Deploying an Enterprise-Ready Content Sync-and-Share Solution

Intel IT Content Sync-and-Share Solutions September 2013 Deploying an Enterprise-Ready Content Sync-and-Share Solution Executive Overview Intel IT is deploying an enterprise-ready content sync-and-share solution that provides the productivity and collaboration benefits that our employees want as well as the security and manageability controls that we require. Preeta Banerji Client Engineering Content Sync Project Manager, Intel IT Intel IT is deploying an enterprise-ready content sync-and-share solution that provides the productivity and collaboration benefits that our employees want as well as the security and manageability controls that we require. With the increased popularity of consumer-based content sync-and-share solutions and the growing number of devices each employee uses, we recognized the need to enable access to content from multiple devices. We want an enterprise-ready content syncand-share solution that provides benefits to productivity, multi-device access, and collaboration. We also need to simplify PC backup and replacement on standard refresh cycles and when PCs need repairing as well as keep business content separate from the employees personal content. We examined off-premises, on-premises, and hybrid solutions to see which would work best for our current needs while allowing us to scale to up to 100,000 users. Based on this examination, we approached third-party suppliers that could support an off-premises software-as-a-service (SaaS) solution as well as on-premises storage in a hybrid or on-premises solution. We compiled an extensive list of requirements encompassing security, privacy, user experience, and manageability features and invited suppliers to participate in a request-for-proposal (RFP) process. After selecting our preferred supplier, we quickly implemented a SaaS model. Then we conducted a proof of concept (PoC) with 200 users to validate the usage model and overall user experience. Based on PoC results, we received management approval to roll out the SaaS model to an additional 4,000 employees, which we are currently doing. As we consider a hybrid solution and possibly an on-premises solution, our biggest challenge is to find a balance between securing enterprise content and providing employees a satisfying user experience. Roy Ubry Staff Engineer, Intel IT Julian Braham Product Engineer, Intel IT Terry Yoshii Storage Architect, Intel IT

Contents Executive Overview... 1 Business Challenge... 2 Solution... 2 Implementation Considerations... 3 Searching For a Third-Party Supplier... 3 Validating the Solution with a Proof of Concept... 6 Key Learnings... 6 Results... 7 Conclusion... 7 Acronyms... 7 IT@Intel The IT@Intel program connects IT professionals around the world with their peers inside our organization sharing lessons learned, methods and strategies. Our goal is simple: Share Intel IT best practices that create business value and make IT a competitive advantage. Visit us today at www.intel.com/it or contact your local Intel representative if you d like to learn more. Business Challenge The consumerization of IT and the popularity of our bring-your-own-device (BYOD) program allow Intel employees to work from multiple devices. Regardless of what type of device they use, they want to be able to access work content from anywhere, at anytime and be able to share that content with internal and external colleagues. We have found that when employees have access to the content they need on their devices of choice, productivity increases. From 2010 to 2012, Intel employees gained more than 7 million hours of productivity because of their ability to use BYO devices. 1 At the same time, this trend brings with it increased expectations and new risks. For example, some employees who rely on consumer-based content sync-and-share solutions for synchronizing and sharing their personal files expect a similar solution to be available for work files. In researching current usage of content syncand-share solutions, we discovered that many employees had already opened accounts with consumer solutions, introducing security, regulatory, and content leakage risks to the enterprise. Employees were inadvertently putting the enterprise at risk in their efforts to improve productivity and collaboration. Additionally, when employees who have such accounts leave the company, they and any others who have the links can still access the business content stored there, posing an indefinite legal and security risk to the enterprise. Even when employees simply abandon their accounts, we have no way to remove the business content. 1 2012-2013 Intel IT Performance Report For these reasons, Intel IT made users aware that unapproved solutions must not be used for Intel content and implemented a content sync-and-share solution managed by Intel that enables us to do the following: Keep company content secure Enhance collaboration between internal and external colleagues Increase employee productivity and satisfaction Make the most recent content available, regardless of which device last altered it Solution Establishing a solution to synchronize and share content across devices is a major component of a program that Intel IT started in 2012 called Any Device, Anywhere Computing. This program s primary goal is to give employees the freedom to securely communicate, compute, and collaborate from multiple devices whenever they want, wherever they want. In order to make Any Device, Anywhere Computing a reality, we developed four components that make up the employee workspace. These components, which fulfill the computing needs to make an employee successful, are enterprise-ready content synch-and share, email, applications, and the ability to personalize the user experience on every device (see Figure 1). 2 www.intel.com/it

IT@Intel White Paper Any Device, Anywhere Computing Email Applications Enterprise-Ready Content Sync-and-Share Personalization of User Experience WORKSPACE Desktop, Laptop, Tablet, Cell Phone Figure 1. Any Device, Anywhere Computing is made up of four components: enterprise-ready content sync-and-share, email, applications, and the ability to personalize the user experience on every device. By enabling the content sync-and-share component of the employee workspace, we could accommodate the following four use cases: Multi-device access. Employees can use any Intel-managed device, whether Intelowned or personally owned. Eventually, we want to deliver secure containers to enable the use of any device. Collaboration. Enable content sharing between internal and external team members to make them more efficient. Full PC backup, refresh, and replacement. By synchronizing user content to the cloud, we are effectively creating a backup. When an employee gets a new system, the most recent versions of all content will synchronize over to that system. Separate business content from personal content. Allow business content to synchronize to the enterprise cloud while personal content could be synced to a public cloud of the employee s choice, per the established BYOD program we support. We determined that if our content syncand-share solution could accommodate all four of these use cases, it would offer more combined benefits to Intel employees and Intel IT than are currently possible with a consumer-based solution. Implementation Considerations We considered three solution types when implementing our enterprise-ready content syncand-share solution: off-premises, on-premises, and hybrid. We knew that we would need more than one approach to meet our current and future needs. Whichever approach we chose, we needed to be able to back out if necessary. We started with an off-premises software-asa-service (SaaS) solution so we could deploy quickly. We limited our supplier search to those that would also be able to provide support for on-premises storage either through a hybrid solution or an on-premises solution. While SaaS allowed us to replace the use of consumer content sync-and-share solutions faster, it also meant we had to expose encryption keys and Intel content to a third-party supplier. Other implementation considerations included the following: Security. The level of encryption key management available in the hybrid solution we chose would determine whether we would place restrictions on the sensitive content that could be uploaded and, if we placed restrictions, what those would be. Total cost of ownership/return on investment (TCO/ROI). Including support costs and future expansion, this would factor into the decision making process to determine the solution s levels of security, performance and scalability, and overall usability. Performance and scalability. Within the parameters defined by security and TCO/ ROI considerations, the solution needed to meet the minimum required performance needs and had to be able to scale to meet future needs (that is, achieving our strategic vision in three years and accommodating 100,000 users). User experience. Also within the parameters defined by security and TCO/ ROI considerations, the solution had to accommodate employee usability needs in the workspace. Product functionality, the user interface, training, and more were factors in the overall user experience that would determine whether employees would actually use the solution. Searching For a Third-Party Supplier To identify the right supplier to help us implement our enterprise-ready content sync-and-share solution, we first had to define enterprise requirements. After we developed the requirements, we went through an RFP process and compared the suppliers responses to our requirements. www.intel.com/it 3

We selected a supplier based on which one scored highest in our RFP. We then conducted a PoC with our chosen supplier with about 200 employees. Defining Requirements When considering the requirements for our enterprise-ready content sync-and-share solution, we examined numerous factors related to content management, content sharing, content synchronization, de-duplication, security, service manageability, usability, and storage. We prioritized each requirement according to need: must-have (high priority), significant value (medium priority), or nice-to-have (low priority). The following list contains a selection of the high priority requirements we defined. Content Management Our highest priorities were to support Linux*, Microsoft Windows*, Apple ios*, Google Android*, and Apple Mac* OS operating systems across different device types, enable the ability to recover deleted files or revert to earlier versions, and provide support for common object types such as folder, document, policy, and relationship. We also needed the ability to globally exclude specific files and file types. Content Sharing For our content sharing requirement, we focused on controlling access. We wanted to enable both internal and external file sharing. By enforcing security requirements such as needing a valid account before allowing access to content and setting an expiration date for shared links, we could track and audit access to content. Content Synchronization Among the top priorities for content synchronization features were real-time file synchronization triggered by file changes, conserving network resources, and the ability to sync content through the corporate firewall to devices not connected to the corporate LAN or WLAN. We also had to be able to support large file sizes. De-duplication This feature was essential to minimizing total storage space required for user data. By preventing duplicate files from being 4 www.intel.com/it uploaded and stored in the content sync repository, we would maximize overall storage efficiency and reduce the amount of network traffic generated. At this scale, saving even 20 percent would result in substantial cost savings for the content sync-and-share solution. Security Security was critical since we were relying on a third party to host the content and infrastructure. We divided security into four categories: encryption, authentication, administration, and policy. We required encryption of all content in transit between devices and between a device and the cloud storage repository, on all content at rest, and on content stored in public clouds. Encryption keys had to be physically separated from the content. For sensitive content, we needed to be able to manage the encryption keys. We wanted a strong authentication method using single sign-on (SSO) from Intel-managed devices only. We used SSO to accomplish two goals: to establish trust between the devices and the content, and to simplify the user experience. With SSO s certificate-based authentication we were able to distribute the necessary certificates to Intel-managed devices and ensure that the devices met minimum security specifications. This eliminated the need to establish a separate password for login to the content sync service, which created a better user experience. We had several administration requirements because we needed effective control of data, services, processes, and policies in the SaaS environment. We mandated the ability to do the following: Recover enterprise content for employees that had been terminated. Selectively wipe content from devices: In case of theft we would wipe the entire device; if we had to delete content from a BYO device, we would need to remove only selected content and not wipe the entire device. View security event logs so we could identify who accessed content. We also needed granular controls to ensure that specific content could be synced to only a specific set of devices. For security policy requirements, we needed capabilities to ensure that only Intel-managed devices could access our solution and that highly sensitive content was not stored externally. Service Manageability To simplify administration of the solution, we wanted to make sure administrators could define IT policies on versioning and data retention, conflict resolution, and security from a central console. The supplier should also be able to provide an API that allows us to automate and integrate our internal processes such as onboarding, disabling, deletion, group management, and so on. We also needed electronic discovery (ediscovery) access in the event of a legal matter, and administrators needed to be able to define file type exclusions. Usability We needed to try to match the level of usability that our employees had grown accustomed to in consumer-based solutions. High user experience priorities included the ability to use content sync inside and outside the firewall without the need to reconfigure, the ability to suspend and resume synchronization where the user left off, and content that was visible, consumable, and updatable from any application on the device without requiring a separate, vertical content application or graphical user interface (GUI). Storage The solution needed to provide 99.9 percent availability and support multiple storage protocols and interfaces. We also looked at minimum performance benchmarks and several storage management requirements. Among other requirements, the solution had to have a published API for data access and storage management. This API would provide for monitoring and alerting of capacity, performance, configuration, and error-related events, and would be capable of non-disruptive upgrades.

Off-Premise Classic software-as-a-service (SaaS) All services are hosted externally. Virtual cloud architecture. IT@Intel White Paper A Comparison of Off-Premises, On-Premises, and Hybrid Content Syncing We examined off-premises, on-premises, and multiple hybrid solutions as options for our enterprise-ready content sync-and-share solution. In our proof of concept (PoC) we used an off-premises software-as-a-service (SaaS) solution, enabling us to get started quickly without having to set up storage. Off-Premise Ultimately, we plan to move toward either a hybrid or an on-premises solution with on-premises storage. Classic software-as-a-service (SaaS) All services are hosted externally. Table Administrative 1 describes Services Virtual cloud some architecture. of the benefits and challenges of off-premises, on-premises, and hybrid solutions. Table 1. Enterprise-Ready Content Data Sync-and-Share access Solution Options and Their Benefits and Challenges Off-Premiseservices through Intel Classic software-as-a-service (SaaS) Benefits Challenges All services are hosted externally. Virtual cloud architecture. Off-Premises Classic External SaaS Cloudsolution. All services are hosted externally. Virtual cloud architecture. Support and maintenance expenses Management of encryption keys is usually offsite and not Administrative Services On-Premise hosted internally are included in service cost controlled by Intel All services are hosted from within Intel. Quick implementation Storing all content and employee account data offsite Resident cloud architecture. introduced security and ediscovery implications services through Intel Multinational performance varies with the location of the Administrative Services hosting data center services through Intel Cloud On-Premise Services hosted internally Administrative On-Premises All services Services are hosted from within Intel. Orchestration Resident Services cloud architecture. Services hosted internally. All services are hosted from within Intel. Resident cloud architecture. services through Intel Management of encryption keys is On-Premise onsite and controlled by Intel Services hosted internally All services are hosted from within Intel. Security and ediscovery issues Resident cloud architecture. Cloud are fewer than with the off-premises model Multinational performance demands Administrative Services are met by distributing the service across Intel sites Cloud Hybrid services through Intel Services hosted internally and externally. Multiple Web User variations Interface to consider, depending on service host. Hybrid Administrative Co-dependent Services cloud architecture. Services hosted internally and externally. Multiple variations depending on service host. Co-dependent cloud architecture. services through Intel Administrative Services Hybrid Services hosted internally and externally. Multiple variations to consider, depending on service host. Co-dependent cloud architecture. Cloud Administrative Services Hybrid Services hosted internally and Data externally. access and Multiple Web User variations Interface to consider, depending services on through service Intel host. Administrative Co-dependent Services cloud architecture. Key Management Cloud Web Administrative User Interface Services Administrative Storage Services Orchestration Services Cloud Administrative Services services through Intel Performance can be faster than an off-premises model can be onsite and controlled by Intel Enterprise rights management and data loss protection are required to address document security concerns since supplier holds encryption keys and can access Intel content Implementation costs (for example, hardware, service, support, or multinational implementation) must be fully understood to avoid hidden expenses Enterprise rights management and data loss protection may be required to address document security concerns Content sharing with external colleagues and content access by employees through VPN are enabled costs can escalate quickly when implementing in multiple countries Management of encryption keys is mostly offsite and not controlled by Intel Additional controls, such as a second level of encryption at the storage level, are needed to meet security and ediscovery requirements Data loss protection may be required to address document security concerns may be encrypted, which would limit Intel s access for ediscovery, indexing, search, and other internal services Handshaking has to go through the firewall costs can escalate quickly when implementing in multiple countries www.intel.com/it 5

Validating the Solution with a Proof of Concept To validate the usage model and overall user experience of our enterprise SaaS content sync-and-share solution, we conducted a 10-week PoC with about 200 employees from multiple countries. Participants used devices running Linux, Windows, Mac OS, ios, and Android operating systems. Windows users downloaded the client from our internal software repository, which allowed us to customize the installation. Participants using other operating systems downloaded the client from their respective application stores. We allowed only Intel-managed devices to be used by authenticating users through SSO (see Figure 2) and by using certificates. We used the Intel VPN certificate to prevent generation and distribution of new certificates. This blocked users from installing the client on their PCs and accessing their business content from non-managed devices. Other security precautions included: Sharing files only with users enrolled in the PoC Remotely wiping of a device by the user or administrator if the device was stolen Remotely wiping shared folders when folder access is removed Running the Windows desktop client only on systems joined to our Microsoft Active Directory* primary domains Storing data in an encrypted cache on Android-based devices We asked employees to take a survey to evaluate functionality, cross-device access, onboarding, and performance at the end of the 10-week PoC. One network challenge we encountered during the PoC is that SaaS solutions use WAN and proxy services to upload or download content when the employee is on the corporate network. To prevent a performance impact on other real-time applications running on the WAN, we marked packets created by the supplier with a high differentiated-servicescode-point value. This approach ensured low prioritization on the network. Key Learnings During our PoC, we discovered several issues that helped shape our strategies for future deployment of the sync-and-share solution. Some of our more significant discoveries included the following: The SaaS model was reliable with no service outages. There were no security incidents during our PoC. upload and download transfer rates were 500 KB to 6 MB per second. Large file uploads and downloads had higher transfer rates (file sizes up to 15 GB were tested). Connection failures sometimes caused higher network utilization rates due to reattempts to transfer the files. At times, our internal VPN bandwidth limited network performance when working offsite. Average storage consumption per user was approximately 12 GB (after de-duplication). Client GUI and controls were slightly more complex than some consumer content sync-and-share solutions. Balancing security requirements with ease of use (user experience) is a challenge. Monitoring system capacity and network utilization was useful in detecting unreported issues. Overall, employees were more accustomed to their favorite consumer-based content sync-and-share solutions and they expected our enterprise content sync solution to function exactly the same way. We plan to provide training, which will help them adapt to this new usage model. SERVICE PROVIDER Authentication request 1 IDP discovery 2 Send query via xhtml form Agent posts response to service provider 5 6 Service provider validates the response and sends user to resource CLIENT Must be in the intranet Request SSO authentication 3 User identification using client CERT 4 Respond to xhtml form IDP In the intranet Figure 2. Single sign-on (SSO) authentication overview used in the proof of concept. 6 www.intel.com/it

IT@Intel White Paper Results In our continuing efforts to help employees increase productivity by providing access to enterprise content from multiple devices, we successfully implemented an enterprise-ready content sync-and-share solution. After we completed the PoC, we conducted a survey with the 200 employees who participated. While we work toward an acceptable balance between usability and security, our solution received management approval for deployment to 4,000 more employees, most of whom were using a consumer-based content sync-and-share solution. In collaboration with our supplier, we continue to make improvements, including a new HTML5 web browser with drag-and-drop functionality, silent installers, a new Windows client, simplified login, and more. We are promoting the solution in internal newsletters and social media to educate employees about the availability of the new content sync-and-share solution and to inform them of the risks of using a consumerbased option. In the PoC, employees responded positively to how well the solution worked across different devices. They were pleased with the flexibility and productivity benefits, and they indicated a perceived increase in the quality of their work/life balance. Conclusion For more information on Intel IT best practices, visit www.intel.com/it. Employees rely on cloud-based content sync-and-share solutions to improve their productivity, their ability to collaborate, and their overall work/life balance. The enterprise-ready content sync-and-share solutions that we are exploring are intended to deliver those benefits and more while also protecting corporate assets. Intel IT is working toward deployment of a hybrid content sync-and-share solution that will provide improved security and employee satisfaction. This hybrid solution is designed to retain all user content on-premises, while the orchestration service would continue to reside with the vendor. We are investigating if a second level of encryption at the storage layer can secure the content and prevent vendor access to Intel content, mitigating the risk of having the vendor host the orchestration layer. Essentially, the content would be encrypted twice, once by the vendor at the orchestration layer with the vendor holding the keys, and again at the storage layer with Intel controlling the keys. This approach should allow us to meet our security requirements without the overhead of maintaining orchestration services in-house. The addition of more security features will enable users to synchronize and share more sensitive Intel content. We expect this hybrid content sync-and-share solution to be available and deployed to all Intel employees in 2014. In parallel, we are researching on-premises content sync-andshare solutions to determine the value and feasibility of an internally hosted service. As we prepare to accommodate thousands of more users, we anticipate more benefits, including the following: Improved user experience, based on the close monitoring of rapidly evolving trends in consumer-based solutions and close collaboration with our supplier Simplified content migration during PC backup or when deploying content to new devices Market growth for tablets and other devices as employees gain confidence in working with multiple devices to access content in the cloud We are confident that our enterprise-ready sync-and-share solution will continue to keep enterprise content secure while providing employees with a satisfying user experience. Contributors Jim Waters Staff Client Enterprise Architect Arijit Bandyopadhyay Enterprise Architect Acronyms BYOD bring your own device GUI graphical user interface PoC proof of concept RFP request for proposal ROI return on investment SaaS software as a service SSO single sign-on TCO total cost of ownership INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and other countries. *Other names and brands may be claimed as the property of others. Copyright 2013 Intel Corporation. All rights reserved. Printed in USA Please Recycle 0913/JGLU/KC/PDF 329334-001US