network by resorting to consumer file sending services in the cloud. Alternatively, IT administrators had to invest in complex and expensive specialist equipment on their network. Users became frustrated and their productivity was impacted. LFS puts a stop to that.
Today’s update makes it possible for the recipient of a large file sent by LFS to work on it and then use the same service to send it back securely, whether they are a Mimecast customer or not.
LFS enables collaboration on files, even when the recipient is not a Mimecast customer. They can send files back to the originator by simply dragging and dropping the files into a secure portal. The originator is then notified that new files are available to download. The shared files remain secure, on the Mimecast archive, and anti-virus and content-scanned throughout. Once the large file exchange is complete, the link expires.
IT administrators value the service because it also means, aside from the file remaining safe on the corporate archive at all times and subject to their security and content controls, it completely bypasses their infrastructure. It doesn’t impact network performance or weigh down email servers. It sits in the Mimecast cloud and is shared from there.
In addition, the new version of LFS features an improved user interface and offers the sender the option to turn off or on the access code required to download the file.
LFS gives users the functionality they need to perform their daily tasks and IT departments can rest easy knowing they are back in control of valuable corporate data. We think that makes everyone a winner.
If you’d like to find out more about the new version of LFS, a video explaining the service can be found here.
Both the new Mimecast for Mac app and upgraded version of LFS are available now.