Private Cloud File-Sync-and-Share for Data Leakage Protection

Organizations choosing file-sync-and-share solutions are presented with many options. Buyers and sellers are inquiring with DCIG about “Enterprise Dropbox” options. A popular request is what to look for when selecting a solution. Enterprises and consumers require enhanced features beyond the ease of use and standard consumer capabilities; they require something that these public cloud solutions cannot deliver – security and control.  

Baseline requirements for a private file-sync-and-share solution include support for mobile applications and cloud storage. Organizations are looking for a file-sync-and-share solution that resides behind a corporate firewall. But that is only the first step towards enterprise readiness.

Organizations add security requirements such as encryption, automated access logging, monitoring, and reporting. Organizations must have scalable account provisioning and management, including account deactivation.

It is common for file-sync-and-share solutions to give access to a file via a public link. Public links are great for non-confidential data, but what about data that should not be shared, or shared broadly?

Products ready for private cloud file-sync-and-share should support both end user and administrator right to restrict sharing. Companies selecting MezeoFile are provided those options:

•    Secure Container
•    Secure Share
•    Share Expiration

Secure container
is the ability for administrators to restrict data sharing. An administrator cannot be responsible for managing access to all user created data.  However, there are some files that are known to be confidential, such as information for the Board of Directors. An administrator can establish a secure container that cannot be shared externally.  Only users with permission may collaborate on files stored in the secure container.

Secure share allows a user to share a document to one or more persons. The person then uses their email address and a password to access the file. Requiring user names and passwords mitigates wide disbursement of data.

Share expiration is the ability to limit how long shared data is available to a shared data user. It is an easy requirement to overlook for organizations considering private file-sync-and-share products because it is not widely available.  If an organization chooses a product that doesn’t offer it, you’ll find users requesting it in short order. For example, in April 2012 users of Dropbox were asking for this feature.

Enterprise end users require the ability to expire publicly shared data to partners and customers.  Because of this enterprise need, the MezeoFile product includes this functionality in its version of file-sync-and-share product, available with the MezeoCloud platform.  MezeoFile users can set expiration for the shared file at the time that they share it, in addition to granting read only or read/write access.

MezeoFile Secure Share ExampleFigure 1: MezeoFile Secure Share Example

In figure 1 you can see MezeoFile web application at work. Expiration sets the specific time frame users are allowed access to shared data. As a part of this writing, DCIG tested the basic end user functionality.

DCIG performed the following actions on MezeoFile’s demonstration system (invitation required):

•    Logged in with enterprise account (success)
•    Changed password (success)
•    Single file and (beta) bulk uploaded files (success and success)
•    Shared data to shared account (success)
•    Logged in with shared account (success)
•    Review Mezeo Shares to Me with shared account (success)
•    Deleted uploaded data from enterprise account (success)
•    Recovered deleted data from recycle bin (success)
•    Commented on data as enterprise account (success)

At DCIG we agree secure containers and link expiration are required for enterprises. Because MezeoFile supports secure containers, secure shares, link expiration and account provisioning, large enterprises should evaluate the product. MezeoFile ensures end users can limit how long shared data is accessed and administrators can review who is accessing it.

Click Here to Signup for the DCIG Newsletter!

Categories

DCIG Newsletter Signup

Thank you for your interest in DCIG research and analysis.

Please sign up for the free DCIG Newsletter to have new analysis delivered to your inbox each week.