Secure File Sharing is about more than just securing files
In conversations with customers over the last 4-6 months, I am sensing a real need for a strong, enterprise class solution that allows them to securely share content with entities outside their organization. Many times, these could be short-term engagements they have with vendors, attorneys, consultants etc. – but require content of a confidential nature to be shared.
Most available solutions focus on protecting the content itself using DRM/IRM techniques, but what I’ve learned is that when enterprises talk about content sharing, it is much more than simply encrypting files. Companies struggle with the whole process starting from user management, all the way to auditing, reports, policies, and a whole host of other “management” tasks that surround the simple act of sharing the encrypted content. Several of them settle for using freely available tools such as Secure FTP and then write a bunch of homegrown scripts around that to do some of the other “management”. The result is rarely pretty and usually falls apart with more complex use cases.
Here are some of the elements in my opinion, which I see missing; that enterprises really look for in a robust content sharing solution.
Policy Based Control
Many businesses would like to allow content sharing, but would like to control what content gets shared, how, and by whom. Administrators need the ability to:
- Integrate user authentication with established namespaces like Active Directory
- Allow or deny sharing privileges by user groups
- Placing limits by file types & sizes
- Be prescriptive about protections placed on the shared content – passwords, time-based self-destruction, read-only sharing etc.
Audit logging & Reports
Enterprises need to have a record of sharing operations that were performed by user, user groups and across the organization. Reports and audit logs that track every file upload, delete, share, and download action is essential not just for administrative reasons, but for regulatory compliances.
Many times, sharing content may not simply be a 1-1 transaction. Employees will require the recipient to also share content back. And it may not just be a couple of files, but a complex folder structure. Several internal employees in a team may also require access to this data along with the vendor – who in turn may have several employees in their organization who need access to the same content. Having a way to orchestrate and facilitate such sharing securely and with sufficient authentication is important.
The act of sharing may need to be a final step in a workflow which the business has developed internally. So, it becomes important to be able to automate the act of sharing content so it isn’t always an interactive activity.
Once you have complex content structures, it will also become important to be able to find things when needed. The ability to search, not just file names, but also search inside file content, to be able to identify things quickly becomes critical.
Sharing of data requires a repository in which to place files, so they are accessible to intended recipients. This storage area needs to not just be secure, but also ensure privacy for the organization’s data, especially if it is hosted in a cloud repository. Encryption with strong enforcement of separation of duties is of utmost importance.
And lastly, there is data cleanup. Data uploaded for sharing also has a lifetime, and needs to have automated clean-up mechanisms based on policies. This is important not just to free up storage and reuse space, but also for security and compliance.
So, what enterprises have available are good file protection techniques, but what they lack is a secure orchestration layer which should surround it to make them complete solutions. At Parablu we’ve identified this need and worked hard to develop solutions that are designed to handle these precise needs for enterprises.