Archive for the ‘Security’ Category

SharePoint Alternatives 2020 – Compare Top EFSS Solutions

SharePoint Alternatives 2020

If you are familiar with document management and sharing solutions, there’s a high probability that you may have heard about SharePoint. SharePoint document management and collaboration tool came into existence in 2001 developed by Microsoft and has been a popular player in the EFSS market since.

With innovations in the EFSS market, many SharePoint alternatives have emerged as challengers providing unique features for document management and file sharing with focus on security and usability.

Let’s look at some of the most popular alternatives to SharePoint in 2020 and what they have to offer for enterprises.  


Comparison Criteria – SharePoint Alternatives 2020

Being a top EFSS solution ourselves, we have compelling reasons about which solution is a top SharePoint alternative solution. Here are the factors taken into account:

  • Pricing: SharePoint Office 365 E3 plan costs $24,000/ year for 100 users. We will compare all solutions to find which ones are priced higher or lower than SharePoint and what are the feature differences at this price point.
  • Data Governance & Compliance: Enterprises handle sensitive data every day and need data governance and retention policies. A good solution helps comply with leading industry regulations and avoid any legal troubles.
  • Data Security: Which solutions provide data leak prevention, remote wipe, encryption in-transit and at-rest, and more to safeguard your data.
  • Integration: SharePoint integrates seamlessly with MS Office and related products. We will find out which solutions integrate easily with Microsoft Office 365 and Outlook, so that your workflow stays uninterrupted.
  • Administrative Tools: We will compare admin features, role based administration, granular permissions and more.
  • Other Important Features: We will add important add-ons and features like virtual drive, content classification, security modules wherever applicable to give you a transparent view of what to expect from each solution.

FileCloud Online

Browsing Folders - FileCloud - FileCloud Support

  Pricing: $18000/100 users/year (Enterprise) / $5,000/100 users/year for on-premise solution

✓  Storage: 1TB, +200GB/user (Enterprise)

✓  Security: Compliant with all stringent government regulations, such as HIPAA and GDPR. Get smart DLP, encryption at rest and in transit, 256-bit AES encryption, granular file-sharing, password-protected, public and private shares.

✓  Features: Get unlimited client accounts, unlimited file versioning, branding capabilities, hybrid cloud, virtual drive, selective sync and many more enterprise-level EFSS features. Enterprises can also opt for FileCloud Server for an on-premise deployment option.

FileCloud is one of the most powerful and affordable EFSS solutions compared to SharePoint. FileCloud is storage agnostic and can be deployed across any NAS or object storage. 

FileCloud is one of the most affordable file sharing solution on the market, providing unlimited FREE external client accounts, remote access to your data, collaboration tools, smart content classification, a comprehensive admin panel, customization and branding options to enhance your enterprise sharing, sync and storage experience.


Google Drive

How to Find Anything in Google Apps - The Ultimate Guide to G ...

  Pricing: Enterprise Plan: $30,000/100 users/year

✓  Storage: Enterprise Plan: Unlimited, or 1TB / user if less than 5 users

✓  Security: Multi-factor authentication, encryption in transit; no option to encrypt individual documents. No mechanism for customer-managed encryption keys an your data is collected to provide better services by Google.

✓  Features: Google Drive comes with powerful collaborative tools, such as Google Docs, Sheets and Slides.

Google Drive is a very popular cloud storage solution. Google Drive for business is same as the free Google Drive plan, but with unlimited storage and a few security add-on. As you would know, Google Drive works seamlessly with other massively used Google apps, such as Gmail, Calendar, Google docs and Google Sheets, hence it is a popular choice.

The solution’s enterprise plan offers a simple, clean and intuitive UI, and integrates with popular enterprise software like Salesforce, and more. Apart from this, Google Drive for Business offers unlimited storage, access from any device, offline file access, includes productivity apps like Gmail, Google Keep, Google Sites, as well as enterprise-grade access controls, e-discovery for emails, chats and files.

However, reportedly, users have encountered frequent connectivity and sync issues while using Google Drive. 


Dropbox

Dropbox -

  Pricing: Business Advanced Plan: $24,000/100 users/year

✓  Storage: Unlimited Storage

✓  Security: AES 256-bit encryption for data at rest and AES 128-bit encryption for data in transit, 180 days data versioning, file recovery, password protected shares, remote wipe, granular permissions, file locking, smart sync, audit logs and more.

✓  Features: Dropbox offers integrations with thousands of third-party apps, so is easier to integrate with existing workflow apps. Offers good collaboration features and offers seamless integration with MS Office and Google Docs. Smart sync helps store files smartly without taking much hard drive space. Admins can monitor team activities and easily transfer files from one user account to another if needed.

Dropbox indeed offers a great EFSS solution, but compared to FileCloud, the features are essentially the same with higher price and Dropbox has seen many security breaches in the recent past. Dropbox has been a popular target for data leaks. Even now, it doesn’t offer local encryption.


Box

Cloud Storage Services for Business Use - armix.one

  Pricing: Box Business Plus: $30,000/100 users/year

✓  Storage: Unlimited Storage, but max file size upload limit is only 5 GB!

✓  Security: A regulatory-compliant Zero-Knowledge Provider. Tools to manage user permissions and customer-managed encryption keys, tight security regulations, alerts for unusual activities. Box doesn’t provide HIPPA compliance in the business plus plan, no e-discovery, no Box governance, no Box keysafe, no DLP. Even after paying top dollars!

✓  Features: Secure collaborative and project-management tools, as well as rule sets for work-flow automation, versatile document management, mobile and desktop sync, and custom branding capabilities

While perhaps quite similar in popularity with enterprises as Dropbox, Box, is also an incredibly strong alternative to SharePoint in 2020 on the EFSS list. With tools that integrate with top workflow apps, like Google Docs, Box also goes above and beyond in offering custom branding capabilities (like FileCloud) and letting users create a professional appearance for their organization.

Although, Box’s security is great, being a uniquely zero-knowledge provider and offering multiple options for encryption and user management, you don’t get many security features like DLP as mentioned above and there is a version history limit of 50 only, so in our opinion, enterprises can get better ROI with Google Drive or FileCloud.


Egnyte

Egnyte Business Review | PCMag

  Pricing: Business Plan $24,000/100 users/year

✓  Storage: 10TB storage and 10 GB large file transfer

✓  Security: Standard encryption, includes user and group access permissions, security modules like 256-bit AES encryption, multi-factor authentication, device management, remote wipe and more

✓  Features: What stands out most with Egnyte is their great auditing system which timestamps user activities, plus a robust access permission system. Egnyte business plan offers desktop sync, mobile access, MS Outlook integration, MS Office as well as other premium integrations.

Egnyte is another leading enterprise file sharing solution, designed for enterprises. Egnyte provides the branding capabilities to customize brand assets, provides useful sharing and collaborative features, and decent security features.

Unfortunately, certain important business features like role based administration, AD/ LDAP integration and limited online storage can be a deal breaker for businesses, especially when EFSS solutions like FileCloud and Box provide much enahnced experience. There also have been frequent sync/network problems with Egnyte in the past. There is a steep learning curve for their product features and little documentation is provided.


ownCloud

ownCloud Phoenix - rebirth of the ownCloud user interface – ownCloud

  Pricing: Enterprise Subscription: $18,000/100 users/year

✓  Storage: Unlimited Self-Storage Space/ on-premise

✓  Security: Standard Encryption, Multi-Factor Authentication, NTFS Support

✓  Features: Custom branding, open-source customization options, local storage options

ownCloud is a reliable file sharing infrastructure allowing enterprises to setup a complete private file-sharing solution and avoiding popular public clouds like Google drive or Dropbox. An open source solution, it offers rich features and the ability to use on-premise.

However, ownCloud doesn’t support Windows starting version 8.1.0., and might be a downside for enterprises using Windows servers. Enterprises can opt for FileCloud instead as an ownCloud alternative

 


Citrix ShareFile

Localized ShareFile WebUI available | Citrix Blogs

  Pricing: $29,000/100 users/year

✓  Storage: Unlimited Storage Space

✓  Security: Standard encryption and SSL/TLS. Recovery sites in both the US and EU.

✓  Features: Collaborative and productivity-enhancing tools, custom electronic signature tool, access to SSO, unlimited client users (like FileCloud), Outlook and Gmail plugins, unlimited storage, large file size of 100 GB, custom branding, e-signature, mobile and desktop apps, sync, full text search, file versioning, and much more

Sharefile is Citrix’s enterprise cloud storage solution with decent user management features, and an intuitive user experience. Sync works well as reported by users and unlimited client users makes it a decent option to opt for. The file sharing is fast, especially for large files and the folder structure is easy for structuring data.

The solution itself doesn’t support Linux though, so enterprises need to keep that in mind.


NextCloud

Nextcloud 16 introduces machine learning based security and ...

  Pricing: $10,000/100 users/year

✓  Storage: Unlimited Self-Storage/ on-premise

✓  Security: Standard Encryption, SSO, SAML Authentication, 2FA, File-Locking

✓  Features: On-Premise and Cloud file-hosting, large file support, local storage support, OS compatibility

While NextCloud is a free, open-source software, NextCloud Enterprise comes as a powerful EFSS solution. Nextcloud provides an easy access to files on-premise, security features and much more. Some features include desktop sync, supported local storage, custom branding and file locking. Advanced features like data leak prevention, unlimited file versioning, unlimited free client accounts, are not available though unlike FileCloud.


Syncplicity

Syncplicity Cloud Storage Service Review | Cloud Storage Advice

  Pricing: Enterprise Plan (No upfront pricing available)

✓  Storage: 300+ GB

✓  Security: Standard encryption in-transit and at-rest, SSO, 2FA, AD, remote wipe, DLP, customer managed encryption keys and much more

✓  Features: on-premise, Hybrid solution, remote access and mobility

For a solution that’s much less popular and well-known compared to Dropbox or ownCloud, Syncplicity offers a great package with their rich collaboration features, hybrid hosting options, great security, file versioning and backup. You also get unlimited external collaborators like FileCloud and similar enterprise collaboration features.

Syncplicity’s interface is not the most modern compared to other EFSS solutions compared here and it can be concerning for enterprises, whether they will keep updating the product in the future or not.

Tips for Preventing Data Breach/ Data Leak Prevention

data breach prevention

In today’s digitized global economy, data break or data leaks can result in leaked sensitive information, insights about the company’s growth patterns, differential competitiveness against their competitors and much more.

With the increasing volume of data, it is necessitated, that businesses look for alternatives that not only help them in providing solutions to their storage problems but also help them in offering security against data breaches and ransomware attacks. In this article we will discuss about data breach and tips for preventing data breach.

According to a data breach research conducted by Verizon, “43% of breach victims are usually small, growing businesses”. Also, the report highlighted, “Healthcare sector constituted 15% breaches, Financial industry constituted 10% breaches”. IBM informs that the average time to identify a breach in 2019 was 209 days which implies that businesses need to look at increasing the security infrastructure exponentially, since these breaches can lurk around for so long that by the time they have been identified, huge losses would have been incurred already by the businesses.

The mentioned tips for preventing data breach and other security measures provided by DLP tools can ensure a secure enterprise environment which stops any data leaks and data breaches from happening automatically or manually.

What is a Data Breach?

A data breach, also commonly known as data leakage is the release of sensitive and confidential data with the intent of causing huge losses to the business. Data breaches are not necessarily the result of hacker attack but could also be an insider job, therefore businesses should always take precautions to protect data from falling into the wrong hands.

Businesses receive and store huge terabytes of sensitive data such as client’s banking details, employee’s social security number, or project details, etc and data leakage would mean a complete or partial loss of data based on the mode in which data breach occurs.

Implementing new technological security practices and processes ensures that data leakages to be reduced to bare minimum and at the same time preventing data loss using Data Loss Prevention (DLP).
Types of Information leaked during data leakage:

Different groups or types of information which can be leaked

  • Financial and Banking Data: consisting of credit card numbers, bank details, and financial statements, etc
  • Personal Health Information (PHI): consisting of information related to past, present or future physical or mental health condition of individual
  • Personal Identifiable Information (PII): consisting of information related to identification, location, and contact details of an individual
  • Intellectual property Data: consisting of patents, client’s list, trade secrets, contact details, etc.
  • Sensitive Information: Consisting of meeting recordings, protocols, agreements, and classified documents.

Causes of Information Leakage:

  • Insider Threats: Insider threats included employees who have access to sensitive data and can turn back on the business in lieu of financial gain etc.
  • Payment Fraud: Credit card breaches result in payment frauds by creating illegal transactions. In this, Hackers set up fake online shopping stores offering a profitable deal, and then once a user inputs his/her card details, the information is stolen.
  • Loss/Theft: Sensitive information is at stack when mobile phones, laptop computers, or hard drive gets stolen. This physical act of losing the devices can result in huge losses to the business
  • Unintended Disclosure: The act of saving data in the non-secure location can mistakenly expose data on the internet. The worker hasn’t thought completely about the repercussions and thereby unintentional exposed data to the hackers.

Tips for Data Leakage Protection:

A data breach in the business’s storage system occurs silently and lurks in the background without the knowledge. Data is stolen gradually over several days and when the breach is identified already complete loss of data has occurred.

Several experts are of the opinion that data leakages are not completely preventable and therefore safeguard practices such as detection, containment and remediation should be thoroughly followed.

Some of the best practices that can help businesses prevent data breaches are:

  • Investing in the right security infrastructure: Investing in the latest security infrastructure can make the system more secure and less prone to data breaches.
  • Vulnerability assessments: Systematic and regular review to fill any security gap that is identified. This ensures that the vulnerabilities can be identified and mitigation steps can be taken for the same.
  • Simulated Penetration testing: Simulated testing to check for exploitable vulnerabilities in the system. This technique identifies the loopholes and helps in taking corrective measures to prevent any authorized access.
  • Staff Training: Staff training in a matter of security procedures and processes can help businesses by reducing the risk of unintentional data leakages. This in turn can increase the awareness of the staff in matters of security and help them in identifying the potential threats.
  • Policy for equipment use: Policy can be undertaken on the equipment to be used in the office premises. Questions such as whether the staff members should use their own devices or the devices provided by the business for sharing information are answered through this policy.
  • Compliance with data regulation: Major compliances ensure that all the service providers can work towards making their infrastructure secure by following the latest protocols
  • Data Breach Response Plan: The response plan ensures that all the steps will be predefined in case of a data breach. This ensures that the teams can calmly function and can help by further preventing any data losses.
  • Regular audits and assessment: Regular check-up audits can result in identifying any of the loopholes that may exist in the system and help in providing feedback on the working of the system.
  • Data Backups: Regular data backs needs to be maintained so that data copies are available in case data loss has been incurred.

Learn How FileCloud’s DLP can help you in preventing data breaches?

FileCloud enterprise storage and sharing solution (EFSS) not only provides you with the space for storing your data but also provides a workspace where you can collaborate with your team. Whether your preferred hosting option is an on-premise storage, cloud storage or a hybrid storage setup, FileCloud provides you all the necessary tools to prevent data loss and data breaches.

To make your stored files secure, FileCloud employs security protocols like end-point backup, 2 factor authentication, anti-virus scanning and ransomware protection along with more techniques. While your files are protected on the servers, many data breaches happen due to external sharing, hacks, social hacking and malware.

When there are so many invisible threats to sensitive data, you need a smart tool to employ rules which classify confidential and business critical data, identify violations of policies defined internally, prevent the data leaks from happening across all bases.

data leak prevention software

FileCloud’s approach to DLP relies on multiple layers of security, including:

  • User Management- monitors data access activities of the authorized personnel to identify any inappropriate activity taking place
  • Encryption and Data masking- Encrypts sensitive data rendering it useless for the hackers to extract information
  • Data loss prevention- monitors and inspects data at rest, in motion, and while it is stored on the server.
  • Behavior Analytics- uses the latest machine learning to detect patterns and identify potentially malicious activities
  • E-discovery and data classification- keep track of the information to comply with the data compliance. Data is classified to make searching files and data easy.
  • Audit trails- Keep track of all the activities currently undergoing in the cloud system and keeps track of users
  • Alerts: Uses Artificial Intelligence for keeping track and notifying the admin in case of data breaches.

Data Leak Prevention Technology – Top DLP EFSS Solutions 2020

Data leak prevention technology

 

Data Leak Prevention Technology:

Data leak prevention technology keeps sensitive corporate data secure by identifying potential data breaches and helping to eliminate them. DLP software classifies, regulates confidential business data, and identifies data violations typically driven by regulatory compliance such as Federal laws, HIPAA, FINRA, and EU-GDPR. Once the violation or data breach is identified, DLP enforces immediate remedial measures such as alert messages, access restriction, and other measures that prevent end-users from sharing data that could put the organization in jeopardy.

What Is Data Leak Prevention?

Data leak prevention (DLP) combines the power of security tools and strategic processes to ensure that company’s confidential data is not lost, misused, or accessed by unauthorized users. Simply put, Data leak prevention is a strategy that makes sure that end users are not able to intentionally or accidentally destroy or steal the company’s data. The enterprise must have a data leak prevention policy so that all the access control are predefined and linked to the data.

This prevention strategy should be covered by the EFSS solution which you use to store and share organization files. With the correct data protection policies and systems, you will be able to reduce or eliminate data leak incidents.

Top Data Leak Prevention Solutions 2020

FileCloud

FileCloud offers 360° protection with smart data leak prevention technology to ensure accidental data leakage. FileCloud’s real-time data prevention capabilities control user actions (login, download, share) based on the IP range, team groups, user types, email domain, folder paths, metadata and many more rules. FileCloud also integrates with existing security information and event management (SIEM) tools to provide more stringent data leak prevention. FileCloud’s evaluates user actions in real-time and logs rule violation reports for future auditing.

FileCloud helps enterprises comply with HIPAA, FINRA, ITAR, EU-GDPR, and other data privacy regulations. Smart DLP can be extended to the on-premise server as well as the cloud server, thereby offering flexibility to businesses in selecting the right fit for them.

Dropbox

Dropbox offers a data leak prevention technology solution in collaboration with Symantec. The security to the Dropbox cloud is provided by Symantec CloudSOC that safeguards organization against data loss and threats that targets cloud accounts. The Cloud Access Security Broker (CASB) technology by Dropbox protects businesses against any threats that may impose danger. The post data analysis of user activity helps in identifying the potential threat that an insider could pose to the confidential data.

Box

Box data leak prevention technology helps with data security, access control and mitigates security challenges. Box DLP helps in avoiding the deletion or exposure of confidential data stored on company networks and servers. Box offers granular access permissions, and activity monitoring and significantly reduces data security risks associated with malicious activity and unauthorized sharing.

Egnyte

Egnyte DLP solution helps in identifying, classifying, and protecting your business data. Egnyte takes a proactive approach in content governance and provides insights into detecting unusual file behavior. File access control in real-time ensures that businesses can be strategic in their approach while deciding the security rules. The intuitive self-service experience that Egnyte offers help in protecting your business data and keep you compliant with latest business regulation.

ShareFile

Citrix’s ShareFile data leak prevention technology is offered in partnership with Digital Guardian and Code Green Networks. This solution mitigates the risk of data leakage by leveraging ShareFile’s APIs to move or revoke access to the files that contained sensitive information. You can classify and restrict data flow thereby having more control over the security aspect of the storage and data transfer. This allows you to find a sweet spot between security and usability that best fits your organization.

OneDrive

Microsoft OneDrive’s DLP policy identifies sensitive information including financial data and personally identifiable information. The sensitive information is monitored and protected from accidental sharing. It helps in staying compliant with the global guidelines without interrupting the data workflows. Also, you can view the DLP reports that help you make better security decisions. With OneDrive’s DLP you can restrict the sharing of sensitive data, define actions that must be taken in case of a data breach, audit incident reports, and set priority for user accounts.

How FileCloud Data Leak Prevention Technology Safeguards Your Data?

  • Detects threats in FileCloud accounts: Using advanced data science and machine learning technology we analyze the user activity and identify risks that pose a threat to your business data.
  • Protects data in FileCloud accounts with Smart DLP: Protect your business data in FileCloud with the same policy frameworks and workflows that your company uses across your organization.
  • Network control and flexibility in inter-operability: Empower organizations to limit the use of unauthorized personal accounts on networks while allowing access to company-managed accounts using access control settings.
  • Detects risky user activity: User activity Analytics identifies potentially risky user activity and enables automated policy controls to secure your business data and accounts.
  • Powerful encryption technology to protect user data:  Protecting your organization data with automated policies and encryption to prevent accidental or malicious sharing of data.
  • 360 ° analysis of user activity: Quickly assess activity that may impact your FileCloud accounts with detailed information and extensive log filtering capabilities.

Advantages of FileCloud’s Data Leak Prevention:

  • Data protection from external and internal threats: DLP can detect files that contain confidential data and prohibit them from leaving the network. The sensitive data transfers can be instantly blocked using Smart DLP in case of a data breach. Apart from this, DLP policies also provide for quarantine or encryption of data in real-time in response to events.
  • Auditing capabilities and compliance with regulations: Accountability in terms of collection, storage, and sensitive data needs a mechanism for the compliance and auditing capability fills that gap. Consequences of non-compliance can include fines or complete cessation of business operations. DLP sought out a path that provides control, policy template, automate compliance, and the collection and reporting of metrics.
  • Forensic data and E-discovery: DLP technology allows for capturing and archiving of evidence for forensic data analysis. Monitoring via DLP can include email, instant messaging, keystrokes, documents accessed, and application used. Also, in case of a lawsuit or investigation, the forensic data can be used as evidence when data is sought in electronic format.
  • Automate corporate governance: DLP capabilities help you in the enforcement and automation of corporate policies and processes. This can bring in technical and organizational efficiencies, promote compliance, and bring in transparency in information governance. Automate corporate governance enables for selecting an appropriate policy template on your system that will help in bringing in more accountability.
  • Complementary data controls: DLP comes with complementary data controls such as data classification and data tagging, encryption, security information and event management, and incident response system. These features ensure that your complete data is safe on the cloud storage system. Complementary control along with DLP ensures that no data is accidentally exposed. DLP can monitor data in transit, at rest, and ensure that it is safeguarded and protected.

Use Case: Limiting the Web login to a specific group of users

With FileCloud’s Smart DLP you can limit certain external users to log in only through a web interface and no other means for accessing the account. You can create a Smart DLP rule that allows login to FileCloud account through a web browser only. These rules are easy to implement and provide flexibility in the security of the data. FileCloud’s Smart DLP is your goto solution for making the cloud ecosystem more transparent, accountable, and protected.

Top 10 File-Sharing Solutions in 2020

Top File Sharing Solutions

In our age of information, most modern enterprises have started to move towards the digitization of data. Never have there been quite so many enterprise file-synchronization and sharing (EFSS) solutions available on the market — and while a wide range of choice is always good, it also makes it much more difficult to choose the perfect solution for your organization. 

After all, investing in a solution that offers either too little or too much functionality can cost you valuable time, money and resources. And no one wants that! As such, we’ve put together a list (in no particular order) of great EFSS solutions for your consideration, so that you can pick the one that offers all the features your enterprise might need, while remaining affordable and within your price range. 


Our Criteria

Naturally, being one ourselves, we have compelling opinions about what makes a fantastic EFSS solution. Here are the factors that we’re taking into account when choosing our list of Top 10 Enterprise File Sync and Sharing solutions on the market:

  • Pricing: Shelling out the big bucks doesn’t always mean you’re getting the best solution. Aside from the base price, making sure a solution offers the features that you need (for example, unlimited client accounts) could save you tens of thousands of dollars in the long run.
  • User Interface: What good are all the features in the world, if you and your team can’t figure out how to use them — or worse, if they’re hidden in so much clutter that using them feels more like a chore than a convenience?
  • Data Governance & Compliance: If your organization regularly handles sensitive data, you might be familiar with data governance policies, such as HIPAA or GDPR. A good solution helps you comply with these policies and avoid hefty legal fines by offering granular file-access, user policy management and data residency.
  • Data Security: Features like remote data-wiping, encryption in-transit and at-rest, Data Loss Prevention (DLP), Two-Factor Authentication (2FA), and alert notifications help keep your data in the right hands, even when devices are stolen or lost. That’s pretty important!
  • Integration: More than likely, you and your team uses Microsoft Word or Google Docs as your main word processor. Perhaps you send your emails via Outlook. A good EFSS solution integrates with popular office programs such as Microsoft Office 365, Google Drive and Outlook, so that your workflow stays uninterrupted.
  • APIs: Besides integrating with commonly used programs, the ideal EFSS solution should offer a wide range of APIs so that it can work and interact with the software that your team uses.
  • Customization: When your team, customers, partners and vendors access your files, do you want them to see the EFSS solution’s logo plastered across everything, or do you want to be able to label your portal with your own logo, assets and branding?
  • Mobile & Remote Access: You might not have constant access to your office computer, or even your laptop, but most of us always keep our phones around.
  • Administrative Tools: A great EFSS solution doesn’t just make it easier to collaborate and share files, but also to manage your team. An admin panel for you and your sysadmins to manage user policies, view real-time performance reports and a centralized device dashboard, plus other security tools, is a must.
  • Collaborative Tools: As more and more enterprises move to remote work, we believe that it’s not enough for modern EFSS solutions to simply store files, but also to provide tools for easier, more efficient team collaboration. These include common team folders for remote teams to share files with each other, the ability to comment on files and send messages to each other while working.
  • Identity Management: This means integration with standard enterprise identity solutions, such as Active Directory (AD) and Single Sign-On.
  • Virtual Drive: The ability to mount remote files as local files, so that data is only downloaded when they are being accessed and edited. This means a lot less memory usage on your part, and tons of space saved on your hard drive.
  • Content Management: A good file-sharing solution offers file-versioning, metadata classification, user policy management and light workflows for the easier management and organization of your team’s hard work.

Now that we’re on the same page about what the perfect EFSS solution looks like, without further ado, let’s move on to what you’re here for: the list!


1. FileCloud

Browsing Folders - FileCloud - FileCloud Support

  Pricing: FileCloud Online: $10/user/month (Standard), $15/user/month (Enterprise) || FileCloud Server: $4.20/user/month | FileCloud Server: Contact for Quote

✓  Storage: FileCloud Online: 1TB out-of-the-box, +100GB/user  (Standard), +200GB/user (Enterprise)  || FileCloud Server: Unlimited

✓  Security: FileCloud is compliant with all the most stringent data governance policies, such as HIPAA and GDPR. Encryption at rest and in transit, 256-bit AES encryption, granular file-sharing, password-protected, public and private shares.

✓  Features: From deployment models to unlimited client accounts, branding capabilities and more, FileCloud is filled with incredible enterprise-level features.

Naturally, we’re proud of our own product and firmly believe FileCloud to be one of the most powerful and affordable EFSS solutions on the market. FileCloud offers on-premise, public and a unique hybrid cloud deployment model. This deployment flexibility separates FileCloud from its competitors, and ensures that your team can enjoy the benefits of both on-premise and cloud storage systems — read more on our hybrid infrastructure here.

Our pricing is also one of the most affordable on the market, while offering larger storage plans, better enterprise-level features, and unlimited FREE external client accounts — all great for your wallet and your ROI. Feature-wise, we consider seamless, remote access to your data as the bare minimum that a good file-solution should offer. Collaborative and content management tools, a comprehensive admin panel, plus infinite customization options are all features that ensure not just your team, but also your clients and sysadmins get in on the enhanced EFSS experience.

Last but certainly not least, FileCloud is compliant with most data security governance policies, meaning that you’ll never see your organization’s good name tainted in headlines labelled with “Security Breach” or “Data Leaks”. Plus. it’ll save you tons on the fines and fees that’ll rack up if you go with a less-secure option.

ProsCons
Affordable, no paywalls, money/time-saving featuresUnfortunately, FileCloud isn't an open-source software.
Compliant with all data security governance policies With all these features, FileCloud's UI can get a bit complex for beginners and laymen
Integration with most common office softwares, APIs

2. Google Drive: GSuite

How to Find Anything in Google Apps - The Ultimate Guide to G ...

  Pricing: Free Plan: Free | Basic Plan: $6/user/month | Business Plan: $12/user/month | Enterprise Plan: $25/user/month

✓  Storage: Free Plan: 15GB | Basic Plan: 30GB | Business & Enterprise Plan: Unlimited, or 1TB / user if less than 5 users

✓  Security: Encryption in transit; no option to encrypt individual documents. Multi-factor authentication.

✓  Features: Google Drive comes with powerful, recognized collaborative tools, such as Google Docs, Sheets and Slides.

Having quickly risen in popularity over the past couple of years, Google Drive is now a powerful file-sharing solution on the market. A file storage and synchronization program created by Google, it’s best known for its collaborative capabilities via Google Docs, Sheets and Slides, which offer real-time collaborative editing of documents, spreadsheets and slides respectively. 

The solution’s enterprise plan, GSuite, comes with a similarly clean and intuitive UI, as well as integration with popular enterprise softwares such as Autodesk, Salesforce, and more. Apart from this, Google Drive for Business offers unlimited cloud storage, access from any device, offline file access, includes apps like Gmail, Google Keep, Google Sites, as well as enterprise-grade access controls, e-discovery for emails, chats and files.

However, reportedly, users have encountered frequent connectivity and syncing issues while using Google Drive. Plus, while Google Drive has fairly beefy data security with encryption in-transit and at-rest, human error on part of the developers has led to security issues, such as when Google Photos started sending private videos to strangers

ProsCons
Strong team collaborative toolsHas had major security issues through developer error
Clean mobile and desktop softwareOn the pricey end: $30,000 for 100 users/ year
Allows offline mode and offline file-editingKnown occasional syncing issues

3. Dropbox

Dropbox -

  Pricing: Basic Plan: Free | Plus Plan: $11.99/user/month  | Professional Plan: $19.99/user/month

✓  Storage: Basic Plan: 2GB | Plus Plan: 2TB | Professional Plan: 3TB

✓  Security: AES 256-bit encryption for data at rest and AES 128-bit encryption for data in transit; however, known past security issues

✓  Features: Unique “Paper” and “Showcase” features: basic “Notes” and “Portfolio” app respectively

Of course, we’d be remiss to not mention Dropbox in a file-sharing solution comparison post. With its clean, intuitive UI and easy-to-use features, Dropbox has become a well-known, household name in terms of file storage. Dropbox also offers password-protected links, integration for Office 365 and Google Drive, and strong administrative tools. However, while it certainly has its pros, we feel strongly that there are better enterprise-level file-sharing solutions — and here’s why. 

Due to the system’s popularity, it’s always been a popular target for hackers. Even now, it doesn’t offer local encryption. Their customer service certainly leaves more to be desired, as seen from their lack of 24/7 customer support.

And above all that, despite having fewer features than many enterprise-level solutions out there, Dropbox is far from the most affordable on the market, especially with their 5-user minimum. Plus, with their measly 2GB- free storage and paywalls for unlimited storage, it certainly feels like the solution is out to milk their users dry.

ProsCons
Clean mobile and desktop applicationsDisappointing 2GB starting storage space
Automatic synchronization of files and foldersFrequent past security issues
"History" feature allows access to past versionsPricier end of things, 5 user minimum

4. Box

Cloud Storage Services for Business Use - armix.one

  Pricing: Box Starter: $5/user/month | Box Business: $20/user/month | Box Business Plus: $33/user/month | Box Enterprise: $47/user/month

✓  Storage: Box Starter: 100GB | Box Business: Unlimited | Box Business Plus: Unlimited | Box Enterprise: Unlimited

✓  Security: A regulatory-compliant Zero-Knowledge Provider. Tools to manage user perms and customer-managed encryption keys.

✓  Features: Secure collaborative and project-management tools, as well as rule sets for work-flow automation

While perhaps less of a household name than Dropbox, Box, founded in 2005 and based in California, is also an incredibly strong contender on the EFSS market. With tools that integrate with other services, like Google Docs, Box also goes above and beyond in offering custom branding capabilities and letting users create a professional appearance for their organization.

Plus, Box’s security is nothing to scoff about, being a uniquely zero-knowledge provider and offering tons of options for encryption and user management.

Unfortunately, with their heavy local encryption, Box transfers tend to get slow — something that could impede or even cripple the seamless remote workflows that have become the norm today. Box also does not offer any options for on-premise or self-hosting, nor local storage, and does not perform end-point backups. Plus, while it certainly provides tons of enterprise-level features, it’s also significantly pricier than almost any solution on the market.

ProsCons
Platform-independent, apps for most major devicesMore expensive than most competition
Secure, regulatory-compliant solutionLocal encryption can slow file transfers
Tons of features, intuitive to useNo on-premise or local storage

5. Egnyte

Egnyte Business Review | PCMag

  Pricing: Office Plan: $8/user/month | Business Plan: $20/user/month | Enterprise Plan: Contact for a quote

✓  Storage: Office Plan: 5TB | Business Plan: 10TB | Enterprise Plan: Scales with your needs

✓  Security: Standard encryption, includes user and group access permissions

✓  Features: What stands out most with Egnyte is their great auditing system which timestamps user activities, plus a robust access permission system.

Egnyte has recently become one of the leading choices for enterprises, claiming to have been designed with businesses in mind. Egnyte provides the branding capabilities to customize logos, URLs and message headers, providing a more professional look. In addition to useful sharing and collaborative features, Egnyte also provides great security features, such as intuitive access permissions and encryption. It also integrates with most operating systems and devices. 

Unfortunately, there have reportedly been frequent sync/network problems with the solution. While robust in features, Egnyte provides little documentation for these features — combined with poor customer service, creating a steep learning curve for their product. There are also paywalls for features such as audit reports and storage sync, for an already-relatively-high price tag.

ProsCons
Great security measuresMore expensive than most competition
Robust user and group permissionsNo Linux support
Custom branding capabilitiesReported network and sync issues

6. OneDrive

Microsoft updating OneDrive with better web UI and sharing options ...

  Pricing: Business Plan 1: $5/user/month | Business Plan 1: $10/user/month | Microsoft 365 Business Basic: $5/user/month | Microsoft 365 Business Standard: $12.50/user/month

✓  Storage: All Plans: 1TB – extra storage space can be purchased separately for up to 1TB/$9.99/month

✓  Security: Standard encryption, file-locking, paywalls for SSO/SAML Authentication

✓  Features: Advanced sharing, mobility and security. Heavy integration with Office software.

Microsoft OneDrive is a file hosting service and synchronization service operated by Microsoft as part of its web version of Office. Naturally, this Microsoft-based solution heavily integrates with Office 365 programs that most teams use, such as Microsoft Word, Excel and Powerpoint, as well as Outlook, which is a huge plus. Certain plans even grant access to said software. It also provides encryption at rest and in transit. Overall, it has robust features that make it a strong solution, as expected from Microsoft.

Unfortunately, data privacy issues have surfaced time and time again with large corporations, and OneDrive is no exception. When using this solution, Microsoft can scan your files for “objectionable content”, stating that file security cannot be guaranteed for said content.

ProsCons
Integration with Office 365 programsFile-size limit of 10GB
Provides file-versioning featuresNo on-premise / self-hosting options
Great security measuresSecurity measures locked behind paywalls

7. OwnCloud

ownCloud Phoenix - rebirth of the ownCloud user interface – ownCloud

  Pricing: Standard Subscription: $3,750/50 users/year | Enterprise Subscription: $9,000/50 users/year | Custom Subscription: Custom pricing for 10,000 users and above

✓  Storage: Unlimited Self-Storage Space

✓  Security: Standard Encryption, Multi-Factor Authentication, NTFS Support

✓  Features: Custom branding, open-source customizability, local storage options

ownCloud is a reliable file sharing infrastructure with a client-server architecture, allowing users to setup a complete private file-sharing service with data encryption server side while avoiding popular public ones like Google drive or Dropbox. An open source solution, it offers rich features and the ability to use on-premise / self-hosting.

However, most potential users balk at the massive price tag of $9,000/50 users/year — even if you divide that into per user per month, it’s still pretty hefty — especially compared to available file solutions that have the same features while staying at 1/4 of that price! Due to being open source, there’s also a lack of a strong support system, and poor documentation. It also doesn’t offer endpoint backup, nor granular subfolders.

ProsCons
Feature-rich, open sourceRelatively high cost
Support for local storage and on-premiseNo endpoint backup or granular subfolders
Work across all popular operating systemPoor support and documentation

8. Citrix ShareFile

Localized ShareFile WebUI available | Citrix Blogs

  Pricing: Standard Plan: $55/5 users/month | Advanced Plan: $85/5 users/month | Premium Plan: $135/5 users/month | Virtual Data Room Plan: $375/5 users/month

✓  Storage: Unlimited Storage Space

✓  Security: Standard encryption and SSL/TLS. Recovery sites in both the US and EU.

✓  Features: Collaborative and productivity-enhancing tools, custom electronic signature tool. File-versioning features.

Sharefile is Citrix’s enterprise-class cloud storage solution, and they’re well-known in the commercial software and service industry. Notable features of Sharefile include an auditing system that generates activity reports, integration with Single Sign-On, download alerts, and two-factor authentication. This cuts down on the amount of time it would take to print out a document, sign it, and scan it to the cloud.

Unfortunately, despite their generous offer of unlimited storage, they do have a file size limit. The solution itself doesn’t support Linux. Plus, with a standard plan starting at $55, paywalls for features and their enforced 5-user pricing plan, it’s safe to say that Sharefile isn’t the most affordable solution for smaller organizations. Reportedly, Sharefile’s licensing plans are also misleading.

ProsCons
Great security measuresFile-size limit of 10GB
Provides file-versioning featuresNo Linux support
Simple to use, clean user interfacePricey, misleading licensing plans

9. NextCloud

Nextcloud 16 introduces machine learning based security and ...

  Pricing: Basic Plan: $2,136/50 users/year | Standard Plan: $3,823/50 users/year | Premium Plan: $5,510/50 users/year

✓  Storage: Unlimited Self-Storage

✓  Security: Standard Encryption, SSO, SAML Authentication, 2FA, File-Locking

✓  Features: On-Premise and Cloud file-hosting, large file support, local storage support, OS compatibility

While NextCloud is a free, open-source software, NextCloud Enterprise comes as a powerful, pre-configured EFSS solution that takes some of the guesswork out of configuring their free, alternative solution. It certainly totes the basics expected of any EFSS solution, such as audit logs, a desktop sync client and user management, and has great security with end-to-end encryption.

Unfortunately, similar to ownCloud, which NextCloud was a spinoff of, the open-source software can come with a lack of support and documentation. As such, many deployments, updates and bug fixes fall to you and your team — wasting precious time that could have been used on other productive activities.

ProsCons
Strong collaborative featuresLack of support and documentation
Good security measures, with encryptionSelf-dependent for updates
Compatible with common operating systemsOn the pricier end of things

10. Syncplicity

Syncplicity Cloud Storage Service Review | Cloud Storage Advice

  Pricing: Personal: $5/user/month | Business: $5/user/month | Enterprise: Contact for quote | Government: Contact for quote

✓  Storage: Personal: 100 GB | Business+: 300GB

✓  Security: Standard encryption in-transit and at-rest, SSO, 2FA

✓  Features: Hybrid solution, remote access and mobility

For a solution that’s much less popular and well-known, Syncplicity offers a surprising punch with their rich features, hybrid hosting options, great security, file restorations and backup. In addition, good things have been said about their customer support, with online chat and a 24/7 phoneline. 

At a price of $60 for even the lowest personal plan and a whopping minimum of 25 users, Syncplicity is far from the most affordable solution on the market. Syncplicity also doesn’t support customer-managed keys. Plus, Syncplicity uses a traditional interface — great for the early 2010’s, but perhaps not the most modern for today’s standards.

ProsCons
Hybrid file-hosting solutionHigh user minimum, expensive
Great customer service, 24/7 supportNo user-managed encryption keys
File restorations and automatic backupLow storage - 300GB

Protecting Remote Work Data From Cyber Threats

The COVID-19 pandemic has thrown up many challenges for enterprises across the world who have adopted remote work culture full time. Certain statistics out in the public domain suggest that work from home culture is not new to many organizations. Across the world, many organizations were already following this, either fully or in parts. Many employees had the flexibility to work from home at least once a  week or so. Of course, there were many sectors where this would not be true. But in most IT and enabled sectors, this holds good.

What has changed though with the COVID-19 crisis is the choice to work from home or office. Many governments across the world have made it mandatory that organizations provide work from home options to their employees, wherever applicable. Thus, the COVID-19 situation has resulted in a great jump in the remote work statistics, as compared to a few months back. While for a few companies, it was just a matter of institutionalizing their already existing work from home policies, for many others, it meant exploring options to make it possible. Either way, business continuity plans of enterprises are changing, to include considerations and challenges around the remote work culture.

The Statistics

A State of Remote Work 2019 survey published by OWL Labs based on respondents in the US, suggests that ‘54% of respondents work remotely at least once per month, 48% work remotely at least once per week, and 30% work remotely full-time’. The survey covered respondents across all levels of people like individual contributors, team managers, consultants, directors, VPs, and more. It also covered industries like Healthcare, Education, Retail, Financial Services, Manufacturing, Technology/Internet, Government, Hospitality, and more.

Considering this scenario of last year, it is safe to assume that these numbers would have jumped by leaps and bounds owing to the COVID-19 situation. And it would be the same across the globe, as governments are trying to curb the spread of the disease by minimizing the people to people contact. Workplaces with centralized air conditioning were a cause of major worry as chances of one person infecting many others were high. So, it appears as if remote work is here to stay and all challenges around it need to be addressed by the organizations, on priority.

The Challenges

Almost all issues surrounding the remote work mode are about security. Within secure corporate environments, data is protected by means of necessary precautions put in place. So, there is not much onus on employees to worry about the security aspect. Since they will be working with company-issued laptops, that will have company authorized software that also includes security aspects, there is a sense of safety. This scenario changes drastically when the employees start working remotely, as they could be working from home or elsewhere.

Problems range from using public Wi-Fi, not being aware of scams and phishing that happen in the cyber world, and a simple thing like just leaving your laptop open when moving around. Issues come in the form of a snooping housemate, to cyber attack experts who will be on the prowl. It is assumed that people working from home will be slightly lax on the security front, (knowingly or unknowingly) and they will take their chances.

Why is Cybersecurity Important?

Cybersecurity is something that should be given prime importance, and many organizations have learned this at a great cost. According to a report published in the Cyber Defense magazine quoting multiple sources, 43% of the cyber attacks were targeted at small businesses. 31% of organizations have experienced cyber attacks on operational infrastructure and malware is the most common type of cyber attack. The same report further states that the annual cost of cybercrime damages is expected to hit $5 trillion this year (2020).

A very interesting statistic put up here is that 95% of data breaches have causes attributed to human error! This is why awareness training for employees is important. Hackers are certainly becoming better at identifying and manipulating vulnerabilities in IT systems. This has also lead to an increase in cybersecurity budgets of organizations, and in the current situation perhaps, more so.

The Organizational Changes

From an organizational point of view, it is important to ensure that every employee working remotely is made aware of the risks involved.  Comprehensive training covering all aspects, including probable cyber threats and how they happen, should be conducted. Also, it is important to make people aware of the consequences, so that maximum caution is applied while working remotely. The IT environment should be strengthened in such a way that people can work from elsewhere securely.

All end-point devices should be safe, should be monitored for any mischievous activity, and the device and identity should be protected to make sure misuse cannot happen. Multiple factor authentication using strong passwords, 2FA, etc. should be adopted. If the enterprise is already using Cloud services, then the security policies may be revisited to ensure all necessary compliances are in place. Also, in such cases, employees should be given access to collaboration and office productivity tools to make sure all communication remains within the gambit of defined security measures.

The Suggestions

There are some simple steps that can be taken to ensure a reasonably good level of security for remote work. The main among these perhaps is something that most organizations would have already put in place. This is to ensure anti-virus software on employee laptops. Depending on the mode using which the employees access the corporate network, this can ensure the basic security at the end-point.

An important thing to remember is to ensure updates of anti-virus or any other security solutions across. These solutions are being updated to detect more vulnerabilities on a day to day basis. Hence, unless the updates are synced across the organizational devices, the benefits won’t be seen. Public Wi-Fi or even the home Wi-Fi can be easily hacked. Using public Wi-Fi should be avoided totally and home Wi-Fi should be protected with strong passwords that are changed often. The Wi-Fi settings should be changed to enable the highest possible encryption.

Using VPNs may be a good option to ensure a secure connection to the corporate resources. Since every enterprise is dealing with confidential information exchange, the laptops should never be left unattended and open. Breaches have and can happen unintentionally by this simple oversight also. Employees should be trained to follow all corporate communication policies and should only use official communication channels. No local copies of documents and reports should be maintained unless absolutely essential and permitted to do so.

Another safeguarding measure that employees should adopt is to report any untoward activity, mail, or suspicious documents and links, immediately to the IT/security department. This can ensure any breach is caught immediately. One of the alarming aspects of breaches has been that it is usually too late (as much as six months) by the time they are reported and found. Employees being aware and vigilant can contribute a lot to the organizational security policy.

In conclusion, a secure IT environment with aware and empowered employees, and good supporting security and collaboration tools can ensure protection from cyber threats.

 

Reference for the Suggestions: https://www.kaspersky.com/blog/remote-work-security/34258/

Secure Client Portal for Sensitive Business Data

While the internet and the related technologies enabling collaboration and client outreach opened up tremendous possibilities, it also introduced its own challenges. In today’s day and age, it’s almost vital for businesses to operate on a 24/7 basis to ensure availability and convenience for their customers. Plus, with more and more businesses transacting online, more and more digital information is being shared and stored.

Naturally, this also means that the issue of data misuse, breaches, loss of information, or cases of fraud and phishing, also started happening. Hence, businesses started looking out for a secure option with which sensitive business data could be shared online, without having to worry about security issues. Secure client portals were the answer to this solution, especially for businesses that constantly handle highly sensitive data.

What is a Secure Client Portal?

As the name suggests, it is a portal that enables safe and secure communication between businesses and its customers; for example, banks offering online transactions, or any business obtaining sensitive information to transact with their customers. The usage of a secure portal ensures that the customers feel at ease sharing their personal and confidential information, knowing it is going to be dealt with, considering its sensitive nature.

While customers are granted access to the secure client portal and feel a sense of security transacting through it, it is also true that each customer would only be granted access on a need basis. So, no customer can access any other customer’s data as the permissions for the same will be restricted in a secure client portal. Each customer’s business data is treated with equal care and sensitivity, and hence, privacy and security are maintained to the maximum possible level, using secure gateways. Simply put, secure client portals are a way to collaborate efficiently, in a completely secure environment.

It is obvious, then, that a secure client portal can indeed solve the aforementioned challenges of online data management. However, apart from security, these portals do offer a few other benefits that businesses and their customers can leverage upon.

High Availability

The convenience of being able to access the portal any time, from anywhere, using any browser or device, is a massive benefit that secure client portals offer. FileCloud offers this via its  High Availibility architecture. Based on their permissions, they can access any file, or information, can download, work, and share files at ease. This ensures a 24/7 availability and also minimizes the inconvenience of time zone differences, enabling seamless employee collaboration over even international borders.

This would also result in increased productivity for the business, as the work happens faster, more seamlessly, and can be seen by necessary stakeholders through their secure logins. Time is money in today’s rapid business scenarios, and in turn, your customers will quickly realize that they are saving on time and money.

Improved Client Experiences

By creating branded client portals, businesses can engage more easily and confidently with their clients. This will lead to better client relationships through improved client experiences. Faster transactions are also a good way to enhance client experiences. After all, it’s not uncommon for today’s folk to shy away from calls, chats, and emails — not to mention the risks of sharing sensitive information through chat and email.

Secure client portals solve this problem by enabling file and information sharing easily with the requisite permissions to ensure work is done. Highly customizable features with complete ownership and management of data, make secure client portals a wise choice for companies that regularly handle files and information of highly sensitive nature such as invoices, purchase orders, legal documents, financial statements, tax returns, and personal and payment-related information.

Of course, anyone can tell you that improved customer experiences mean greater customer retention, as well as an influx of new customers from word of mouth. These are the intangible benefits that gained from the usage of secure client portals. Today, many industries admit that secure client portals have revolutionized their services and have helped them raise the bar.

Cost-Effective

In the long run, secure client portals can bring down your cost of operations by a considerable amount. This is especially true if you decide to go with cloud service providers, instead of setting up a client portal of your own. Cloud providers are bound by the regulations and compliances to provide the requisite security as per agreed standards. Based on the flexibility offered by them and the nature of your business, it’s likely that you could negotiate a reasonable deal with these providers that could greatly benefit your business at an affordable investment. When considering considering all the delays, collaboration or customer issues that otherwise keep cropping up, not to mention the hassle of compromised security, secure client portals based in cloud services could greatly maximize your ROI.

FileCloud lets you run your portal under your own business domain and offers unparalleled custom branding capabilities. Create a secure client portal for file sharing in minutes using FileCloud.

What is a Record? What is Records Management?

Record is a document or content that an organization need to keep as an evidence for an important transaction, activity or a business decision for regulatory, compliance and governance purposes. Not all documents are Records. Only a subset of documents that an organization need to preserve as an evidence are called as Records.

What is Records Management?

The ISO 15489-1: 2016 standard defines records management as “the field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records, including the processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records”

What is Records Retention Schedule?

A records retention schedule is a document that identifies and describes an organization’s records and the lengths of time that each type of record must be retained. To give and idea ,the following section shows the general record keeping requirements of Texas State for statutory purposes. Every organization can have thier own set of record keeping requirements and records retention schedule which are dictated by industry and government compliance requirements.

      Wage and hour laws (FLSA) – while some payroll records need be kept only two years, most must be kept for at least three years under the federal law (FLSA); to be safe, keep all payroll records for at least three years after the date of the last payroll check.
      Unemployment compensation – keep all records relating to employees’ wages and other compensation, as well as all unemployment tax records, for at least four years.
      Family and Medical Leave (FMLA) – keep all payroll, benefit, and leave-related documentation for at least three years after conclusion of the leave event.
      I-9 records – keep all I-9 records for at least three years following the date of hire, or for one year following the employee’s date of last work, whichever point is reached last.
      New Hire reporting – report all new hire information within 20 days of hire.
      Hiring documentation – under EEOC rules, all records relating to the hiring process must be kept for at least one year following the date the employee was hired for the position in question; if a claim or lawsuit is filed, the records must be kept while the action is pending.
      Disability-related records (ADA) – keep all ADA-related accommodation documentation for at least one year following the date the document was created or the personnel action was taken, whichever comes last.
      Benefit-related information (ERISA and HIPAA) – generally, keep ERISA- and HIPAA-related documents for at least six years following the creation of the documents.
      Age-discrimination documentation (ADEA) – keep payroll records for at least three years, and any other documents relating to personnel actions for at least one year, or during the pendency of a claim or lawsuit.
      OSHA records – keep OSHA-related records for at least five years.
      Hazardous materials records – keep these for at least thirty years following the date of an employee’s separation from employment, due to the long latency period for some types of illnesses caused by exposure to hazardous materials.
      State discrimination laws – keep all personnel records for at least one year following an employee’s last day of work.
      IRS payroll tax-related records – keep these records for at least four years following the period covered by the records.

In the financial industry, Registered broker-dealers are subject to a variety of record-keeping requirements enforced by the U.S. Securities and Exchange Commission and self-regulatory agencies such as the Financial Industry Regulatory Authority (FINRA). SEA Rules 17a-3 and 17a-4, specify minimum requirements with respect to the records that broker-dealers must make, how long those records and other documents relating to a broker-dealer’s business must be kept and in what format they may be kept. FileCloud’s Financial Services Compliance white paper shows the retention periods of various records that Registered broker-dealers need to preserve as per FINRA rules.

How FileCloud can help you in managing your enterprise records?

FileCloud offers powerful record management and governance features that allows organizations to create flexible retention and archival policies to meet any compliance requirements. The following screenshots show how one can create retention schedules for different types of records.

Retention Policies


Create Retention Policies

digital workspace

Common Mistakes to Avoid With Online File Storage and Sharing

The cloud has become the standard for file storage and sharing today. There are many advantages to using the cloud. Millions of individuals and organizations across the world depend on the cloud to complete tasks and operate smoothly. However, there are also issues including security risks which can compromise the safety and efficiency of your cloud environment. In this article, we’ll look at some common mistakes that you may be making when storing and sharing your files online.

1. Failing to Upgrade Security on End-Point Device

We all know the importance of choosing a secure cloud storage platform, and we often focus on this while neglecting the security on end-point devices. This can be risky because if your device is not secure, the moment you download a file on it, there is a window for hackers to get access to that file.

It is relatively easy for individuals or small organizations to ensure the security of their devices. You simply need to have everyone in your organization install good anti-virus software and keep it updated. For large organizations, it can be costly (in terms of IT man-hours and licenses for anti-virus software) and time-consuming.

The best way to guarantee absolute security for online file storage and sharing in your organization is to choose a virtual desktop infrastructure (VDI) like FileCloud. You can choose to use our cloud storage platform or integrate FileCloud VDI into your in-house server and have your own Dropbox-like file storage and sharing platform. But it gets better, with FileCloud VDI, your employees work in a virtual environment. This eliminates the chances that your files will be compromised by poor security on end-point devices. What’s more, this is a more affordable option and it will be easier to maintain the security of your data center. FileCloud comes with a range of security tools including

2. Giving Too Many Users Admin Privilege

There is a saying that “too many cooks can spoil the stew.” Yes, this is true and you don’t have to be a master in the kitchen to know that this also applies to online file storage and sharing in an organization. The simple fact is that if too many people manage your cloud platform and have access to admin settings, there are greater chances that one of a clash in their roles. For example, one user with admin privilege can inadvertently change some vital security settings on your cloud platform, and this could put your files at risk.

One way to solve this is to limit admin access to only top excutives and IT experts in your organization. Another option is to use VDI. VDI platforms like FileCloud give you full control over the file sharing and storage processes in your organization. The level of proviledge that each indivdual gets is determined by the person’s role in your organization. You can choose to give particular people admin priviledge, you can also lock files to prevent anyone from downloading or editing them. FileCloud even allows you to access File Analytics and Reports so you know who is doing what and accessing particular files on your platform.

3. Downloading Data from a Protected Platform and sharing it via an Unprotected Route

Collaboration is the lifeblood of every organization. Every day, different people may have to work on a set of documents. Therefore, there is an exchange of data among them. It often happens that one person can download files from a cloud storage platform and choose to share it via email or even create a shared link and send it via Skype or any other communication platform. Yes, this is a convenient way to promote collaboration but it is very risky in terms of security. Hackers could access the data while it is in route or get the shareable link and go through your files.

You could make it a company policy that files are only shared via a secure cloud platform. You could also opt for a VDI platform like FileCloud which is designed with a focus on collaboration and security. FileCloud encrypts your files when they are in transit and in storage. Also, the platform is fitted with a range of tools to promote collaboration including allowing users to leave comments on files and sending notifications when a shared file has been changed.

4. Accessing Your Files from an Unprotected WiFi

We’ve all been faced with the need to access sensitive files while away from the office. Maybe you were at the coffee shop or even visiting a friend and you decide to log into your work storage platform to access particular files and quickly complete some pending work. This is understandable, but it is highly riskly. By accessing your company’s storage platform via an unprotected WiFi you’re essentially inviting hackers in. And as we have seen from hacking incidents in recent years, this could have some serious consequences.

One of the top reasons why more-and-more organizations are choosing VDI is to avoid this scenario. With FileCloud’s VDI, the safety of your company’s files is never at risk even if you access your work platform via an unprotected WiFi or you use someone else’s computer to work. This is because files are actually never downloaded; all the work happens on the VDI platform. FileCloud keeps your files protected at all times using multiple security mechanisms such as encryption, ransomware and anty-virus scanning, and Two-Factor Authentication (2FA).

Conclusion

There are many other mistakes that are frequently made in regards to online file storage and sharing. However, we have highlighted the four points above because they appear to be the most common ones.

What all of this shows is that cloud storage is not enough for enterprises. The ultimate solution is shifting to VDI. In the past, one of the things that kept companies from choosing VDI was cost. However, things have changed today. FileCloud has different pricing strategies to accommodate companies of different sizes. Whether your company is just starting out or you are a behemoth, we have the perfect VDI package for you. You can even choose to integrate FileCloud VDI into your existing cloud platforms like Amazon WorkSpaces or Microsoft Azure.

Author : Rahul Sharma

Data Privacy in A Digital Age

Privacy has always been a crucial aspect of human existence. But as more data becomes digitized, and more information is shared online, data privacy is becoming more important.  Data privacy denotes how information should be managed based on its perceived importance. It isn’t just a business concern; individuals have a lot at stake when it comes to the privacy of their data. The more you are aware of it, the better you’ll be able to shield yourself from multiple risks. In this digital age, the concept of data privacy is mainly applied to critical personal information, also refereed to as personally identifiable information (PII) and personal health information (PHI). This typically includes financial data, medical and health records, social security numbers, and even basic yet sensitive information like birthdates, full names, and addresses.

For a business, data privacy transcends the PII of its customers and employees. It also encompasses the information that helps it operate, whether it’s propriety research and development data or financial information that shows how money is spent within the company. Recent history has shown that when data that should remain private gets into questionable hands, bad things follow.

It’s a Data Driven Economy

User data is an extremely valuable asset in this information age. It not only helps organizations understand their customers, but also enables them to ‘track’ customers and target them with ‘relevant’ ads. Marketing is just one of the ways companies leverage user data to strengthen their position in the market and increase their revenues. There are other more harmful ways. In 2018, Facebook founder Mark Zuckerberg was called to testify before the United States Congress, following the Cambridge Analytica Scandal. Questioning during the hearings unearthed several details of a data privacy crisis for companies like Facebook that are dependent on data manipulation and harvesting.

More and more user groups, regulators and non-profits have begun demanding for a legally enforceable ‘right to privacy’. Speaking at a privacy conference in Brussels, Apple CEO, Tim Cook, called for improved privacy laws. At a time when the data practices of industry titans like Facebook and Google are being put into question, Cook is pushing Apple in the opposite direction, by not only talking up data privacy, but also embracing new regulations. Cook has also criticized companies that base their business models on the harvesting of personal data for advertising, while highlighting that his company tires to collect as little of it as possible.

The Service Affordability Tradeoff

Many in the tech industry are disinclined to support privacy regulations due to its potential to hold back innovation.  Mark Zuckerberg defended his company’s advertising-based model by pointing out that it enabled its services to “be affordable to everyone”. “Instead of charging users, we charge the advertisers”, he added. Google’s Senior VP for Global Affairs, Kent Walker, echoed the same sentiment by saying ads allow them to deliver search to users of all income levels across the globe for free. However, both executives also acknowledged that security and privacy has to be a principal consideration, even if it impacts profitability. Its impossible to ignore the fact that all this personal data can lead to interferences and intrusions with people’s private lives. This can have a damaging and distressing effect on individuals.

Data Privacy Should be a Basic Human Right

Though the US has relatively few regulations that govern the gathering and use of personal data, in several other places around the globe, data privacy is considered a basic human right. Within the European Union, the recently enacted General Data Protection Regulation (GDPR), sets stringent legal standards for the handling of personal data. While ‘privacy’ may sound like a nebulous concept, it’s not a new idea in human rights law. The right to privacy safeguards an individual’s dignity by protecting their personal information from public scrutiny. This right is typically protection by statutory law.

The UN’s human rights office inferred that governments should respect the right to privacy by regulating how private organizations – not just intelligence agencies and the police – treat personal data. Human rights courts have also acknowledged that the collection, use, storage, and sharing of personal data can balk privacy. Those actions should therefor be limited to what is unquestionably necessary and relative to a justifiable goal.

“All of us will have to think about the digital experiences we create to treat privacy as a human right”

– Satya Nadella, CEO of Microsoft

The GDPR Is Charting the Way

The EU enacted GDPR will improve privacy and should propel other countries to enhance the protection of people’s personal information. The new regulation that became legally binding across the EU’s 28 member states on May 25, 2018, is one of the most comprehensive and strongest attempts globally to regulate the collection and use of personal data by both the government and the private sector. Despite the fact that the GDPR has prompted multiple other nations to strengthen their cyber laws, none offer residents the right to data privacy. Courts and regulators have to work attentively to ensure that corporations and governments don’t try to exploit ambiguities in data protection laws.

Several companies have begun exploring how they can enhance the protection of users’ data and play a role in the continuing conversation about privacy as a human right. Those that are yet to do so have to develop the necessary tools and processes needed to track the source of the data they collect, making sure that data collected for a specific purpose is not exploited for another. They will also have to develop new policies outlining how data is collected and used in a clear, concise language, not legalese.

How VDI can Help Organizations be More Secure

With the rampant rate of hacking, cybersecurity is one of the top concerns for most organizations. Even cloud storage platforms like Dropbox and Apple’s iCloud have been victims of cyber-attacks.

Virtual desktop infrastructure (VDI) is ultimately the best solution for modern organizations. Today, employees don’t just work from home. Some of them also bring their own device to the workplace. This opens up a lot of loopholes that could compromise the security of an organization. While companies can enforce strict security policies like ensuring employees do not use unsecured public WiFis and always have updated anti-virus and anti-malware app on their devices, there is a possibility that some employees will not adhere to these rules.

However, with VDI, you do not have to worry about these security gaps since everything is managed centrally at the data center. What’s more, FileCloud, a file collaboration platform for VDI has in-built security tools which ensure your documents and applications are 100 percent safe at all times.

How VDI boosts security

1.There are no traces of activity on endpoint devices: One of the key features that make VDI highly secure is that nothing is stored on the device used to access the virtual desktop platform. When using VDI, your files and apps are all stored on the computer in the data center. This means, if you were to lose your device or if it gets stolen, you have very little to worry about. This feature of VDI takes away the threat that your company’s data may fall into the wrong hands if your employees are using a shared device or if they bring their own device to the workplace.

For example, if you are working at home and your device develops a fault, but you need to file an urgent report or sign some documents, you can easily borrow your spouse’s computer or even visit an internet cafe to get your work done without any security worries.

2. Encryption: Most VDI platforms provide encryption while files are in transit and storage. This guarantees that your files are always secure even if a hacker intercepts them during transfer. VDI encryption technology also ensures you are protected even if an employee in your organization chooses to use an unsecured WiFi. As a result, your employees can enjoy using public WiFi while at the coffee shop without jeopardizing sensitive documents. Even if the network is infected with malware, it is highly unlikely that it will filter into your virtual workspace.

3. Maintaining security is much easier: VDI can make the process of managing your organization’s security much easier. Usually, IT workers have to install antivirus and malware protection on each employee’s device and try (often without any success) to convince them to use only that device when accessing the company’s apps and documents. However, with VDI, the installation of security software happens only on the computer that is used to host the virtual desktop platform. This makes it a lot easier to manage and also reduces cost since you don’t need multiple licenses and your IT workers clock in less time on the job.

4. Data Security: Another security perk of using VDI is that it makes the process of backing up and restoring your data straightforward. Imagine there is a fire in an organization, the process of gathering the lost data would be tedious for IT workers. First, the data is stored on different devices. Also, there is no guarantee that each worker saved a backup of their files, so it is a hit-or-miss situation. With VDI, it is an entirely different story because the process of backing up files happens at the data center. This means you can always restore lost files.

How FileCloud keeps your files secure

The following are some of the ways that FileCloud keeps your data and apps protected.

A. Encryption: FileCloud also encrypts your files – while at rest and during transmission. At rest, your files are protected with AES 256-bit encryption. In transit, files are encrypted with SSL/TLS. This guarantees complete protection of your data at all times.

B. Ransomware Protection: The FileCloud VDI ecosystem comes with ransomware protection. Each file uploaded to your virtual desktop is scanned for ransomware. If any malicious software is found in the data, it is blocked before it can launch and compromise your system.

C. Anti-Virus: FileCloud does not only provide ransomware protection, but also antivirus protection. You can integrate your antivirus software into the VDI platform. All files are automatically scanned before they are uploaded to your virtual desktop. FileCloud supports Internet Content Adaption Protocol (ICAP) antivirus scanning.

D. Two-Factor Identification: Two-factor identification adds another layer of security when you are signing in to FileCloud using email or Google Authenticator. The extra security protocol ensures that no unauthorized person can gain access to the files and apps on your virtual desktop.

E. Single Sign-On (SSO): FileCloud also supports SSO. This does not only improve user experience but also strengthens the security of your virtual desktop. SSO reduces the chances that your login credentials can be compromised. Also, since you need just one login identity, you do not have to juggle your memory to remember different usernames and passwords or downgrade the complexity of your user ID to make it easily memorable.

F. Backup: FileCloud allows you to backup and restore files regardless of the type of device you are using. This means you never have to lose any file again. You can even recover files that are deleted accidentally.

G. Remote Delete: In the unlikely circumstance that an employee loses his/her computer while it is still signed into your virtual desktop platform, FileCloud allows you to wipe files or block access remotely. This means all the worker has to do is report the device stolen and request that access is blocked.

Conclusion

If you are still wondering how to solve your organization’s security issues, the apparent answer is VDI file sharing solution, FileCloud. This technology revolutionizes the working environment and makes many of our current security concerns a thing of the past. What’s more, it also has the potential to boost productivity and allow organizations to cut cost.

Author : Rahul Sharma