With the on-going fallout of the WannaCry ransomware attack, one of the biggest questions being asked is, how do I not become a victim of such attacks? With more than 230,000 computers in 150 countries affected, the scale of that attack was almost unprecedented. Yet, today's IT professional is still stuck in the middle of a file sharing tug of war. One side has the end-users who want the improved productivity that mobility and collaboration promises. The other side consists of corporate governance that wants to eliminate data breaches and improve data protection
Ending the tension between the two apparently conflicting sides of this tug of war involves striking a fine balance between achieving the business goals of one side while putting in place the protection and governance of the other side. This is easier said than done but, to solve the conflict and remove the tension, there are five vital attributes that enterprises can put in place to create file security in the cloud and achieve file sharing and storage peace. These five must-haves should not be viewed in isolation but instead, all should be seen as the core ingredients toward achieving total file security in the cloud.
1. Controlled encryption
The first attribute is the ability to provide controlled, latency-free, end-to-end encryption. This is so important because most solutions on the market claim to offer encryption but often it's not end-to-end, it adds latency and therefore impacts performance negatively. In addition, and perhaps most importantly, the provider often owns the keys, limiting the enterprise's control.
There is a middle ground that involves hardware security models where the enterprise can manage all the hardware and keys and ensure all the encrypted data on the public service they utilise is encrypted using those keys and only the owner can decrypt them.
2. Data residency
The next of the five must-haves is 100 percent control of data residency. This has become a significant issue as national and regional regulations are put in place and it has become increasingly important for organisations as to which nation the data centre is in. This is hard to control when the enterprise doesn't own the storage but the issue is widely understood by service providers.
A sound recommendation is for an organisation to own the storage or have strict control over its placement. Agility is paramount here because regulation is constantly evolving.
3. Authentication of internal collaborators
The third must-have attribute is the need to put advanced authentication in place for internal collaborators. Passwords were made to be broken or hacked so two-factor authentication is the recommendation.
4. Authentication of external collaborators
The fourth must-have is closely related to the third but enabling authentication of external collaborators clearly has greater risks. Collaboration with outside contributors is a way of life now and almost everyone works with partners, customers and suppliers; sharing data is critical for the success of businesses. IT therefore needs to have oversight and control of who is sharing with whom, what is being shared, how long it has been shared for and how shares or sharing permissions can be removed when needed.
Setting strong policies for external collaborator authentication and achieving that complete view of permissions is critical to achieving security.
5. The user experience
The existence of such easy-to-use, free file sharing services, the growth in user collaboration needs and the behavioural change among users poses a huge risk to an organisation's sensitive data that has the potential to have severe impacts on an enterprise's business. Alternative, enterprise-controlled means of secure file sharing must therefore offer advantages over what they're currently using so as to incentivise them to switch.
Organisations need to offer more than secure file sync and share to fully secure workplace collaboration.
These five must-haves are not an exclusive list for achieving total file security in the cloud but they all go together as essential enablers so IT can make both sides of the IT organisation happy while at the same time making its job easier.
Contributed by Tom Grave, VP marketing, CTERA Networks
*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.