FTC Warning on Sharing Files in the Cloud

March 26, 2013

As part of a research project I’m doing on data breaches, I came across some great practical advice about file sharing in the cloud, courtesy of the Federal Trade Commission. By the way, the FTC also has  extensive information on security incidents. In any case, this 2010 report warns businesses to carefully review the risks of sharing data outside the corporate intranet via cloud services.

The FTC reminds medical and financial organizations that they are under special obligations to protect social security and bank account numbers, healthcare data, and other personal information.  But any business that has PII that can potentially leak out of their IT infrastructure will find their guidelines very useful.

It’s not that the FTC is against external data sharing in the cloud—which they refer to in the report as P2P file sharing—but they ask companies to consider the risks. Here’s a key section that nicely summarizes the drawbacks:

People who use P2P file sharing software can inadvertently share files. They might accidentally choose to share drives or folders that contain sensitive information, or they could save a private file to a shared drive or folder by mistake, making that private file available to others. In addition, viruses and other malware can change the drives or folders designated for sharing, putting private files at risk  … Once a user on a P2P network downloads someone else’s files, the files can’t be retrieved or deleted. What’s more, files can be shared among computers long after they have been deleted from the original source computer …

And for those companies that do use P2P, the FTC suggests a few measures to improve security:

  • Bring the P2P software in-house and only give access to authorized users
  • Delete sensitive information you don’t need, and restrict where files with sensitive information can be saved
  • Use appropriate file-naming conventions that are less likely to disclose the contents
  • Monitor your network to detect unapproved P2P file sharing programs

If you’re currently looking for an in-house solution that satisfies the requirements above, check outDatAnywhere.  DatAnywhere offers the cloud experience without the cloud.  It’s a no-compromise security solution that uses your organizations existing file sharing infrastructure to provide file sync services, mobile device access, browser access, and 3rd party collaboration.

Leave a Comment » | Application Hosting, Managed Service Hosting, Marketing | Tagged: , , , , , , , | Permalink
Posted by david ricketts

Varonis Data Governance Suite 5.8: Faster, Leaner, Lower Cost

October 5, 2012

We’re extremely excited to announce the release of version 5.8 of the Varonis Data Governance Suite!

This release is packed with major architectural changes that not only increase performance, but also reduce your total cost of ownership and make managing your Varonis infrastructure faster and easier than ever.

What’s new?

Here are some of the key features in 5.8:

  • Collectors: New      component introduced for metadata collection that no longer requires      Microsoft SQL, resulting in better performance, easier deployment, and a      lower Total Cost of Ownership (TCO).
  • Management      Console and Scheduler: Single point to manage and control the      entire Varonis infrastructure, simplifying installation and monitoring.
  • Incremental      File Walk: Ability to incrementally scan/walk only the changed      permissions on the file system rather than the entire file system,      reducing system and network overhead and boosting overall efficiency.
  • Database      Separation: Support for SQL farms external to Varonis components,      increasing architecture flexibility and reducing total cost of ownership.
  • Auditing      Actions: full audit of activities within DatAdvantage increases      organizational security posture by providing immediate accountability for      administrators.
  • User      and Group Creation: Users and groups can be created and edited      from the DatAdvantage interface, increasing administrative functionality      and flexibility.

Our CEO and co-founder, Yaki Faitelson:

“We have changed the architecture of the product so that the people who already rely heavily on DatAdvantage to improve management and security for their unstructured data platforms can integrate it into their workflow even more seamlessly, while those new to the technology will benefit from the experience and input from those who have come before them.”

Related articles

1 Comment | Application Hosting, Managed Service Hosting, Marketing, Retail IT Solutions | Tagged: , , , , , , , | Permalink
Posted by david ricketts

Optimising your cloud backup

August 1, 2012

You’re ready to move into the cloud, but before you can get there you actually have to get your data to the cloud. Below are some tips on how you can optimize your first cloud backup deployment.

Backup the Most Important Files First

When you sign up for a cloud backup service, your trusted managed  service provider will have to make an initial backup before they can begin to back up your data incrementally. Depending on the amount of data that is required to be backed up and on the speed of the internet connection, this initial backup can take a long time to complete.

With the first backup taking so long, it is important to prioritize your data. You may want to organize your organization’s operational documents (word processing files, spreadsheets, etc) to be backed up first and have uncommon file types backed up last. Depending on your managed service provider, you may be able to determine which files are used most often in your business and back that up first.

Take Advantage of Bandwidth Throttling

Although your initial backup may take a long time, you don’t want it to affect your network during working hours while people are trying to get their work done via the internet. During the day, you should be able to strike a balance between getting your backups done and having enough bandwidth for the workday. After business hours and on weekends you can increase your bandwidth to focus on your backups.

Deduplication and Compression

It’s best to minimize the data being sent over the wire and to the cloud through deduplication, especially if you’re paying for backups per gigabyte on a monthly basis.

One way to decrease the amount of data being backed up (without sacrificing data protection) is to use de-duplication. When seeking the services of a cloud backup services provider, this feature should be standard. The way de-duplication is performed can often be unique to each managed service provider.

Some providers will only back up each file once and if the same file exists in multiple locations, pointers to the files will be created. Other service providers will provide block-level de-duplication. Rather than skipping duplicated files, the software which powers the cloud backup service will create a checksum for each block that’s being backed up and then uses the checksum value as a way of determining whether a duplicate block has already been backed up.

Keep a Local Copy of Backup Files

It’s important that you continue to store backups on premise – it will always be easier and faster to restore data from a local backup then from the internet. Local backups also allow you to further align the value of data with the cost of protecting it. Using the cloud for backup will allow you to recover in any situation when data loss occurs, but creating a second local backup is best for accidental file deletion or to quickly recover a single server in your network.

For more information or to request a demonstration please visit http://www.c24.co.uk

Leave a Comment » | Managed Service Hosting, Marketing | Tagged: , , , , , , , , , , , | Permalink
Posted by david ricketts

Follow

Get every new post delivered to your Inbox.

Join 754 other followers