Soonr Workplace Enterprise Plan Overview



Similar documents
Security Architecture Guide

WatchDox Administrator's Guide. Application Version 3.7.5

Personal Cloud. Support Guide for Mac Computers. Storing and sharing your content 2

Features of AnyShare

When enterprise mobility strategies are discussed, security is usually one of the first topics

FileCloud Security FAQ

ShareSync Get Started Guide

Administration Guide. WatchDox Server. Version 4.8.0

Novell Filr. Mobile Client

Novell Filr 1.0.x Mobile App Quick Start

ShareSync Get Started Guide

Mobility Manager 9.5. Users Guide

Bell Mobile Device Management (MDM)

Mobile Device Management Version 8. Last updated:

DUO SECURITY CISCO VPN USER GUIDE 1/27/2016

ShareSync Get Started Guide for Mac

ShareSync Get Started Guide

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

Cloud Services MDM. ios User Guide

ShareSync Get Started Guide for Windows

1. Scope of Service. 1.1 About Boxcryptor Classic

BlackBerry Business Cloud Services. Administration Guide

Administration Guide

NAS 242 Using AiMaster on Your Mobile Devices

How to install and use the File Sharing Outlook Plugin

Feature List for Kaspersky Security for Mobile

Sophos Mobile Control SaaS startup guide. Product version: 6

Quality of Service (bandwidth limitation): Default is 2 megabits per second.

User Guide. Version R91. English

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown

Advanced Configuration Steps

Product Manual. MDM On Premise Installation Version 8.1. Last Updated: 06/07/15

Installation and Setup: Setup Wizard Account Information

Qbox User Manual. Version 7.0

W H IT E P A P E R. Salesforce CRM Security Audit Guide

User Guide. Time Warner Cable Business Class Cloud Solutions Control Panel. Hosted Microsoft Exchange 2007 Hosted Microsoft SharePoint 2007

Egnyte Cloud File Server. White Paper

Anchor End-User Guide

AVG Business SSO Partner Getting Started Guide

Establishing two-factor authentication with Barracuda NG Firewall and HOTPin authentication server from Celestix Networks

PC Monitor Enterprise Server. Setup Guide

Fus - Exchange ControlPanel Admin Guide Feb V1.0. Exchange ControlPanel Administration Guide

A Guide to New Features in Propalms OneGate 4.0

Colligo Briefcase Enterprise. Administrator s Guide

Egnyte App for Android Quick Start Guide

Administering Jive Mobile Apps

GREEN HOUSE DATA. Services Guide. Built right. Just for you. greenhousedata.com. Green House Data 340 Progress Circle Cheyenne, WY 82007

Security Overview Enterprise-Class Secure Mobile File Sharing

Setting Up groov Mobile Apps. Introduction. Setting Up groov Mobile Apps. Using the ios Mobile App

Sophos Mobile Control Administrator guide. Product version: 3.6

Get Started Guide for Admins

Copyright 2013, 3CX Ltd.

Kaspersky Lab Mobile Device Management Deployment Guide

Sophos Mobile Control Administrator guide. Product version: 3

Qsync Install Qsync utility Login the NAS The address is :8080 bfsteelinc.info:8080

Access All Your Files on All Your Devices

Table of Contents. Introduction...9. Installation Program Tour The Program Components...10 Main Program Features...11

Establishing two-factor authentication with Cyberoam UTM appliances and HOTPin authentication server from Celestix Networks

File Sharing & Collaboration

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android

Android App User Guide

Resco Mobile CRM Security

BlackBerry Internet Service. Version: Administration Guide

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

Xerox Mobile Print Cloud

SpringCM Troubleshooting Guide for Salesforce

Sophos Mobile Control Startup guide. Product version: 3

activecho Driving Secure Enterprise File Sharing and Syncing

Installation Guide. Research Computing Team V1.9 RESTRICTED

OneDrive for Business User Guide

SysAid MDM User Guide for ios

Introduction to the AirWatch Browser Guide

Employee Active Directory Self-Service Quick Setup Guide

Sophos Mobile Control Startup guide. Product version: 3.5

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

Legal Notes. Regarding Trademarks KYOCERA MITA Corporation

Quick Start Guide. Version R9. English

ElephantDrive Cloud Backup Module Contents

Using Devices. Chapter 3

MaaS360 Mobile Device Management (MDM) Administrators Guide

Transporter from Connected Data Date: February 2015 Author: Kerry Dolan, Lab Analyst and Vinny Choinski, Sr. Lab Analyst

WatchDox SharePoint Beta Guide. Application Version 1.0.0

Manual for Android 1.5

Quadro Configuration Console User's Guide. Table of Contents. Table of Contents

Store & Share Quick Start

Interact Intranet Version 7. Technical Requirements. August Interact

Table of Contents. Oxygen Web Client Uploading my files Versioning my files Deleting my files... 36

NSi Mobile Administrator Guide. Version 6.2

Setting Up and Accessing VPN

Aventail Connect Client with Smart Tunneling

STRONGER AUTHENTICATION for CA SiteMinder

PORTLANDDIOCESE.ORG - How to Connect Table of Contents

Administrative Guide for Dataroom Center and Dataroom Managers

Advanced Administration

Transcription:

This document is an overview of the features that are included in the Soonr Workplace Enterprise Plan. The Enterprise Plan is designed for the specific needs of IT departments in larger companies where control and management of cloud services is critical to business operations. Soonr Workplace is Soonr s service for secure sync, file sharing, and collaboration for businesses, and is currently offered in two standard plans. The tiered plans differ in scale and features as most commonly required by business customers as summarized in Table 1 below. Table 1. Soonr Workplace Plans PRO Enterprise Base Seats 3 10 Base Connections 3 3 Base Storage (GB) 1000 5000 Unlimited File Size Support Desktop Sync Active Backup File & Folder Restore File Versioning Full Text Search Project Archiving Web and Mobile Document Rendering Public Links with Security Controls QR Linking (QR Codes for Public Links) Workplace Mobile Apps (ios, Android, BB, Win Mobile) Integrated Mobile App Annotation (ios, Android) Scan to PDF on Mobile Apps Integrated Mobile App Editing (ios) Print & Fax Project Collaboration (Share & Team Links) SMS & E-mail Change Notification Smart Locking (Automatic Office File Locking) Company Branding Groups & Subgroups (Sharing & Policies) Microsoft Office 365 Integration Window System Service Project Owner Re-assignment Sub-Folder Sharing Advanced Project Sharing Permissions Active Directory Integration (User & Group Import) - Manage Projects (Super Admin) - Team Auditing (Account, Group, Active Directory) - User Access Auditing (User, Device, Agent, Admin) - Project Auditing (Project, File, Folder, Comments, Links) - Password Policies (Life-Cycle, Complexity, Thresholds) - Session Policies (Timeout, Cookie Controls) - IP Address White-listing - Public Link Allow Policy - File Unlock Override Policy - 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 1

Remote Computer Access Policy - Mobile Content Add/Create Policy - Mobile Content Edit Policy - Mobile Content Export Policy - Mobile Security Code Policy - Client and Web API s for Custom Integration - Soonr Workplace has three main components: Soonr Cloud Infrastructure and Services Desktop Agents for Windows and Mac Computers Integrated Mobile Apps for ios, Android, Blackberry, and Windows smartphones and tablets This document is intended for readers who have a basic understanding of each of these components and provides an overview of only the Enterprise specific features. Super Admin Role The Soonr Workplace Enterprise Plan provides a highly privileged role for the Admin which allows access and control of all Projects created by all Team Members, including private Projects and folders, regardless of any pre-configured share rights or permissions. This role allows IT, Security, and Compliance personnel to conduct audits or forensics on system use when such cases are warranted. Table 2 below lists the capability related permissions of each of the user types. Table 2. Soonr Workplace Enterprise Plan User Permissions Feature/Capability View, edit, copy, delete, and undelete all user Projects and Files * View, edit, and delete all user-created Public Links * Super Admin * View, edit, and delete all user shares & permissions* Create and view reports on user account activities * Create and view reports on user device access * Create and view reports on Project and File access * Establish user policies for passwords, sessions, and device access * Create, edit, disable, and delete Admin, Members, and Connections Adjust storage quota for Admins and Members Change password for Admins and Members Create, edit, and delete Groups Adjust company branding Disable lost devices Admin Member Connection Public Link 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 2

Create and share Projects (requires own storage quota/allocation) Create Connections Create Public Links View the user profiles of other users Create and edit Folders and Files within Projects (does not require own storage quota) Collaborate on shared Projects, Folders, and Files Login to the service as a named account (managed by the team Member or Admin) Install an Agent on a computer to Sync Projects to the Workplace Folder Access to Team Projects from Soonr Workplace Mobile Apps View and Download Files in PDF format View and Download Files in Original format Upload Files to a Project *Indicates an Enterprise-only feature Active Directory Integration The Soonr Workplace Enterprise Plan supports integration with Microsoft Active Directory (AD). This solution provides the following benefits: Soonr teams can be linked to company AD infrastructure elements. User accounts may be provisioned and maintained using account information from AD. User accounts share the account lockout policies from AD. Group and group relationships are imported and maintained by AD. User authentication is performed though the integration link to AD. Figure 1 below shows Active Directory Configuration Settings in the Enterprise Plan. 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 3

Figure 1. Active Directory Configuration Settings Team Auditing The Soonr Workplace Enterprise Plan allows the Enterprise team Admin to generate and export audit records on account activity, groups and Active Directory events. Events can be filtered by user name and date range. Figure 2 below shows the Team Auditing event types and setting. 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 4

Figure 2. Team Auditing Event Types and Settings User Access Auditing The Soonr Workplace Enterprise Plan allows the Enterprise team Admin to generate and export audit records on device provisioning, logins, failed logins, IP mapping, and desktop agent connects. Events can be filtered by device, IP Address, user name, and date range. Figure 3 below shows the User Access Auditing Event types and setting. Figure 3. User Access Auditing Event Types and Settings 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 5

Project Auditing The Soonr Workplace Enterprise Plan allows the Enterprise team Admin to generate and export audit records on project management, file and folder changes, and file comments. Events can be filtered by project name, file name, user name, and date range. Figure 4 below shows the Project Auditing Event types and setting. Figure 4. User Access Auditing Event Types and Settings Password Policies Password Policies allow a Soonr Enterprise team Admin to set global policies for password expiration (days), re-use cycle times, recent password interval (days), as well as password complexity and allowed failed login attempts. By default, no password policy is defined or enforced. For users imported into Soonr from Active Directory, these policies are not enforced and only AD policies are needed. Password Policy settings are shown in Figure 5 below. 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 6

Figure 5. Password Policy Settings Session Policies Session Policies allow a Soonr Enterprise Admin to specify global session timeout, remember-me, and IP address display policies. By default, no session policy is configured or enforced. Session Policy settings are shown in Figure 6 below. Figure 6. Session Policy Settings IP Address Whitelisting The IP Address White List is also commonly referred to as an Access Control List (ACL) in computer networking security terminology. This feature enables the Soonr Enterprise Admin to place restrictions on service login. Specifically, service login can be restricted based upon a combination of the mode of access (browser, mobile app, desktop agent) and the source IP address. By default, no IP Address White List is configured or enabled, and therefore there is no service access restriction placed on either mode of access or source IP addresses (permit all). However, if the IP Address White List is configured and enabled, then service access is disabled from all modes of access and all source IP addresses (deny all), unless the attempted access meets one of the configured white list criterion. Clicking on the IP 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 7

Address White List link as shown in Figure 6. Above will prompt the configuration dialog screen below in Figure 7. Figure 7. IP Address Whitelist Policy Settings The white list is empty by default, but the screen above has been populated with a useful example. The first wildcard entry allows access from web browsers with any source IP address, but specifically excludes access from either mobile apps or desktop agents. By itself, this first entry would entirely prohibit access from mobile apps or desktop agents. However, the second entry specifically allows service access from mobile apps and desktop agents if such access originates from the specified source IP address. For example, if the allowed IP address entered above is a company's ISP-allocated public-side static IP address, then these two entries effectively restrict access from mobile apps and desktop agents so that it can occur only from behind the company firewall. Furthermore, if a company has a policy of requiring mobile devices and remote desktop/laptop computers to use VPN access, then this approach would also support such remote access through the company VPN. In any case, the filter strategy above does allow browser-based access (using https) from any location. Public Link Allow & File Unlock Override Policy General Policies allow a Soonr Enterprise Admin to set global policies for allowing Public Links, and restricting unlock over-ride to only the Project owner. By default, public links are allowed. This policy setting is shown in Figure 8 below. Remote Computer Access Policy Remote Access refers to the ability to remotely access a PC from any web browser, and requires the installation of the Soonr Desktop Agent onto the target PC. While this is a very 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 8

useful feature, some Admins might feel that higher security and better control are achieved by disabling Remote Access. This policy setting is shown in Figure 8 below. Figure 8. Public Link, Unlock Override and Remote Access Policy Settings Mobile Content Add/Create/Edit/Export Policy Mobile Device Policies allow the Soonr Enterprise Admin to set global policies on allowing/disallowing the ability to create content, edit content, and export content to secondary or third party applications on mobile devices. By default, no restrictions on mobile device creation or editing are applied. This policy setting is shown in Figure 9 below. These policies can be use to prevent 3 rd party applications from accessing any data in Soonr, meaning that visibility to that data is never lost and the potential for data leakage to unathorized services and users in minimized. Mobile Content Management Policy settings are shown in Figure 9 below. Mobile Security Code Policy A Mobile Device Policy is available to allow the Admin to require a PIN passcode on mobile devices each time the Soonr Workplace mobile app is accessed by the user. Furthermore, an option is provided to set a failed passcode threshold, and to erase mobile device data upon passing that threshhold. This policy setting is shown in Figure 9 below. Figure 9. Mobile Content Management and Device Policy Settings Mobile Device Policies are designed to improve common device management tasks such as deleting all of the Soonr content on a stolen or lost smartphone or tablet. As an example of a remote-wipe policy, a Soonr Admin can check the Require Passcode policy, Enable Erase 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 9

Data policy, and set the Failed Passcode Threshold value to 5. In this example, if a device is stolen and the Soonr Mobile app is launched, it will block access to any Soonr data unless the correct pin code is entered. After 5 incorrect pin code entries, the Soonr Mobile app will clear all user data out of its cache and remain locked. 2013, Soonr, Inc. All Rights Reserved, August 2013 - Page 10