Archive for the ‘Security’ Category

Security Risks During Remote Work and How to Address Them


Work from home practice increases the risks of critical data theft, especially if you are using your personal laptop for the work and not the company managed laptop.

Generally, people use personal laptops with a casual attitude, without worrying about unnecessary services running on it. Unwanted ports open to the internet, with different torrent clients, cracked software, and unpatched OS. Moreover, people do not hesitate to use any random software on their personal laptops. These increase the risks of malware infection and data theft. Most of these things are taken care of in a company laptop, as IT teams take care of these basic IT hygiene practices while configuring official laptops.

The second possible attack surface during WFH is other internet-connected devices to our home WiFi. A poorly configured WiFi router at our home or an infected home laptop connected to the same WiFi which we are using for work from home can pose major security risks.

Business activities that were once conducted in protected office environments, and monitored under specific policies, have quickly transitioned to new, and potentially less secure territory. For example, customer service agents who worked in closely managed call centers are now managing sensitive customer data at home.

The rapid shift to working from home has also changed the ways many organizations do business from moving face-to-face meetings to video conferencing calls to adding new collaboration tools—yet the survey showed many employees are lacking guidance, direction, and policies.

Allowing employees to access company data from offsite locations raises concerns about data encryption, the security of wireless connections, the use of removable media, and potential loss or theft of devices and data. In a 2018 survey by Wi-Fi security company iPass, 57% of CIOs reported they suspect their mobile workers had been hacked or were the cause of security problems. Very few companies are confident that their remote employees used virtual private networks (VPNs) to increase security when connecting to company networks. Sixty-two percent of security incidents related to Wi-Fi connections happen when employees use networks in cafes or coffee shops, and 27% of workers in the U.S. admit to opening emails and attachments from unfamiliar senders. Devices are often compromised as a result, putting both personal and company data at risk.

Cybercriminals are taking advantage of fear surrounding COVID-19 and using it to accelerate attacks against organizations, primarily with COVID-themed phishing emails. In response, it is necessary for companies to take sufficient measures to inform employees and set up policies that will help protect the confidentiality and integrity of their information as well as maintain the availability of their systems for remote employees.

End-Point Protection for Home Users

Modern endpoint detection and response (EDR) solutions are designed to operate outside the corporate network. These solutions prevent malware and enable threat hunting. They also give you the ability to initiate immediate response actions, such as preventing new malware from running or removing malware from systems. Building a secure endpoint ecosystem is the need of the hour. Hackers want to compromise any and every device because cybercrime is a booming business to siphon billions. As wireless endpoint devices inch closer to acting as corporate infrastructure in the current remote work scenario, debunking the myth that wireless hijacking cannot be done across remote geographic locations becomes more critical.

Risk-Free Remote Access

Many business owners don’t understand the requirements for a robust remote access policy. Access needs and practices are changing among all workers, not just remote employees, and professional guidance is becoming essential to prevent serious problems like identity theft, data breaches, and data loss.

IT and cybersecurity professionals can evaluate the security risks companies face and develop customized protocols to minimize these risks, but 44% of companies aren’t bringing the pros in to help. Therefore, many executives may miss key insights into potential vulnerabilities and fail to implement proper protection for remote workers.

Multiple Factor or 2 Factor Authentication

2FA or Multi-Factor Authentication is one of the best solutions to the standard single sign-on method. It requires that your users present multiple pieces of evidence to verify their identity. An example of this would be answering a question like “where did you go to school?” and then entering your ID and password to gain access to the remote access software. Just adding a simple question like this can greatly enhance your security. You could take it a step further and require your outside vendors to call your operations department in order to acquire a single-use passcode to remotely access your data, in addition to using their private ID and password.

Use VPN for Critical Access

Many corporate departments like Finance and Human Resources may be handling sensitive data outside the physical office for the first time. Employees who are still traveling for urgent or mission-critical business may be working from a coffee shop or hotel on their mobile devices. Requiring them to use a VPN will ensure that data stays private and that these systems are not exposed externally.

Set up Firewall and AntiVirus

Firewalls act as a line defense to prevent threats entering your system, They create a barrier between your device and the internet by closing ports to communication. This can help prevent malicious programs entering and can stop data leaking from your device.Your device’s operating system will typically have a built-in firewall. In addition hardware firewalls are built in to many routers. Just make sure that yours are enabled.

Although a firewall can help, it’s inevitable that threats can get through. A good antivirus software can act as the next line of defense by detecting and blocking known malware. Even if malware does manage to find its way onto your device, an antivirus may be able to detect and in some cases remove it.

Back up your Data

Clearly, there are plenty of reasons to keep your data backed up. While hardware backups are still an option, one of the most convenient and cost-effective ways to store your data is in the cloud. Cloud backup services come with a wealth of options enabling you to customize your backup schedule and storage options.

Passwords and Cloud Security

It is essential that you implement two-step verification for all your users. In the most basic form, a person enters their username and password, and then their phone receives a text message with a code they enter to finish the login process. Other options for the second step include phone callbacks, physical USB hardware token keys, authentication apps on phones, and one-tap login solutions. Common choices include YubiKey, Authy, Duo, Google Authenticator, Microsoft Authenticator, and RSA SecurID.*

Update acceptable use policies for employees

Finally, ensure your acceptable computer use policies cover employees’ home computer assets. If this wording is not already there, you’ll need to quickly get up to speed in allowing employee’s personal assets be used for remote access. Now is an important time to remind employees that while they work remotely, they have to maintain the same level of professionalism when it comes to secure and sensitive data as they do in the office. That includes reminding people that personal email is not to be used in an official capacity and that any physical documents kept at home must either be disposed of properly with a shredder or set aside to be shredded later.

To reduce the vulnerabilities associated with public Wi-Fi networks, employers can:

• Ban the use of unsecured wireless connections
• Use geolocation to restrict the places from which company networks can be accessed
• Set up and require the use of a VPN for remote work

Digital Rights Management Tools for Safe and Secure Document Sharing

DRM is a way for the producer of a digital file to make sure that the user of that digital file is limited in his use of the digital file.

It is done with encryption. The producer encrypts the file, which means that the file becomes unreadable to anyone that doesn’t have an “encryption key”, which is like a very long password. The producer does not give the encryption key to the user (buyer usually). Instead, he integrates the key in a program that he produces as well, and that the user has to use to open the file.

Since the file produced can only be opened by a program under the control of the same producer, the producer can decide what the user will be allowed to do with the file, and what he shouldn’t be allowed to do.

DRM adopts a proactive strategy to secure content by limiting access to it as well as the number of things that can be done to the content (e.g copying, downloading, etc.). There are various ways to deal with DRM and new techniques emerge every day. Numerous DRM systems work through encryption or with code inserted in the computerized content to restrict access or use. These systems can control the occasions, gadgets, individuals, or time spans that the content can get to or be introduced.


Advantages of having a DRM tool

a) Content Protection/ Encryption

The most common protection given by DRM is through encryption and digital watermarking.


Encryption is the process of scrambling information embedded within a digital object so that it cannot be used without a password or a unique key. This could include encoding the terms and conditions for which the material can be used. The use of the work is allowed only when the conditions of the key can be met.


Digital watermarking embeds the information into data. Watermarks can either be visible or invisible. It helps to reduce the likelihood that someone will bypass it or try to make illegal copies.

b) Access Control

Access control (AC) is the act of controlling access to resources at its most basic level. AC often is used as a ‘what and when’ model of security—that is what/who has access and to when/what can they access?

Software and Computer GamesSoftware and computer games have implemented various forms of DRM throughout recent decades. Many forms of its modern implementation have been intrusive and frustrating for many users legitimate and otherwise. One of the most common methods is through the use of serial keys. The content can only be accessed if a legitimate serial key is provided by the user normally in the form of an alphanumeric string

c) Access Tracking

Who, what, when all the information about file access can be tracked in recent DRM tools. You can restrict the number of downloads, have a time limit for file access. Access Tracking is one of the major security ask of clients looking for DRM tools.

Let’s move on and list out some of the top DRM tool providers right now


Digify is document security and virtual data room software that’s easy to use and takes only minutes to set up. Thousands of companies save time using Digify in sharing confidential documents with partners, clients, and investors. It is easy to use and gives control of who can see what and who has seen what. It is very easy for recipients of attachments to view them as they do not require special software. If you have different sets of users, Digify helps you manage access permission at varying degrees. You can restrict forwarding, revoke access, or make your files private or public. You can also set rules for downloading, so you can decide which users can save locally or print a confidential document.

Pros –

  •  The ability to send documents to multiple people in a way that does not allow for them to save the documents or forward the documents (thus helps to prevent plagiarism).
  •  Excellent solution to keep document secure while sharing and communicating inside & outside of your organization – no matter how large or small.
  • can encrypt files and deny access after a certain date. There are a lot of permission options and that works well.

Cons –

  • It is Expensive.
  • The permissions setting process is a bit cumbersome and adding new users & getting permissions correct could be easier.



FileCloud DRM protects important, sensitive business documents against intellectual property theft, piracy, and leakage. This security travels with your files wherever they go, protecting them with AES-certified 256-bit encryption at all times. You’ll be able to instantly revoke any recipient’s access to data, at any time, from the FileCloud Portal and protect your documents, files, and e-books against unauthorized copying and distribution. FileCloud DRM stops unauthorized sharing, taking screenshots, copying, the printing of your intellectual property (contracts, sales/marketing reports, eBooks, training materials, and other sensitive documents). The sender can instantly restrict or revoke access any time after sending and also set maximum access counts.


  • Cost-effective DRM solution in the market.
  • FileCloud DRM lets you securely export multiple documents in an encrypted document container (AES 256 encryption) and share it via email or FileCloud.
  • FileCloud DRM Container supports multiple file formats. That includes Microsoft Office (Word, Powerpoint), PDF and image (jpeg, png) files.


  • Do not yet have gmail or outlook integration.
  • Relatively new DRM tool but with strong File sharing features


Locklizard Safeguard PDF Security provides total PDF DRM protection and control over your documents through a multi-layered protection mechanism that does not rely on passwords. Locklizard Safeguard PDF Security enforces DRM controls, uses US Government strength encryption (AES 256-bit), real-time licensing, and public-key technology. There are no passwords, plug-ins, or dependencies on other applications to compromise your security, or complex PKI structures to manage.


  • A good range of DRM controls Unobtrusive to users Easy to implement Good and responsive technical support.
  • Locklizard has two types of DRM copy protection software for documents, files, ebooks, etc. which are-Safeguard PDF Security, and Enterprise PDF DRM.
  • It has a dynamic document watermarking feature, providing additional PDF protection so that even if photocopies are made of printed copies of your PDF, or users take photographs of the screen, your Intellectual Property remains secure.
  • It allows you to lock user access to country locations i.e. allow or disallow specific country access. You can also lock user access to specific IP addresses or a range of IPs (for instance, you can lock document use to the IP addresses of your office computers to ensure that they can only be viewed from the office).

Cons –

  • It does not support forms.
  • It is expensive.
  • It could do with a bit more auditing features.

Vitrium Security

Vitrium Security is mainly used to protect, control, and analyze the accessibility of the content. It comprises of features that take care of the whole operation. From securely sharing the content to keeping track of the file, online video integration, etc the system manages it all. The content security solution comes in two editions: Professional and Enterprise. The Professional Edition includes all core content protection features from permission control to distribution security. On the other hand, the Enterprise Edition includes all functionalities in the previous edition plus automation, single sign-on (SSO), integration, and more.

Pros –

  • There are many different levels you can set from expiry time to watermarking.
  • It also has an easy to use interface for clients/users. The control dashboard is simple, neat, and clean.
  • The online web viewer is an easy way for customers to view the report. It also enables viewing on tablet computers.
  • The team at Vitrium has created a great product and provides outstanding customer service.


  • Sometimes users have trouble due to Adobe settings.
  • Slow process. The response time of the steps can take longer than expected. The troubleshooting instructions can sometimes seem a little confusing to understand.
  • No folders and categorizing documents is not a function.


CapLinked is an intuitive, easy-to-use, and superior virtual data room solution that enables enterprise and external collaborators to work together on secure online workspaces, share data, files, and documents with each other, and concentrate more on closing deals. DRM features include manage and control how external collaborators are viewing, accessing, editing, and printing the documents and files they stored within the platform. This is to ensure that any sensitive and confidential information contained in those documents and files won’t fall into the wrong hands. Watermarking features are also included as users share documents and files.


  • Robust features, such as activity tracker, security, Q&A, and customized messages. – Everything is recorded by Caplinked.
  • The CapLinked platform is super easy to navigate and share and lets you keep confidential documents secure at all times. It allows different levels of control for each group which saves a lot of time.
  • Reasonably priced, secure, and easy to use the software. Great customer support!


  • It lacks export tools and better data trends. Offers no easy way to archive old data into the new system.
  • Could use more flexibility on the use of graphics, custom reporting, and dashboard.
  • Setting file permissions is a bit clunky, as is assigning user permissions and inviting users.


DocSend delivers a powerful, comprehensive analytics tool that focuses on documents and how people interact with it. Whenever you send a sales material such as an online catalog or a sales copy of your newest product, you often wonder what actions your recipients took upon receiving your documents. Or whether they open your documents at all.DocSend provides you with tools that grant you absolute control over your documents even after you send them. You can set up control features such as passwords, download permissions, and even update your documents from time to time if there is a typo.


  • Integration with Gmail.
  • Awareness of when your audience engages with time-sensitive documents.
  • It’s easier to share files with the team and work while on the go because of this platform. It doesn’t matter whether you are using Google Mail or Outlook Express because you could sync it without experiencing any issues at all.


FileOpen RightsManager is a client/server solution for encrypting and managing access to documents from your desktop. With RightsManager, you encrypt your documents locally, so there is no need to upload unencrypted documents to an unknown server. You maintain complete control of your source files at all times.RightsManager offers a free trial. With regards to system requirements, RightsManager is available as SaaS, and Windows software. Costs start at $3000.00/year. RightsManager includes online support and business hours support.


  • Implement programming functions with programmers relatively easily.
  • Good customer support.
  • The FileOpen software operates in three environments: installed on the desktop, via browser plug-ins, and via native HTML. Each of these has a different functional profile.


  • Troubleshooting is sometimes difficult.
  • Not all features are available in all modes.
  • The system is a bit clunky.


MagicBox is an award-winning, next-generation K-12 education publishing and distribution platform that offers key customization services. MagicBox allows K-12 and higher-education publishers to create, manage, and distribute digital content through custom web and mobile apps. It provides features such as easy integration of interactive multimedia elements, standard and video assessments, compliance with industry standards, and detailed analytics. Plus, it offers robust digital rights management services, allowing greater control over who can access the digital content. So, if you are looking for the best virtual classroom solution, MagicBox is the platform you need.


  • Features like expiry control, sales control, and content control.
  • Analytics- Get detailed reports of content consumption patterns and usage trends
  • Compliance with industry standards like QTI, LTI, SCORM, and TinCan.


  • It is expensive
  • Their key target is educational institutions and their features reflect that.
  • No access control and file-sharing options.

The truth is, your employees may find USB sticks, external hard drives, webmail, and smart devices more convenient than traditional organizational tools when it comes to transferring files. Unfortunately, this creates a gap in control and visibility for IT departments, exposing companies to compliance and security risks. As a result, organizations are slowly shying away from consumer-grade secure document sharing to more secure options.


Enterprise File Encryption and Protection


The more technology we use to ease our lives and work, the more challenges it throws up at us. Computers, the Internet and the Cloud have opened up a whole new era of data sharing and collaboration, which seem to have endless possibilities of making things happen. Alongside, this brought to the fore, the challenges of privacy, security, confidentiality, and made data security a core issue in the technology circles. Enterprises that were adopting technology for the ease of working improved productivity, and better customer experiences, had to worry about data security as well. Many enterprises had to even pay a huge price for not paying as much attention to data security as they should have.

Data breaches are common in the enterprise world; considering that many enterprises are fully or partially working in the remote mode, it seems it has only made it easy for hackers. A recent statistic states that cybercrime is up 600% due to the Corona pandemic! Not that it was any less earlier; malware, social engineering, ransomware, phishing, cryptojacking, identity thefts, etc. just a few of the multiple modes in which hackers operate. The average cost to companies to cover a data breach worldwide is $3.86 million and the cybercriminals are expected to steal an estimated 33 billion records in 2023.

Enterprise File Protection

This brings to the fore the importance of enterprise file protection, which is one of the most effective ways in which the data and files are protected in the online world. Encryption in the simplest form of definition is to ensure that you deny access to people who are trying to steal your enterprise data. When we share information online with others, we need to be sure that only those that are the intended recipients receive it. For ensuring this, the data that we send is encrypted using certain methods to make it unreadable to hackers. Only the intended recipients would be able to make sense out of the shared data by using the right means to unscramble it. The unscrambling part is known as decryption and together, usually, this forms an encryption-decryption key model. This is achieved through many algorithms designed specifically for the purpose of encrypting/decrypting data.

Encryption becomes a very important weapon in the fight against data security breaches, especially when enterprises are dealing with sensitive information that is bound by regulations and compliances. For example, HIPAA, PCI DSS, EI3PA, FERPA, FCPA, etc. are regulatory bodies that dictate compliances to protect sensitive information. The cost of breaches is heavy, with many regulations imposing hefty fines that may prove crippling. That is apart from the loss of reputation and trust among the customers. Each encryption key set is unique and random, and that is how they ensure a high level of file protection, denying access to hackers.

Encryption is usually of two types: symmetric and asymmetric; the symmetric encryption uses the same password to encrypt and decrypt, while the asymmetric encryption uses a public key, a private key concept for encryption and decryption. A public key used for the encryption is shared with all the users and the private key used for the decryption is not shared. This method, though more secure, is more complex and also tougher to implement on a large scale. Digital certificates issued through authorized Certificate Authority (CA) using Public Key Infrastructure (PKI), is one way using which public keys can be effectively implemented.

A drawback of the symmetric encryption is that if hackers can gain access to a network and the shared key, then they can decrypt the data. This problem occurs with asymmetric encryption also as if hackers access your private network to capture the public key, and then the data is compromised. Hackers too, have been trying to go one up in the game and many encryption technologies have thus been abandoned due to the vulnerabilities exposed in them. This has led to innovation in the security encryption technologies and many different standards and algorithms have come up.

Encryption Technologies

Some of the commonly used encryption standards are Data Encryption Standard (DES), Triple DES, Rivest-Shamir-Adleman (RSA), Advanced Encryption Standard (AES), Twofish, and SSL. AES currently happens to be one of the most secure encryption standards in use, as it uses a block cipher encryption method, as compared to the bit encryption method. Hence, we have AES-128, AES-192, and AES-256, based on the number of bits encrypted in the block. AES is a symmetric encryption technology and requires the sharing of the key with intended recipients so that they can access the data. AES-256 is said to be the strongest of the lost as the encryption becomes stronger as the block size increases.

RSA is another secure and powerful encryption technology that can be used when enterprises are more worried about security and not the ease of decryption. RSA uses 4096 bits for encryption and works on a combination of two keys for encryption and decryption, and is said to be one of the strongest.

At a file level, the technologies used are File Transfer Protocol over SSL (FTPS), SSH File Transfer Protocol (SFTP), Hypertext Transfer Protocol Secure (HTTPS), GNU Privacy Guard (GPG) and Pretty Good Privacy (PGP). File encryptions usually use block cipher methods. Each of these uses encryption keys to secure data and is good enough to protect the data. But, it is also true that there still are vulnerabilities in file and data transfer methods that hackers exploit constantly.

Since most enterprises have fully or partially moved to the Cloud, the Cloud service providers too adopted a combination of these technologies to ensure data security. Enterprises evaluate the providers, on the security standards and include the data breach clauses into the contracts. Hence, Cloud service providers combine the best technologies and policies, to ensure compliance and security. This includes layers of security at every level of the Cloud infrastructure, backup and recovery options, decryption keys with time expiry limits, logs and audits and immediate remedial measures in case of any breach. The enterprises back this up with access granted only to authorized personnel, backups stored off-site, employee awareness training, and more.

Encryption at Rest

Many people think that encryption is required only for the data is being moved or transferred on a network. However, encryption is needed even for data that is at rest on the various servers of an enterprise. Hackers do not just attack data on the move, but that is at rest as well. Encrypting data at rest makes it tough for hackers to access it. They would first have to break into the server and then the files to access it. Hence, if you have set up alarms and logs at every level, then the alarms go off when they get in through the first or second layer of firewalls, etc. This provides ample time for the IT personnel to investigate the cause and take necessary measures to prevent that hack before they reach the file level.

Overall, data security, whether at rest or on the move, is a matter of serious interest to enterprises. It is of prime importance while putting in place Data Governance policies, or choosing Cloud Service providers. Enterprises have learned to evaluate their security needs and create and implement policies at multiple layers to ensure the safety of their data. This is done not only to ensure compliances and avoid breaches and fines but equally for maintaining customer confidence and ensuring business continuity. The smarter enterprises have learned from others’ mistakes, are ensuring their systems are safe and secure from all known forms of attacks. Security comes at a cost, no doubt; but then, not paying attention to it comes at a bigger cost, and that is what enterprises do not want.

FileCloud and Security

Being the industry’s fastest-growing Enterprise File Sharing solution provider, FileCloud takes security, privacy, and data ownership very seriously, and these are fundamental to FileCloud’s security architecture. This is why more than 3000 enterprises have chosen to go with it for their needs.  The various security features that make it a strong contender in this industry are:

  • 256-bit AES SSL encryption at Rest
  • Active Directory integration
  • Two-factor authentication
  • SSO (single sign-on)
  • Granular user and file-sharing permissions
  • Client application security policies
  • Automatic anti-virus scanning of files when uploading
  • Unlimited file versioning
  • File locking
  • Endpoint device protection
  • Comprehensive HIPAA compliant audit trail and GDPR compliance

FileCloud also supports federal security standard FIPS 140-2. FileCloud protects data at rest and in transit using SSL and HTTPS-based security features and administrators have great control over the various settings of their data. Besides, AES-256 bit encryption is used at the storage level to ensure maximum security. Perhaps, this is why FileCloud received the Gartner Peer Insights Customers’ Choice  Award for the second consecutive time.



SharePoint Alternatives 2020 – Compare Top EFSS Solutions

SharePoint Alternatives 2020

If you are familiar with document management and sharing solutions, there’s a high probability that you may have heard about SharePoint. SharePoint document management and collaboration tool came into existence in 2001 developed by Microsoft and has been a popular player in the EFSS market since.

With innovations in the EFSS market, many SharePoint alternatives have emerged as challengers providing unique features for document management and file sharing with focus on security and usability.

Let’s look at some of the most popular alternatives to SharePoint in 2020 and what they have to offer for enterprises.  

Comparison Criteria – SharePoint Alternatives 2020

Being a top EFSS solution ourselves, we have compelling reasons about which solution is a top SharePoint alternative solution. Here are the factors taken into account:

  • Pricing: SharePoint Office 365 E3 plan costs $24,000/ year for 100 users. We will compare all solutions to find which ones are priced higher or lower than SharePoint and what are the feature differences at this price point.
  • Data Governance & Compliance: Enterprises handle sensitive data every day and need data governance and retention policies. A good solution helps comply with leading industry regulations and avoid any legal troubles.
  • Data Security: Which solutions provide data leak prevention, remote wipe, encryption in-transit and at-rest, and more to safeguard your data.
  • Integration: SharePoint integrates seamlessly with MS Office and related products. We will find out which solutions integrate easily with Microsoft Office 365 and Outlook, so that your workflow stays uninterrupted.
  • Administrative Tools: We will compare admin features, role based administration, granular permissions and more.
  • Other Important Features: We will add important add-ons and features like virtual drive, content classification, security modules wherever applicable to give you a transparent view of what to expect from each solution.

FileCloud Online

Browsing Folders - FileCloud - FileCloud Support

  Pricing: $18000/100 users/year (Enterprise) / $5,000/100 users/year for on-premise solution

✓  Storage: 1TB, +200GB/user (Enterprise)

✓  Security: Compliant with all stringent government regulations, such as HIPAA and GDPR. Get smart DLP, encryption at rest and in transit, 256-bit AES encryption, granular file-sharing, password-protected, public and private shares.

✓  Features: Get unlimited client accounts, unlimited file versioning, branding capabilities, hybrid cloud, virtual drive, selective sync and many more enterprise-level EFSS features. Enterprises can also opt for FileCloud Server for an on-premise deployment option.

FileCloud is one of the most powerful and affordable EFSS solutions compared to SharePoint. FileCloud is storage agnostic and can be deployed across any NAS or object storage. 

FileCloud is one of the most affordable file sharing solution on the market, providing unlimited FREE external client accounts, remote access to your data, collaboration tools, smart content classification, a comprehensive admin panel, customization and branding options to enhance your enterprise sharing, sync and storage experience.

Google Drive

How to Find Anything in Google Apps - The Ultimate Guide to G ...

  Pricing: Enterprise Plan: $30,000/100 users/year

✓  Storage: Enterprise Plan: Unlimited, or 1TB / user if less than 5 users

✓  Security: Multi-factor authentication, encryption in transit; no option to encrypt individual documents. No mechanism for customer-managed encryption keys an your data is collected to provide better services by Google.

✓  Features: Google Drive comes with powerful collaborative tools, such as Google Docs, Sheets and Slides.

Google Drive is a very popular cloud storage solution. Google Drive for business is same as the free Google Drive plan, but with unlimited storage and a few security add-on. As you would know, Google Drive works seamlessly with other massively used Google apps, such as Gmail, Calendar, Google docs and Google Sheets, hence it is a popular choice.

The solution’s enterprise plan offers a simple, clean and intuitive UI, and integrates with popular enterprise software like Salesforce, and more. Apart from this, Google Drive for Business offers unlimited storage, access from any device, offline file access, includes productivity apps like Gmail, Google Keep, Google Sites, as well as enterprise-grade access controls, e-discovery for emails, chats and files.

However, reportedly, users have encountered frequent connectivity and sync issues while using Google Drive. 


Dropbox -

  Pricing: Business Advanced Plan: $24,000/100 users/year

✓  Storage: Unlimited Storage

✓  Security: AES 256-bit encryption for data at rest and AES 128-bit encryption for data in transit, 180 days data versioning, file recovery, password protected shares, remote wipe, granular permissions, file locking, smart sync, audit logs and more.

✓  Features: Dropbox offers integrations with thousands of third-party apps, so is easier to integrate with existing workflow apps. Offers good collaboration features and offers seamless integration with MS Office and Google Docs. Smart sync helps store files smartly without taking much hard drive space. Admins can monitor team activities and easily transfer files from one user account to another if needed.

Dropbox indeed offers a great EFSS solution, but compared to FileCloud, the features are essentially the same with higher price and Dropbox has seen many security breaches in the recent past. Dropbox has been a popular target for data leaks. Even now, it doesn’t offer local encryption.


Cloud Storage Services for Business Use -

  Pricing: Box Business Plus: $30,000/100 users/year

✓  Storage: Unlimited Storage, but max file size upload limit is only 5 GB!

✓  Security: A regulatory-compliant Zero-Knowledge Provider. Tools to manage user permissions and customer-managed encryption keys, tight security regulations, alerts for unusual activities. Box doesn’t provide HIPPA compliance in the business plus plan, no e-discovery, no Box governance, no Box keysafe, no DLP. Even after paying top dollars!

✓  Features: Secure collaborative and project-management tools, as well as rule sets for work-flow automation, versatile document management, mobile and desktop sync, and custom branding capabilities

While perhaps quite similar in popularity with enterprises as Dropbox, Box, is also an incredibly strong alternative to SharePoint in 2020 on the EFSS list. With tools that integrate with top workflow apps, like Google Docs, Box also goes above and beyond in offering custom branding capabilities (like FileCloud) and letting users create a professional appearance for their organization.

Although, Box’s security is great, being a uniquely zero-knowledge provider and offering multiple options for encryption and user management, you don’t get many security features like DLP as mentioned above and there is a version history limit of 50 only, so in our opinion, enterprises can get better ROI with Google Drive or FileCloud.


Egnyte Business Review | PCMag

  Pricing: Business Plan $24,000/100 users/year

✓  Storage: 10TB storage and 10 GB large file transfer

✓  Security: Standard encryption, includes user and group access permissions, security modules like 256-bit AES encryption, multi-factor authentication, device management, remote wipe and more

✓  Features: What stands out most with Egnyte is their great auditing system which timestamps user activities, plus a robust access permission system. Egnyte business plan offers desktop sync, mobile access, MS Outlook integration, MS Office as well as other premium integrations.

Egnyte is another leading enterprise file sharing solution, designed for enterprises. Egnyte provides the branding capabilities to customize brand assets, provides useful sharing and collaborative features, and decent security features.

Unfortunately, certain important business features like role based administration, AD/ LDAP integration and limited online storage can be a deal breaker for businesses, especially when EFSS solutions like FileCloud and Box provide much enahnced experience. There also have been frequent sync/network problems with Egnyte in the past. There is a steep learning curve for their product features and little documentation is provided.


ownCloud Phoenix - rebirth of the ownCloud user interface – ownCloud

  Pricing: Enterprise Subscription: $18,000/100 users/year

✓  Storage: Unlimited Self-Storage Space/ on-premise

✓  Security: Standard Encryption, Multi-Factor Authentication, NTFS Support

✓  Features: Custom branding, open-source customization options, local storage options

ownCloud is a reliable file sharing infrastructure allowing enterprises to setup a complete private file-sharing solution and avoiding popular public clouds like Google drive or Dropbox. An open source solution, it offers rich features and the ability to use on-premise.

However, ownCloud doesn’t support Windows starting version 8.1.0., and might be a downside for enterprises using Windows servers. Enterprises can opt for FileCloud instead as an ownCloud alternative


Citrix ShareFile

Localized ShareFile WebUI available | Citrix Blogs

  Pricing: $29,000/100 users/year

✓  Storage: Unlimited Storage Space

✓  Security: Standard encryption and SSL/TLS. Recovery sites in both the US and EU.

✓  Features: Collaborative and productivity-enhancing tools, custom electronic signature tool, access to SSO, unlimited client users (like FileCloud), Outlook and Gmail plugins, unlimited storage, large file size of 100 GB, custom branding, e-signature, mobile and desktop apps, sync, full text search, file versioning, and much more

Sharefile is Citrix’s enterprise cloud storage solution with decent user management features, and an intuitive user experience. Sync works well as reported by users and unlimited client users makes it a decent option to opt for. The file sharing is fast, especially for large files and the folder structure is easy for structuring data.

The solution itself doesn’t support Linux though, so enterprises need to keep that in mind.


Nextcloud 16 introduces machine learning based security and ...

  Pricing: $10,000/100 users/year

✓  Storage: Unlimited Self-Storage/ on-premise

✓  Security: Standard Encryption, SSO, SAML Authentication, 2FA, File-Locking

✓  Features: On-Premise and Cloud file-hosting, large file support, local storage support, OS compatibility

While NextCloud is a free, open-source software, NextCloud Enterprise comes as a powerful EFSS solution. Nextcloud provides an easy access to files on-premise, security features and much more. Some features include desktop sync, supported local storage, custom branding and file locking. Advanced features like data leak prevention, unlimited file versioning, unlimited free client accounts, are not available though unlike FileCloud.


Syncplicity Cloud Storage Service Review | Cloud Storage Advice

  Pricing: Enterprise Plan (No upfront pricing available)

✓  Storage: 300+ GB

✓  Security: Standard encryption in-transit and at-rest, SSO, 2FA, AD, remote wipe, DLP, customer managed encryption keys and much more

✓  Features: on-premise, Hybrid solution, remote access and mobility

For a solution that’s much less popular and well-known compared to Dropbox or ownCloud, Syncplicity offers a great package with their rich collaboration features, hybrid hosting options, great security, file versioning and backup. You also get unlimited external collaborators like FileCloud and similar enterprise collaboration features.

Syncplicity’s interface is not the most modern compared to other EFSS solutions compared here and it can be concerning for enterprises, whether they will keep updating the product in the future or not.

Tips for Preventing Data Breach/ Data Leak Prevention

data breach prevention

In today’s digitized global economy, data break or data leaks can result in leaked sensitive information, insights about the company’s growth patterns, differential competitiveness against their competitors and much more.

With the increasing volume of data, it is necessitated, that businesses look for alternatives that not only help them in providing solutions to their storage problems but also help them in offering security against data breaches and ransomware attacks. In this article we will discuss about data breach and tips for preventing data breach.

According to a data breach research conducted by Verizon, “43% of breach victims are usually small, growing businesses”. Also, the report highlighted, “Healthcare sector constituted 15% breaches, Financial industry constituted 10% breaches”. IBM informs that the average time to identify a breach in 2019 was 209 days which implies that businesses need to look at increasing the security infrastructure exponentially, since these breaches can lurk around for so long that by the time they have been identified, huge losses would have been incurred already by the businesses.

The mentioned tips for preventing data breach and other security measures provided by DLP tools can ensure a secure enterprise environment which stops any data leaks and data breaches from happening automatically or manually.

What is a Data Breach?

A data breach, also commonly known as data leakage is the release of sensitive and confidential data with the intent of causing huge losses to the business. Data breaches are not necessarily the result of hacker attack but could also be an insider job, therefore businesses should always take precautions to protect data from falling into the wrong hands.

Businesses receive and store huge terabytes of sensitive data such as client’s banking details, employee’s social security number, or project details, etc and data leakage would mean a complete or partial loss of data based on the mode in which data breach occurs.

Implementing new technological security practices and processes ensures that data leakages to be reduced to bare minimum and at the same time preventing data loss using Data Loss Prevention (DLP).
Types of Information leaked during data leakage:

Different groups or types of information which can be leaked

  • Financial and Banking Data: consisting of credit card numbers, bank details, and financial statements, etc
  • Personal Health Information (PHI): consisting of information related to past, present or future physical or mental health condition of individual
  • Personal Identifiable Information (PII): consisting of information related to identification, location, and contact details of an individual
  • Intellectual property Data: consisting of patents, client’s list, trade secrets, contact details, etc.
  • Sensitive Information: Consisting of meeting recordings, protocols, agreements, and classified documents.

Causes of Information Leakage:

  • Insider Threats: Insider threats included employees who have access to sensitive data and can turn back on the business in lieu of financial gain etc.
  • Payment Fraud: Credit card breaches result in payment frauds by creating illegal transactions. In this, Hackers set up fake online shopping stores offering a profitable deal, and then once a user inputs his/her card details, the information is stolen.
  • Loss/Theft: Sensitive information is at stack when mobile phones, laptop computers, or hard drive gets stolen. This physical act of losing the devices can result in huge losses to the business
  • Unintended Disclosure: The act of saving data in the non-secure location can mistakenly expose data on the internet. The worker hasn’t thought completely about the repercussions and thereby unintentional exposed data to the hackers.

Tips for Data Leakage Protection:

A data breach in the business’s storage system occurs silently and lurks in the background without the knowledge. Data is stolen gradually over several days and when the breach is identified already complete loss of data has occurred.

Several experts are of the opinion that data leakages are not completely preventable and therefore safeguard practices such as detection, containment and remediation should be thoroughly followed.

Some of the best practices that can help businesses prevent data breaches are:

  • Investing in the right security infrastructure: Investing in the latest security infrastructure can make the system more secure and less prone to data breaches.
  • Vulnerability assessments: Systematic and regular review to fill any security gap that is identified. This ensures that the vulnerabilities can be identified and mitigation steps can be taken for the same.
  • Simulated Penetration testing: Simulated testing to check for exploitable vulnerabilities in the system. This technique identifies the loopholes and helps in taking corrective measures to prevent any authorized access.
  • Staff Training: Staff training in a matter of security procedures and processes can help businesses by reducing the risk of unintentional data leakages. This in turn can increase the awareness of the staff in matters of security and help them in identifying the potential threats.
  • Policy for equipment use: Policy can be undertaken on the equipment to be used in the office premises. Questions such as whether the staff members should use their own devices or the devices provided by the business for sharing information are answered through this policy.
  • Compliance with data regulation: Major compliances ensure that all the service providers can work towards making their infrastructure secure by following the latest protocols
  • Data Breach Response Plan: The response plan ensures that all the steps will be predefined in case of a data breach. This ensures that the teams can calmly function and can help by further preventing any data losses.
  • Regular audits and assessment: Regular check-up audits can result in identifying any of the loopholes that may exist in the system and help in providing feedback on the working of the system.
  • Data Backups: Regular data backs needs to be maintained so that data copies are available in case data loss has been incurred.

Learn How FileCloud’s DLP can help you in preventing data breaches?

FileCloud enterprise storage and sharing solution (EFSS) not only provides you with the space for storing your data but also provides a workspace where you can collaborate with your team. Whether your preferred hosting option is an on-premise storage, cloud storage or a hybrid storage setup, FileCloud provides you all the necessary tools to prevent data loss and data breaches.

To make your stored files secure, FileCloud employs security protocols like end-point backup, 2 factor authentication, anti-virus scanning and ransomware protection along with more techniques. While your files are protected on the servers, many data breaches happen due to external sharing, hacks, social hacking and malware.

When there are so many invisible threats to sensitive data, you need a smart tool to employ rules which classify confidential and business critical data, identify violations of policies defined internally, prevent the data leaks from happening across all bases.

data leak prevention software

FileCloud’s approach to DLP relies on multiple layers of security, including:

  • User Management- monitors data access activities of the authorized personnel to identify any inappropriate activity taking place
  • Encryption and Data masking- Encrypts sensitive data rendering it useless for the hackers to extract information
  • Data loss prevention- monitors and inspects data at rest, in motion, and while it is stored on the server.
  • Behavior Analytics- uses the latest machine learning to detect patterns and identify potentially malicious activities
  • E-discovery and data classification- keep track of the information to comply with the data compliance. Data is classified to make searching files and data easy.
  • Audit trails- Keep track of all the activities currently undergoing in the cloud system and keeps track of users
  • Alerts: Uses Artificial Intelligence for keeping track and notifying the admin in case of data breaches.

Data Leak Prevention Technology – Top DLP EFSS Solutions 2020

Data leak prevention technology


Data Leak Prevention Technology:

Data leak prevention technology keeps sensitive corporate data secure by identifying potential data breaches and helping to eliminate them. DLP software classifies, regulates confidential business data, and identifies data violations typically driven by regulatory compliance such as Federal laws, HIPAA, FINRA, and EU-GDPR. Once the violation or data breach is identified, DLP enforces immediate remedial measures such as alert messages, access restriction, and other measures that prevent end-users from sharing data that could put the organization in jeopardy.

What Is Data Leak Prevention?

Data leak prevention (DLP) combines the power of security tools and strategic processes to ensure that company’s confidential data is not lost, misused, or accessed by unauthorized users. Simply put, Data leak prevention is a strategy that makes sure that end users are not able to intentionally or accidentally destroy or steal the company’s data. The enterprise must have a data leak prevention policy so that all the access control are predefined and linked to the data.

This prevention strategy should be covered by the EFSS solution which you use to store and share organization files. With the correct data protection policies and systems, you will be able to reduce or eliminate data leak incidents.

Top Data Leak Prevention Solutions 2020


FileCloud offers 360° protection with smart data leak prevention technology to ensure accidental data leakage. FileCloud’s real-time data prevention capabilities control user actions (login, download, share) based on the IP range, team groups, user types, email domain, folder paths, metadata and many more rules. FileCloud also integrates with existing security information and event management (SIEM) tools to provide more stringent data leak prevention. FileCloud’s evaluates user actions in real-time and logs rule violation reports for future auditing.

FileCloud helps enterprises comply with HIPAA, FINRA, ITAR, EU-GDPR, and other data privacy regulations. Smart DLP can be extended to the on-premise server as well as the cloud server, thereby offering flexibility to businesses in selecting the right fit for them.


Dropbox offers a data leak prevention technology solution in collaboration with Symantec. The security to the Dropbox cloud is provided by Symantec CloudSOC that safeguards organization against data loss and threats that targets cloud accounts. The Cloud Access Security Broker (CASB) technology by Dropbox protects businesses against any threats that may impose danger. The post data analysis of user activity helps in identifying the potential threat that an insider could pose to the confidential data.


Box data leak prevention technology helps with data security, access control and mitigates security challenges. Box DLP helps in avoiding the deletion or exposure of confidential data stored on company networks and servers. Box offers granular access permissions, and activity monitoring and significantly reduces data security risks associated with malicious activity and unauthorized sharing.


Egnyte DLP solution helps in identifying, classifying, and protecting your business data. Egnyte takes a proactive approach in content governance and provides insights into detecting unusual file behavior. File access control in real-time ensures that businesses can be strategic in their approach while deciding the security rules. The intuitive self-service experience that Egnyte offers help in protecting your business data and keep you compliant with latest business regulation.


Citrix’s ShareFile data leak prevention technology is offered in partnership with Digital Guardian and Code Green Networks. This solution mitigates the risk of data leakage by leveraging ShareFile’s APIs to move or revoke access to the files that contained sensitive information. You can classify and restrict data flow thereby having more control over the security aspect of the storage and data transfer. This allows you to find a sweet spot between security and usability that best fits your organization.


Microsoft OneDrive’s DLP policy identifies sensitive information including financial data and personally identifiable information. The sensitive information is monitored and protected from accidental sharing. It helps in staying compliant with the global guidelines without interrupting the data workflows. Also, you can view the DLP reports that help you make better security decisions. With OneDrive’s DLP you can restrict the sharing of sensitive data, define actions that must be taken in case of a data breach, audit incident reports, and set priority for user accounts.

How FileCloud Data Leak Prevention Technology Safeguards Your Data

  • Detects threats in FileCloud accounts: Using advanced data science and machine learning technology we analyze the user activity and identify risks that pose a threat to your business data.
  • Protects data in FileCloud accounts with Smart DLP: Protect your business data in FileCloud with the same policy frameworks and workflows that your company uses across your organization.
  • Network control and flexibility in inter-operability: Empower organizations to limit the use of unauthorized personal accounts on networks while allowing access to company-managed accounts using access control settings.
  • Detects risky user activity: User activity Analytics identifies potentially risky user activity and enables automated policy controls to secure your business data and accounts.
  • Powerful encryption technology to protect user data:  Protecting your organization data with automated policies and encryption to prevent accidental or malicious sharing of data.
  • 360 ° analysis of user activity: Quickly assess activity that may impact your FileCloud accounts with detailed information and extensive log filtering capabilities.

Advantages of FileCloud’s Data Leak Prevention:

  • Data protection from external and internal threats: DLP can detect files that contain confidential data and prohibit them from leaving the network. The sensitive data transfers can be instantly blocked using Smart DLP in case of a data breach. Apart from this, DLP policies also provide for quarantine or encryption of data in real-time in response to events.
  • Auditing capabilities and compliance with regulations: Accountability in terms of collection, storage, and sensitive data needs a mechanism for the compliance and auditing capability fills that gap. Consequences of non-compliance can include fines or complete cessation of business operations. DLP sought out a path that provides control, policy template, automate compliance, and the collection and reporting of metrics.
  • Forensic data and E-discovery: DLP technology allows for capturing and archiving of evidence for forensic data analysis. Monitoring via DLP can include email, instant messaging, keystrokes, documents accessed, and application used. Also, in case of a lawsuit or investigation, the forensic data can be used as evidence when data is sought in electronic format.
  • Automate corporate governance: DLP capabilities help you in the enforcement and automation of corporate policies and processes. This can bring in technical and organizational efficiencies, promote compliance, and bring in transparency in information governance. Automate corporate governance enables for selecting an appropriate policy template on your system that will help in bringing in more accountability.
  • Complementary data controls: DLP comes with complementary data controls such as data classification and data tagging, encryption, security information and event management, and incident response system. These features ensure that your complete data is safe on the cloud storage system. Complementary control along with DLP ensures that no data is accidentally exposed. DLP can monitor data in transit, at rest, and ensure that it is safeguarded and protected.

Use Case: Limiting the Web login to a Specific Group of Users

With FileCloud’s Smart DLP you can limit certain external users to log in only through a web interface and no other means for accessing the account. You can create a Smart DLP rule that allows login to FileCloud account through a web browser only. These rules are easy to implement and provide flexibility in the security of the data. FileCloud’s Smart DLP is your goto solution for making the cloud ecosystem more transparent, accountable, and protected.

Top 10 File-Sharing Solutions in 2020

Top File Sharing Solutions

In our age of information, most modern enterprises have started to move towards the digitization of data. Never have there been quite so many enterprise file-synchronization and sharing (EFSS) solutions available on the market — and while a wide range of choice is always good, it also makes it much more difficult to choose the perfect solution for your organization. 

After all, investing in a solution that offers either too little or too much functionality can cost you valuable time, money and resources. And no one wants that! As such, we’ve put together a list (in no particular order) of great EFSS solutions for your consideration, so that you can pick the one that offers all the features your enterprise might need, while remaining affordable and within your price range. 

Our Criteria

Naturally, being one ourselves, we have compelling opinions about what makes a fantastic EFSS solution. Here are the factors that we’re taking into account when choosing our list of Top 10 Enterprise File Sync and Sharing solutions on the market:

  • Pricing: Shelling out the big bucks doesn’t always mean you’re getting the best solution. Aside from the base price, making sure a solution offers the features that you need (for example, unlimited client accounts) could save you tens of thousands of dollars in the long run.
  • User Interface: What good are all the features in the world, if you and your team can’t figure out how to use them — or worse, if they’re hidden in so much clutter that using them feels more like a chore than a convenience?
  • Data Governance & Compliance: If your organization regularly handles sensitive data, you might be familiar with data governance policies, such as HIPAA or GDPR. A good solution helps you comply with these policies and avoid hefty legal fines by offering granular file-access, user policy management and data residency.
  • Data Security: Features like remote data-wiping, encryption in-transit and at-rest, Data Loss Prevention (DLP), Two-Factor Authentication (2FA), and alert notifications help keep your data in the right hands, even when devices are stolen or lost. That’s pretty important!
  • Integration: More than likely, you and your team uses Microsoft Word or Google Docs as your main word processor. Perhaps you send your emails via Outlook. A good EFSS solution integrates with popular office programs such as Microsoft Office 365, Google Drive and Outlook, so that your workflow stays uninterrupted.
  • APIs: Besides integrating with commonly used programs, the ideal EFSS solution should offer a wide range of APIs so that it can work and interact with the software that your team uses.
  • Customization: When your team, customers, partners and vendors access your files, do you want them to see the EFSS solution’s logo plastered across everything, or do you want to be able to label your portal with your own logo, assets and branding?
  • Mobile & Remote Access: You might not have constant access to your office computer, or even your laptop, but most of us always keep our phones around.
  • Administrative Tools: A great EFSS solution doesn’t just make it easier to collaborate and share files, but also to manage your team. An admin panel for you and your sysadmins to manage user policies, view real-time performance reports and a centralized device dashboard, plus other security tools, is a must.
  • Collaborative Tools: As more and more enterprises move to remote work, we believe that it’s not enough for modern EFSS solutions to simply store files, but also to provide tools for easier, more efficient team collaboration. These include common team folders for remote teams to share files with each other, the ability to comment on files and send messages to each other while working.
  • Identity Management: This means integration with standard enterprise identity solutions, such as Active Directory (AD) and Single Sign-On.
  • Virtual Drive: The ability to mount remote files as local files, so that data is only downloaded when they are being accessed and edited. This means a lot less memory usage on your part, and tons of space saved on your hard drive.
  • Content Management: A good file-sharing solution offers file-versioning, metadata classification, user policy management and light workflows for the easier management and organization of your team’s hard work.

Now that we’re on the same page about what the perfect EFSS solution looks like, without further ado, let’s move on to what you’re here for: the list!

1. FileCloud


  Pricing: FileCloud Online: $10/user/month (Standard), $15/user/month (Enterprise) || FileCloud Server: $4.20/user/month | FileCloud Server: Contact for Quote

✓  Storage: FileCloud Online: 1TB out-of-the-box, +100GB/user  (Standard), +200GB/user (Enterprise)  || FileCloud Server: Unlimited

✓  Security: FileCloud is compliant with all the most stringent data governance policies, such as HIPAA and GDPR. Encryption at rest and in transit, 256-bit AES encryption, granular file-sharing, password-protected, public and private shares.

✓  Features: From deployment models to unlimited client accounts, branding capabilities and more, FileCloud is filled with incredible enterprise-level features.

Naturally, we’re proud of our own product and firmly believe FileCloud to be one of the most powerful and affordable EFSS solutions on the market. FileCloud offers on-premise, public and a unique hybrid cloud deployment model. This deployment flexibility separates FileCloud from its competitors, and ensures that your team can enjoy the benefits of both on-premise and cloud storage systems — read more on our hybrid infrastructure here.

Our pricing is also one of the most affordable on the market, while offering larger storage plans, better enterprise-level features, and unlimited FREE external client accounts — all great for your wallet and your ROI. Feature-wise, we consider seamless, remote access to your data as the bare minimum that a good file-solution should offer. Collaborative and content management tools, a comprehensive admin panel, plus infinite customization options are all features that ensure not just your team, but also your clients and sysadmins get in on the enhanced EFSS experience.

Last but certainly not least, FileCloud is compliant with most data security governance policies, meaning that you’ll never see your organization’s good name tainted in headlines labelled with “Security Breach” or “Data Leaks”. Plus. it’ll save you tons on the fines and fees that’ll rack up if you go with a less-secure option.

Affordable, no paywalls, money/time-saving featuresUnfortunately, FileCloud isn't an open-source software.
Compliant with all data security governance policies With all these features, FileCloud's UI can get a bit complex for beginners and laymen
Integration with most common office softwares, APIs

2. Google Drive: GSuite

How to Find Anything in Google Apps - The Ultimate Guide to G ...

  Pricing: Free Plan: Free | Basic Plan: $6/user/month | Business Plan: $12/user/month | Enterprise Plan: $25/user/month

✓  Storage: Free Plan: 15GB | Basic Plan: 30GB | Business & Enterprise Plan: Unlimited, or 1TB / user if less than 5 users

✓  Security: Encryption in transit; no option to encrypt individual documents. Multi-factor authentication.

✓  Features: Google Drive comes with powerful, recognized collaborative tools, such as Google Docs, Sheets and Slides.

Having quickly risen in popularity over the past couple of years, Google Drive is now a powerful file-sharing solution on the market. A file storage and synchronization program created by Google, it’s best known for its collaborative capabilities via Google Docs, Sheets and Slides, which offer real-time collaborative editing of documents, spreadsheets and slides respectively. 

The solution’s enterprise plan, GSuite, comes with a similarly clean and intuitive UI, as well as integration with popular enterprise softwares such as Autodesk, Salesforce, and more. Apart from this, Google Drive for Business offers unlimited cloud storage, access from any device, offline file access, includes apps like Gmail, Google Keep, Google Sites, as well as enterprise-grade access controls, e-discovery for emails, chats and files.

However, reportedly, users have encountered frequent connectivity and syncing issues while using Google Drive. Plus, while Google Drive has fairly beefy data security with encryption in-transit and at-rest, human error on part of the developers has led to security issues, such as when Google Photos started sending private videos to strangers

Strong team collaborative toolsHas had major security issues through developer error
Clean mobile and desktop softwareOn the pricey end: $30,000 for 100 users/ year
Allows offline mode and offline file-editingKnown occasional syncing issues

3. Dropbox

Dropbox -

  Pricing: Basic Plan: Free | Plus Plan: $11.99/user/month  | Professional Plan: $19.99/user/month

✓  Storage: Basic Plan: 2GB | Plus Plan: 2TB | Professional Plan: 3TB

✓  Security: AES 256-bit encryption for data at rest and AES 128-bit encryption for data in transit; however, known past security issues

✓  Features: Unique “Paper” and “Showcase” features: basic “Notes” and “Portfolio” app respectively

Of course, we’d be remiss to not mention Dropbox in a file-sharing solution comparison post. With its clean, intuitive UI and easy-to-use features, Dropbox has become a well-known, household name in terms of file storage. Dropbox also offers password-protected links, integration for Office 365 and Google Drive, and strong administrative tools. However, while it certainly has its pros, we feel strongly that there are better enterprise-level file-sharing solutions — and here’s why. 

Due to the system’s popularity, it’s always been a popular target for hackers. Even now, it doesn’t offer local encryption. Their customer service certainly leaves more to be desired, as seen from their lack of 24/7 customer support.

And above all that, despite having fewer features than many enterprise-level solutions out there, Dropbox is far from the most affordable on the market, especially with their 5-user minimum. Plus, with their measly 2GB- free storage and paywalls for unlimited storage, it certainly feels like the solution is out to milk their users dry.

Clean mobile and desktop applicationsDisappointing 2GB starting storage space
Automatic synchronization of files and foldersFrequent past security issues
"History" feature allows access to past versionsPricier end of things, 5 user minimum

4. Box

Cloud Storage Services for Business Use -

  Pricing: Box Starter: $5/user/month | Box Business: $20/user/month | Box Business Plus: $33/user/month | Box Enterprise: $47/user/month

✓  Storage: Box Starter: 100GB | Box Business: Unlimited | Box Business Plus: Unlimited | Box Enterprise: Unlimited

✓  Security: A regulatory-compliant Zero-Knowledge Provider. Tools to manage user perms and customer-managed encryption keys.

✓  Features: Secure collaborative and project-management tools, as well as rule sets for work-flow automation

While perhaps less of a household name than Dropbox, Box, founded in 2005 and based in California, is also an incredibly strong contender on the EFSS market. With tools that integrate with other services, like Google Docs, Box also goes above and beyond in offering custom branding capabilities and letting users create a professional appearance for their organization.

Plus, Box’s security is nothing to scoff about, being a uniquely zero-knowledge provider and offering tons of options for encryption and user management.

Unfortunately, with their heavy local encryption, Box transfers tend to get slow — something that could impede or even cripple the seamless remote workflows that have become the norm today. Box also does not offer any options for on-premise or self-hosting, nor local storage, and does not perform end-point backups. Plus, while it certainly provides tons of enterprise-level features, it’s also significantly pricier than almost any solution on the market.

Platform-independent, apps for most major devicesMore expensive than most competition
Secure, regulatory-compliant solutionLocal encryption can slow file transfers
Tons of features, intuitive to useNo on-premise or local storage

5. Egnyte

Egnyte Business Review | PCMag

  Pricing: Office Plan: $8/user/month | Business Plan: $20/user/month | Enterprise Plan: Contact for a quote

✓  Storage: Office Plan: 5TB | Business Plan: 10TB | Enterprise Plan: Scales with your needs

✓  Security: Standard encryption, includes user and group access permissions

✓  Features: What stands out most with Egnyte is their great auditing system which timestamps user activities, plus a robust access permission system.

Egnyte has recently become one of the leading choices for enterprises, claiming to have been designed with businesses in mind. Egnyte provides the branding capabilities to customize logos, URLs and message headers, providing a more professional look. In addition to useful sharing and collaborative features, Egnyte also provides great security features, such as intuitive access permissions and encryption. It also integrates with most operating systems and devices. 

Unfortunately, there have reportedly been frequent sync/network problems with the solution. While robust in features, Egnyte provides little documentation for these features — combined with poor customer service, creating a steep learning curve for their product. There are also paywalls for features such as audit reports and storage sync, for an already-relatively-high price tag.

Great security measuresMore expensive than most competition
Robust user and group permissionsNo Linux support
Custom branding capabilitiesReported network and sync issues

6. OneDrive

Microsoft updating OneDrive with better web UI and sharing options ...

  Pricing: Business Plan 1: $5/user/month | Business Plan 1: $10/user/month | Microsoft 365 Business Basic: $5/user/month | Microsoft 365 Business Standard: $12.50/user/month

✓  Storage: All Plans: 1TB – extra storage space can be purchased separately for up to 1TB/$9.99/month

✓  Security: Standard encryption, file-locking, paywalls for SSO/SAML Authentication

✓  Features: Advanced sharing, mobility and security. Heavy integration with Office software.

Microsoft OneDrive is a file hosting service and synchronization service operated by Microsoft as part of its web version of Office. Naturally, this Microsoft-based solution heavily integrates with Office 365 programs that most teams use, such as Microsoft Word, Excel and Powerpoint, as well as Outlook, which is a huge plus. Certain plans even grant access to said software. It also provides encryption at rest and in transit. Overall, it has robust features that make it a strong solution, as expected from Microsoft.

Unfortunately, data privacy issues have surfaced time and time again with large corporations, and OneDrive is no exception. When using this solution, Microsoft can scan your files for “objectionable content”, stating that file security cannot be guaranteed for said content.

Integration with Office 365 programsFile-size limit of 10GB
Provides file-versioning featuresNo on-premise / self-hosting options
Great security measuresSecurity measures locked behind paywalls

7. OwnCloud

ownCloud Phoenix - rebirth of the ownCloud user interface – ownCloud

  Pricing: Standard Subscription: $3,750/50 users/year | Enterprise Subscription: $9,000/50 users/year | Custom Subscription: Custom pricing for 10,000 users and above

✓  Storage: Unlimited Self-Storage Space

✓  Security: Standard Encryption, Multi-Factor Authentication, NTFS Support

✓  Features: Custom branding, open-source customizability, local storage options

ownCloud is a reliable file sharing infrastructure with a client-server architecture, allowing users to setup a complete private file-sharing service with data encryption server side while avoiding popular public ones like Google drive or Dropbox. An open source solution, it offers rich features and the ability to use on-premise / self-hosting.

However, most potential users balk at the massive price tag of $9,000/50 users/year — even if you divide that into per user per month, it’s still pretty hefty — especially compared to available file solutions that have the same features while staying at 1/4 of that price! Due to being open source, there’s also a lack of a strong support system, and poor documentation. It also doesn’t offer endpoint backup, nor granular subfolders.

Feature-rich, open sourceRelatively high cost
Support for local storage and on-premiseNo endpoint backup or granular subfolders
Work across all popular operating systemPoor support and documentation

8. Citrix ShareFile

Localized ShareFile WebUI available | Citrix Blogs

  Pricing: Standard Plan: $55/5 users/month | Advanced Plan: $85/5 users/month | Premium Plan: $135/5 users/month | Virtual Data Room Plan: $375/5 users/month

✓  Storage: Unlimited Storage Space

✓  Security: Standard encryption and SSL/TLS. Recovery sites in both the US and EU.

✓  Features: Collaborative and productivity-enhancing tools, custom electronic signature tool. File-versioning features.

Sharefile is Citrix’s enterprise-class cloud storage solution, and they’re well-known in the commercial software and service industry. Notable features of Sharefile include an auditing system that generates activity reports, integration with Single Sign-On, download alerts, and two-factor authentication. This cuts down on the amount of time it would take to print out a document, sign it, and scan it to the cloud.

Unfortunately, despite their generous offer of unlimited storage, they do have a file size limit. The solution itself doesn’t support Linux. Plus, with a standard plan starting at $55, paywalls for features and their enforced 5-user pricing plan, it’s safe to say that Sharefile isn’t the most affordable solution for smaller organizations. Reportedly, Sharefile’s licensing plans are also misleading.

Great security measuresFile-size limit of 10GB
Provides file-versioning featuresNo Linux support
Simple to use, clean user interfacePricey, misleading licensing plans

9. NextCloud

Nextcloud 16 introduces machine learning based security and ...

  Pricing: Basic Plan: $2,136/50 users/year | Standard Plan: $3,823/50 users/year | Premium Plan: $5,510/50 users/year

✓  Storage: Unlimited Self-Storage

✓  Security: Standard Encryption, SSO, SAML Authentication, 2FA, File-Locking

✓  Features: On-Premise and Cloud file-hosting, large file support, local storage support, OS compatibility

While NextCloud is a free, open-source software, NextCloud Enterprise comes as a powerful, pre-configured EFSS solution that takes some of the guesswork out of configuring their free, alternative solution. It certainly totes the basics expected of any EFSS solution, such as audit logs, a desktop sync client and user management, and has great security with end-to-end encryption.

Unfortunately, similar to ownCloud, which NextCloud was a spinoff of, the open-source software can come with a lack of support and documentation. As such, many deployments, updates and bug fixes fall to you and your team — wasting precious time that could have been used on other productive activities.

Strong collaborative featuresLack of support and documentation
Good security measures, with encryptionSelf-dependent for updates
Compatible with common operating systemsOn the pricier end of things

10. Syncplicity

Syncplicity Cloud Storage Service Review | Cloud Storage Advice

  Pricing: Personal: $5/user/month | Business: $5/user/month | Enterprise: Contact for quote | Government: Contact for quote

✓  Storage: Personal: 100 GB | Business+: 300GB

✓  Security: Standard encryption in-transit and at-rest, SSO, 2FA

✓  Features: Hybrid solution, remote access and mobility

For a solution that’s much less popular and well-known, Syncplicity offers a surprising punch with their rich features, hybrid hosting options, great security, file restorations and backup. In addition, good things have been said about their customer support, with online chat and a 24/7 phoneline. 

At a price of $60 for even the lowest personal plan and a whopping minimum of 25 users, Syncplicity is far from the most affordable solution on the market. Syncplicity also doesn’t support customer-managed keys. Plus, Syncplicity uses a traditional interface — great for the early 2010’s, but perhaps not the most modern for today’s standards.

Hybrid file-hosting solutionHigh user minimum, expensive
Great customer service, 24/7 supportNo user-managed encryption keys
File restorations and automatic backupLow storage - 300GB

Protecting Remote Work Data From Cyber Threats

The COVID-19 pandemic has created many challenges for enterprises across the world who have adopted remote work culture full time. Certain statistics out in the public domain suggest that working-from-home culture is not new to many organizations. Across the world, many organizations were already following this, either fully or in parts. Many employees have had the flexibility to work from home at least once a  week or so. Of course, there are many sectors where this would not be true, but in most IT and enabled sectors, this certainly holds true.

What has changed though with the COVID-19 crisis is the choice to work from home or office. Many governments across the world have made it mandatory that organizations provide work from home options to their employees, wherever applicable. Thus, the COVID-19 situation has resulted in a great jump in the remote work statistics, as compared to a few months back. While for a few companies, it was just a matter of institutionalizing their already existing work from home policies, for many others, it meant exploring options to make it possible. Either way, business continuity plans of enterprises are changing, to include considerations and challenges around the remote work culture.

The Statistics

A State of Remote Work 2019 survey published by OWL Labs based on respondents in the US, suggests that ‘54% of respondents work remotely at least once per month, 48% work remotely at least once per week, and 30% work remotely full-time’. The survey covered respondents across all levels of people like individual contributors, team managers, consultants, directors, VPs, and more. It also covered industries like Healthcare, Education, Retail, Financial Services, Manufacturing, Technology/Internet, Government, Hospitality, and more.

Considering the scenario of last year, it is safe to assume that these numbers would have jumped by leaps and bounds owing to the COVID-19 situation. And it would be the same across the globe, as governments are trying to curb the spread of the disease by minimizing the people to people contact. Workplaces with centralized air conditioning were a cause of major worry as chances of one person infecting many others were high. So, it appears as if remote work is here to stay and all challenges around it need to be addressed by the organizations, on priority.

The Challenges

Almost all issues surrounding the remote work mode are about security. Within secure corporate environments, data is protected by means of necessary precautions put in place. So, there is not much onus on employees to worry about the security aspect. Since they will be working with company-issued laptops, that will have company authorized software that also includes security aspects, there is a sense of safety. This scenario changes drastically when the employees start working remotely, as they could be working from home or elsewhere.

Problems range from using public Wi-Fi, not being aware of scams and phishing that happen in the cyber world, and a simple thing like just leaving your laptop open when moving around. Issues come in the form of a snooping housemate, to cyber attack experts who will be on the prowl. It is assumed that people working from home will be slightly lax on the security front, (knowingly or unknowingly) and they will take their chances.

Why is Cybersecurity Important?

Cybersecurity is of prime importance, and many organizations have learned this at a great cost. According to a report published in the Cyber Defense magazine quoting multiple sources, 43% of the cyber attacks were targeted at small businesses. 31% of organizations have experienced cyber attacks on operational infrastructure and malware is the most common type of cyber attack. The same report further states that the annual cost of cybercrime damages is expected to hit $5 trillion this year (2020).

A very interesting statistic put up here is that 95% of data breaches have causes attributed to human error! This is why awareness training for employees is important. Hackers are certainly becoming better at identifying and manipulating vulnerabilities in IT systems. This has also lead to an increase in cybersecurity budgets of organizations, and in the current situation perhaps, more so.

The Organizational Changes

From an organizational point of view, it is important to ensure that every employee working remotely is made aware of the risks involved.  Comprehensive training covering all aspects, including probable cyber threats and how they happen, should be conducted. Also, it is important to make people aware of the consequences, so that maximum caution is applied while working remotely. The IT environment should be strengthened in such a way that people can work from elsewhere securely.

All end-point devices should be safe, should be monitored for any mischievous activity, and the device and identity should be protected to make sure misuse cannot happen. Multiple factor authentication using strong passwords, 2FA, etc. should be adopted. If the enterprise is already using Cloud services, then the security policies may be revisited to ensure all necessary compliances are in place. Also, in such cases, employees should be given access to collaboration and office productivity tools to make sure all communication remains within the gambit of defined security measures.

The Suggestions

There are some simple steps that can be taken to ensure a reasonably good level of security for remote work. The main among these perhaps is something that most organizations would have already put in place. This is to ensure anti-virus software on employee laptops. Depending on the mode using which the employees access the corporate network, this can ensure the basic security at the end-point.

An important thing to remember is to ensure updates of anti-virus or any other security solutions across. These solutions are being updated to detect more vulnerabilities on a day to day basis. Hence, unless the updates are synced across the organizational devices, the benefits won’t be seen. Public Wi-Fi or even the home Wi-Fi can be easily hacked. Using public Wi-Fi should be avoided totally and home Wi-Fi should be protected with strong passwords that are changed often. The Wi-Fi settings should be changed to enable the highest possible encryption.

Using VPNs may be a good option to ensure a secure connection to the corporate resources. Since every enterprise is dealing with confidential information exchange, the laptops should never be left unattended and open. Breaches have and can happen unintentionally by this simple oversight also. Employees should be trained to follow all corporate communication policies and should only use official communication channels. No local copies of documents and reports should be maintained unless absolutely essential and permitted to do so.

Another safeguarding measure that employees should adopt is to report any untoward activity, mail, or suspicious documents and links, immediately to the IT/security department. This can ensure any breach is caught immediately. One of the alarming aspects of breaches has been that it is usually too late (as much as six months) by the time they are reported and found. Employees being aware and vigilant can contribute a lot to the organizational security policy.

In conclusion, a secure IT environment with aware and empowered employees, and good supporting security and collaboration tools can ensure protection from cyber threats.

Reference for the Suggestions:

Secure Client Portal for Sensitive Business Data

While the internet and the related technologies enabling collaboration and client outreach opened up tremendous possibilities, it also introduced its own challenges. In today’s day and age, it’s almost vital for businesses to operate on a 24/7 basis to ensure availability and convenience for their customers. Plus, with more and more businesses transacting online, more and more digital information is being shared and stored.

Naturally, this also means that the issue of data misuse, breaches, loss of information, or cases of fraud and phishing, also started happening. Hence, businesses started looking out for a secure option with which sensitive business data could be shared online, without having to worry about security issues. Secure client portals were the answer to this solution, especially for businesses that constantly handle highly sensitive data.

What is a Secure Client Portal?

As the name suggests, it is a portal that enables safe and secure communication between businesses and its customers; for example, banks offering online transactions, or any business obtaining sensitive information to transact with their customers. The usage of a secure portal ensures that the customers feel at ease sharing their personal and confidential information, knowing it is going to be dealt with, considering its sensitive nature.

While customers are granted access to the secure client portal and feel a sense of security transacting through it, it is also true that each customer would only be granted access on a need basis. So, no customer can access any other customer’s data as the permissions for the same will be restricted in a secure client portal. Each customer’s business data is treated with equal care and sensitivity, and hence, privacy and security are maintained to the maximum possible level, using secure gateways. Simply put, secure client portals are a way to collaborate efficiently, in a completely secure environment.

It is obvious, then, that a secure client portal can indeed solve the aforementioned challenges of online data management. However, apart from security, these portals do offer a few other benefits that businesses and their customers can leverage upon.

High Availability

The convenience of being able to access the portal any time, from anywhere, using any browser or device, is a massive benefit that secure client portals offer. FileCloud offers this via its  High Availibility architecture. Based on their permissions, they can access any file, or information, can download, work, and share files at ease. This ensures a 24/7 availability and also minimizes the inconvenience of time zone differences, enabling seamless employee collaboration over even international borders.

This would also result in increased productivity for the business, as the work happens faster, more seamlessly, and can be seen by necessary stakeholders through their secure logins. Time is money in today’s rapid business scenarios, and in turn, your customers will quickly realize that they are saving on time and money.

Improved Client Experiences

By creating branded client portals, businesses can engage more easily and confidently with their clients. This will lead to better client relationships through improved client experiences. Faster transactions are also a good way to enhance client experiences. After all, it’s not uncommon for today’s folk to shy away from calls, chats, and emails — not to mention the risks of sharing sensitive information through chat and email.

Secure client portals solve this problem by enabling file and information sharing easily with the requisite permissions to ensure work is done. Highly customizable features with complete ownership and management of data, make secure client portals a wise choice for companies that regularly handle files and information of highly sensitive nature such as invoices, purchase orders, legal documents, financial statements, tax returns, and personal and payment-related information.

Of course, anyone can tell you that improved customer experiences mean greater customer retention, as well as an influx of new customers from word of mouth. These are the intangible benefits that gained from the usage of secure client portals. Today, many industries admit that secure client portals have revolutionized their services and have helped them raise the bar.


In the long run, secure client portals can bring down your cost of operations by a considerable amount. This is especially true if you decide to go with cloud service providers, instead of setting up a client portal of your own. Cloud providers are bound by the regulations and compliances to provide the requisite security as per agreed standards. Based on the flexibility offered by them and the nature of your business, it’s likely that you could negotiate a reasonable deal with these providers that could greatly benefit your business at an affordable investment. When considering considering all the delays, collaboration or customer issues that otherwise keep cropping up, not to mention the hassle of compromised security, secure client portals based in cloud services could greatly maximize your ROI.

FileCloud lets you run your portal under your own business domain and offers unparalleled custom branding capabilities. Create a secure client portal for file sharing in minutes using FileCloud.

What is a Record? What is Records Management?

Record is a document or content that an organization need to keep as an evidence for an important transaction, activity or a business decision for regulatory, compliance and governance purposes. Not all documents are Records. Only a subset of documents that an organization need to preserve as an evidence are called as Records.

What is Records Management?

The ISO 15489-1: 2016 standard defines records management as “the field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records, including the processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records”

What is Records Retention Schedule?

A records retention schedule is a document that identifies and describes an organization’s records and the lengths of time that each type of record must be retained. To give and idea ,the following section shows the general record keeping requirements of Texas State for statutory purposes. Every organization can have thier own set of record keeping requirements and records retention schedule which are dictated by industry and government compliance requirements.

      Wage and hour laws (FLSA) – while some payroll records need be kept only two years, most must be kept for at least three years under the federal law (FLSA); to be safe, keep all payroll records for at least three years after the date of the last payroll check.
      Unemployment compensation – keep all records relating to employees’ wages and other compensation, as well as all unemployment tax records, for at least four years.
      Family and Medical Leave (FMLA) – keep all payroll, benefit, and leave-related documentation for at least three years after conclusion of the leave event.
      I-9 records – keep all I-9 records for at least three years following the date of hire, or for one year following the employee’s date of last work, whichever point is reached last.
      New Hire reporting – report all new hire information within 20 days of hire.
      Hiring documentation – under EEOC rules, all records relating to the hiring process must be kept for at least one year following the date the employee was hired for the position in question; if a claim or lawsuit is filed, the records must be kept while the action is pending.
      Disability-related records (ADA) – keep all ADA-related accommodation documentation for at least one year following the date the document was created or the personnel action was taken, whichever comes last.
      Benefit-related information (ERISA and HIPAA) – generally, keep ERISA- and HIPAA-related documents for at least six years following the creation of the documents.
      Age-discrimination documentation (ADEA) – keep payroll records for at least three years, and any other documents relating to personnel actions for at least one year, or during the pendency of a claim or lawsuit.
      OSHA records – keep OSHA-related records for at least five years.
      Hazardous materials records – keep these for at least thirty years following the date of an employee’s separation from employment, due to the long latency period for some types of illnesses caused by exposure to hazardous materials.
      State discrimination laws – keep all personnel records for at least one year following an employee’s last day of work.
      IRS payroll tax-related records – keep these records for at least four years following the period covered by the records.

In the financial industry, Registered broker-dealers are subject to a variety of record-keeping requirements enforced by the U.S. Securities and Exchange Commission and self-regulatory agencies such as the Financial Industry Regulatory Authority (FINRA). SEA Rules 17a-3 and 17a-4, specify minimum requirements with respect to the records that broker-dealers must make, how long those records and other documents relating to a broker-dealer’s business must be kept and in what format they may be kept. FileCloud’s Financial Services Compliance white paper shows the retention periods of various records that Registered broker-dealers need to preserve as per FINRA rules.

How FileCloud can help you in managing your enterprise records?

FileCloud offers powerful record management and governance features that allows organizations to create flexible retention and archival policies to meet any compliance requirements. The following screenshots show how one can create retention schedules for different types of records.

Retention Policies

Create Retention Policies

digital workspace