File sharing is a key part of a company’s ability to collaborate and share corporate data, which is increasingly stored in many disparate services. Many businesses just let employees share files with no control and no checks. Sharing desperately needs a policy. Information is the business’ core asset, and it needs to be protected and secure. Also, compliance and legislation of data are increasingly becoming important. The business needs to ensure it does not get caught in a compliance trap.
Here are a few things to consider when implementing a business file-sharing solution.
1. Implement a control mechanism for your users
An easy solution to implement enables users to share files with password-protected, expire-able links. This protects against the user forwarding files. If the file is password protected, even if the file is forwarded by the recipient, then the file cannot be accessed unless the password is provided. The file link can be set to expire on the first download or after 24 hours. A control mechanism promotes best practice security management of files and reduces operational risk.
2. Point solution or not?
Consider whether your strategy should be to implement a point solution — if it even works with your existing data sets. Many vendors purport to promote managed, secure file sharing; but often you have to move your data to their cloud to have the solution work. You need a tool that works with private on-premises data, public cloud data (such as DropBox, SkyDrive, Box, etc.,) and also with SaaS services such as BaseCamp. This promotes a “joined-up” strategy for company file sharing.
3. Integrates with what you have?
Does the solution work the same way you work? You need to ensure it does not get in the way of business or productivity. You need something that integrates directly in the desktop as a network drive, with the simple right-click option to share files, as in Windows, Mac and Linux. You need to make sure the tool has been integrated into other core business productivity tools such as Microsoft Outlook and Mac Mail to promote easy, secure file sharing using links directly from the corporate mail client. You need to confirm integrations exist for other core productivity tools such as Microsoft Office, Open Office or Libre Office.
4. Compliance, compliance compliance
Compliance is fast catching up with all verticals when it comes to storing and accessing corporate files offsite. Specific industry legislation already exists, such as HIPAA in healthcare and FERPA in education, but more general proposals are being considered at various governmental levels in the United States and the EU. It is a safe bet that the ability to track historic file events will become more of a requirement, not less. The ability to search against historic file sharing or data access should be just part of an overall corporate security policy.
5. On-premises, hybrid, or cloud?
You should be able to decide how you manage data or metadata associated with storing files and sharing files. This can be behind the corporate firewall, totally on cloud, or some combination of both. The key word here is choice. No matter what solution you choose, you need to choose at least one. Information leakage is the easiest way for you to lose hold of your most critical asset — your intellectual property.
Jim Liddle is CEO of Storage Made Easy, which provides a cloud service data broker platform and related services either as SaaS or a hybrid on-premise solution. Storage Made Easy unites cloud and data services into a single environment, guaranteeing file access no matter the location or device while providing the highest levels of management, security, compliance, audit and access services.