Where is your Corporate Data Going? 5 tips for selecting an enterprise-grade file sharing solution.
TABLE OF CONTENTS WELCOME INTRODUCTION... 1 TIP 1:... 4 Ensure Ease-of-Use TIP 2:... 6 Empower Secure Collaboration TIP 3:... 10 Regain & Retain Control TIP 4:... 12 Enable Mobility TIP 5:... 14 Trust the Security Pros
INTRODUCTION INTRODUCTION Do you know where your corporate data is going? The answer should be a resounding, Yes! Unfortunately, it s more difficult than ever to answer that question. Today s fast-paced, mobile workforce relies on personal devices and popular consumergrade file sharing tools to access and share information with colleagues inside and outside the enterprise. However, doing so makes it nearly impossible to control corporate data and can lead to devastating privacy, security and compliance breaches, damaged business reputations and costly fines. The most obvious path to regaining visibility and control over your corporate data is to provide employees with secure enterprise file sharing tools they can safely access from anywhere, on any device. But exactly how do you determine which tool is right for your organization? This ebook presents five (5) tips for selecting an enterprise-grade file sharing solution that supports collaboration and empowers productivity while protecting your corporate data. Read on to learn more. 1
CONCERNS Concerns of Using Cloud-Based File Sharing Tools 1 Top concerns about cloud-based file sharing tools include a data leak of sensitive information, data loss/theft, loss of control over data and unauthorized usage or visibility of files on the tool.
CONCERNS Sensitive data leak 77% Data loss/theft 69% Loss of control over data (i.e., no knowledge of where data will go once it has left the company 69% Unauthorized usage or visibility of files 67% Failing compliance/security audits 42% 50% Monitoring/Managing the shared information (i.e., staff time) Inability to satisfy ediscovery process 40% Other (please specify) 2% None 2% Source: CIO-CSO Axway Quick Poll. IDG Research Services. 2013.
TIP 1 Ensure Ease-of-Use Look for easy-to-use, policy-compliant file sharing that encourages user adoption and is easy to implement/administer. Non-secure consumer-grade file sharing services like Dropbox, SharePoint and YouSendIt are rapidly gaining popularity because they are easy to use, and employees often turn to them because they simply don t have another option. To change this pattern, IT must provide employees a secure means to transfer large files and safely access data from anywhere that is just as simple and intuitive as the free unregulated services available today. If the tools you provide aren t intuitive and userfriendly, adoption rates will suffer and employees will continue to use public cloud-based services, USB drives and webmail to share files, putting your corporate data at risk. Ideal file-sharing solutions allow users to quickly yet securely share even large files, and collaborate both internally and externally from their desktops or mobile devices while still complying with corporate security policies and regulatory directives. These solutions must also be flexible enough to use with all popular tablet and smartphone operating systems, and support various desktop platforms so that 4
TIP 1 users can share files regardless of the device or operating system. An intuitive user interface is essential and should support drag-and-drop functionality with multiple web browsers. Secure file-sharing solutions should also be easy for IT to implement, administer and manage. Look for flexible solutions that integrate seamlessly with your current infrastructure, applications and services. The right tools will not only provide visibility into (and control over) the data flowing through your organization, they will help you to monitor and manage storage usage, and enforce policy. And, since file sharing and email policies are typically the same, the two should be located on the same platform for consistency and easy administration and management. 5
TIP 2 Empower Secure Collaboration Usability must be balanced with stringent security capabilities. While ease-of-use is the key to user adoption of an enterpriseclass file sharing solution, usability must be balanced with strong security. This is particularly essential for heavilyregulated industries, which must comply with intense privacy and security mandates such as HIPAA, HITECH, Sarbanes-Oxley and more. Most employees don t use cloudbased file sharing services with malicious intent, and may not be aware of the significant risks of using them. They are simply trying to get their work done and many corporate IT security measures such as email file-size limitations slow down and even halt productivity. Therefore, you must provide users simple tools that empower collaboration with internal and external contacts via desktop, tablet or smartphone all with enterprise-class policy controls and encryption to protect sensitive, private and regulated data. To protect confidential information and intellectual property, and ensure compliance with government regulations and corporate policies, choose an enterprise-class file-sharing solution that ensures the encryption of shared files both in transit and at rest on dedicated 6
TIP 2 servers or network-attached storage devices. You should be able to choose between integration with your existing data loss prevention (DLP) infrastructure and built-in policy and control depending on your organization s needs. 7
IMPORTANCE Importance of Functionalities When Evaluating Cloud-Based Files Sharing Solutions 2 While an overwhelming majority of respondents finds each of these functionalities important, enforcing security/compliance controls and the ability to encrypt shared files are the most critical features when evaluating cloud-based file sharing solutions.
IMPORTANCE Ability to enforce security and compliance policies and controls 50% 42% 7% 1% Net Highly Important 1% 92% Ability to encrypt shared files 44% 37% 16% 2% 1% 85% Ease of use/user adoption 34% 50% 13% 3% 1% 75% Ability to monitor and report on file sharing 31% 44% 23% 1% 2% 81% Ability to perform ediscovery 5% 30% 42% 21% 2% 84% Ease of administering user access 1% 23% 62% 14% 1% 72% Integration with existing applications 5% 20% 54% 18% 2% 74% Ability to enable file sharing via mobile device 19% 40% 26% 12% 2% 59% Critical Very Important Somewhat Important Not very important Not at all important Source: CIO-CSO Axway Quick Poll. IDG Research Services. 2013.
TIP 3 Regain & Retain Control Demand robust authentication and permissions management. When employees use consumergrade tools for emailing and sharing files, you ve essentially lost control over where your corporate data is going and who might gain access to it. Such services lack even the most basic policy-based security controls businesses need to protect their data and comply with industry and governmental data-privacy regulations. The only way to fully protect your corporate data is to provide enterprise-class file sharing tools with the capabilities endusers demand and IT needs to regain and retain control. Look for solutions with robust authentication and permissions management capabilities that allow you to: Analyze and appropriately manage every message and file that enters or exits your network, 24x7x365. Create and establish security, sharing and permissions policies within the application itself. 10
TIP 3 Ensure data is accessible only by authorized individuals and file sharing is in compliance with corporate policy. Control exactly who can create and share folders, and determine with whom content can be shared. Simplify management via integration with your Active Directory or other LDAP Directories. With such tools in place, IT can govern the flow of data as it moves in and out of the organization and control exactly who has access to high-value business information assets. Users can share sensitive, private or regulated data inside and outside of the organization safely within this framework, and IT can efficiently and effectively meet the demanding compliance mandates of even the most highly-regulated industries, such as healthcare, life sciences, government, financial and legal services. 11
TIP 4 Enable Mobility Give users the power to use their own devices and safely access corporate data from anywhere at any time. The days of 9-to-5 officebased workdays are long over and employees are more geographically dispersed than ever. Along with businessauthorized computers, they frequently use a host of mobile devices as well as their own home-based computers to get their jobs done. Recent studies show that: The number of employeeowned smartphones and tablets used in the enterprise will more than double by 2014, reaching 350 million, compared to nearly 150 million in 2012. 3 Over 80% of employees need to access work documents from outside the office. 4 74% of business professionals currently use tablet computers. 5 As the prevalence of mobile devices grows, so do corporate data security and compliance concerns. Increased mobility and the Bring-Your-Own-Device (BYOD) boom may be boosting productivity and changing the way we work. At this point, however, most employees personal smartphones, tablets and mobile 12
TIP 4 devices are not equipped with the tools required to protect and secure corporate data and assets. To safely enable and support the adoption of BYOD policies across the workplace, IT should provide secure enterprise collaboration tools that give employees the freedom to access, transfer and synch corporate files, folders and data from anywhere, at any time, from their desktop or mobile devices. Enterprise-class policy controls and encryption are a must to enable secure mobility and file sharing. IT should be able to easily define, set and maintain secure collaboration policies that don t restrict employee productivity. The right tools will provide a controlled environment where users can easily share files and folders, from any device, within and outside the organization while complying with corporate policy and data security requirements. 13
TIP 5 Trust the Security Pros Put your trust in a proven, flexible solution from a reliable vendor. New file sharing services seem to appear on the scene almost daily. Yet, most consumerbased file sharing services, particularly those offered by large search engines and other advertising-driven companies, don t have corporate security or regulatory compliance in mind. User agreements rarely include data protection guarantees, often because providers need to profile users for targeted advertisements. In fact, many free cloud-based file sharing services retain the right to use information and even share it with others. Far from being concerned about protecting your data assets, these companies are in the business of tracking and monitoring their users behavior in order to capture sales opportunities. When it comes to protecting your corporate data, the stakes are simply too high to trust anything but a proven, secure solution from an established, reliable vendor. Thousands of customers across the globe working in the most highly-regulated industries trust Axway to help them safely move, manage and secure data assets. Axway DropZone is the proven and secure alternative to consumer-based file sharing 14
TIP 5 services. Built on Axway s established security framework and leveraging over a decade of innovation and award-winning email security and data loss prevention (DLP) solutions, DropZone is: Easy-to-Use: DropZone provides the easy-to-use collaborative file sharing capabilities of popular consumer-grade file sharing services. Its intuitive interface ensures rapid adoption and empowers employees to safely exchange critical information inside and outside the enterprise without relying on unauthorized or potentially harmful file sharing tools. Simple to Install and Administer: Available as a physical or virtual appliance, DropZone can be installed in minutes to provide complete control over information entering and leaving your organization. The solution can be deployed as a standalone product or in conjunction with the Axway MailGate Secure Collaboration (SC) platform, for a complete, secure collaboration environment on one appliance with a single administration console. Axway MailGate SC simplifies management with one comprehensive secure email solution for inbound, outbound and encryption, providing secure file delivery without impacting your current environment. Secure: DropZone delivers a true balance between user productivity and corporate security with complete encryption of data in transit and at rest to ensure full security and file fidelity. Multiple tiers of security can be combined or used individually to secure outbound data. 15
TIP 5 Organizations using DropZone can establish, apply and easily monitor corporate security policies for file sharing from within the application. Made for Today s Mobile Workforce: DropZone makes mobile data access safe for work. With secure mobile clients for ios and Android devices, the solution gives IT departments the ability to provide end-users with a safe method to share files, synch data and applications, and safely interact with internal and external collaborators from the device of their choosing. Flexible and Highly Manageable: DropZone integrates seamlessly with your existing architecture, established Data Loss Prevention (DLP) applications and services with no browser or operating dependencies. The open application programming interface (API) gives you the freedom to add new capabilities and security levels as organizational needs change, without making any alterations to enterprise systems, protocols or enduser workflows. User role and permissions management deliver powerful authentication capabilities and provide strict control over who is allowed to create, share and access folders, to ensure that all actions comply with corporate security and compliance policies. Plus, a quota system provides efficient and effective storage management. With Axway DropZone, IT can finally provide the secure collaboration solutions employees need to do their jobs from any device without putting the company or its data assets at risk. 16
ABOUT About Axway For over a decade, Axway has provided leading organizations around the world with proven technology solutions that integrate, manage, secure and govern the business-critical interactions that accelerate enterprise performance. Our award-winning solutions span businessto-business integration, managed file transfer, business operations monitoring, process management, and email and identity security offered on premise or in the Cloud with professional and managed services. Axway delivers the cloud integration, API and identity management capabilities customers need to extend the boundaries of their enterprise and fully govern their flows of data out to the cloud, mobile and beyond. Learn more about Axway, DropZone and our Secure Collaboration Solutions: www.axwaysecurity.com 855.627.1258 Sales 877.943.6733 Federal END NOTES: 1 CIO-CSO Axway Quick Poll. Conducted by IDG Research Services on behalf of Axway. January 2013. 2 Ibid. 3 Mobile Security Strategies: Threats, Solutions & Market Forecasts 2012-2017. Juniper Research. June 2012. http://www.juniperresearch.com/viewpressrelease.php?pr=330 4 BYOD, File-Sharing Causing Headaches for IT. eweek. June 2012. http://www.eweek. com/c/a/it-management/byod-filesharing-causing-headaches-for-it-121228/ 5 Business, IT Professionals Move Toward Android Tablets. IDG Connect. July 2012. http://8.10.209.13/article.aspx?r=1009163 17
sales 855.627.1258 federal 877.943.6733 www.axwaysecurity.com Copyright Axway 2013. All rights reserved.