Where is your Corporate
Data Going?
WELCOME
INTRODUCTION ... 1 TIP 1: ... 4
Ensure Ease-of-Use
TIP 2: ... 6
Empower Secure Collaboration
TIP 3: ... 10
Regain & Retain Control
TIP 4: ... 12
Enable Mobility
TIP 5: ... 14
Trust the Security Pros
INTRODUCTION
Do you know where your corporate data is going? The answer should be a resounding, “Yes!” Unfortunately, it’s more difficult than ever to answer that question. Today’s fast-paced, mobile workforce relies on personal devices and popular consumer-grade file sharing tools to access and share information with colleagues inside and outside the enterprise. However, doing so makes it nearly impossible to control corporate data and can lead to devastating privacy, security and compliance breaches, damaged business reputations and costly fines. The most obvious path to regaining visibility and control over your corporate data is to provide employees with secure enterprise file sharing tools they can safely access from anywhere, on any device. But exactly how do you determine which tool is right for your organization? This eBook presents five (5) tips for selecting an enterprise-grade file sharing solution that supports collaboration and empowers productivity while protecting your corporate data.
Read on to learn more.
INTRODUCTION
Concerns of Using
Cloud-Based
File Sharing Tools
1CONCERNS
Source: “CIO-CSO Axway Quick Poll.” IDG Research Services. 2013. CONCERNS 77% 69% 69% 67% 50% 42% 40% 2% 2%
Sensitive data leak
Data loss/theft
Loss of control over data (i.e., no knowledge of where data will go once it has left the company
Unauthorized usage or visibility of files
Failing compliance/security audits
Monitoring/Managing the shared information (i.e., staff time)
Inability to satisfy eDiscovery process
Other (please specify)
Non-secure consumer-grade file sharing services like Dropbox, SharePoint and YouSendIt are rapidly gaining popularity because they are easy to use, and employees often turn to them because they simply don’t have another option. To change this pattern, IT must provide employees a secure means to transfer large files and safely access data from anywhere that is just as simple and intuitive as the free unregulated services available today. If the tools you provide aren’t intuitive and user-friendly, adoption rates will suffer and employees will continue to
use public cloud-based services, USB drives and webmail to share files, putting your corporate data at risk.
Ideal file-sharing solutions allow users to quickly yet securely share even large files, and collaborate both internally and externally from their desktops or mobile devices – while still complying with corporate security policies and regulatory directives. These solutions must also be flexible enough to use with all popular tablet and smartphone operating systems, and support various desktop platforms so that
Ensure Ease-of-Use
4
TIP 1
users can share files regardless of the device or operating system. An intuitive user interface is essential and should support drag-and-drop functionality with multiple web browsers. Secure file-sharing solutions should also be easy for IT to implement, administer and manage. Look for flexible solutions that integrate seamlessly with your current infrastructure, applications and services. The right tools will not only provide visibility into (and control over) the data flowing through your organization, they
will help you to monitor and manage storage usage, and enforce policy. And, since file sharing and email policies are typically the same, the two should be located on the same platform for consistency and easy administration and management.
5
Empower
Secure Collaboration
6
TIP 2
While ease-of-use is the key to user adoption of an enterprise-class file sharing solution, usability must be balanced with strong security. This is particularly essential for heavily-regulated industries, which must comply with intense privacy and security mandates such as HIPAA, HITECH, Sarbanes-Oxley and more.
Most employees don’t use cloud-based file sharing services with malicious intent, and may not be aware of the significant risks of using them. They are simply trying to get their work done and many corporate IT security measures such as email file-size
limitations slow down and even halt productivity. Therefore, you must provide users simple tools that empower collaboration with internal and external contacts via desktop, tablet or smartphone – all with enterprise-class policy controls and encryption to protect sensitive, private and regulated data.
To protect confidential information and intellectual property, and ensure compliance with government regulations and corporate policies, choose an enterprise-class file-sharing solution that ensures the encryption of shared files both in transit and at rest on dedicated
servers or network-attached storage devices. You should be able to choose between integration with your existing data loss prevention (DLP) infrastructure and built-in policy and control depending on your organization’s needs.
7
Importance of Functionalities
When Evaluating Cloud-Based
Files Sharing Solutions
2IMPORTANCE
IMPORTANCE 50% 42% 7% 1% 1% 92% 85% 75% 81% 84% 72% 74% 59% 44% 37% 16% 2% 1% 34% 50% 13% 3% 1% 31% 44% 23% 1% 2% 30% 42% 21% 5% 2% 23% 62% 14% 1% 1% 20% 54% 18% 5% 2% 19% 40% 26% 12% 2%
Ability to enforce security and compliance policies and controls
Net Highly Important Critical Very Important Somewhat Important Not very important Not at all important Ability to encrypt shared files
Ease of use/user adoption
Ability to monitor and report on file sharing
Ability to perform eDiscovery
Ease of administering user access
Integration with existing applications
Ability to enable file sharing via mobile device
10
TIP 3
When employees use consumer-grade tools for emailing and sharing files, you’ve essentially lost control over where your corporate data is going and who might gain access to it. Such services lack even the most basic policy-based security controls businesses need to protect their data and comply with industry and governmental data-privacy regulations.
The only way to fully protect your corporate data is to provide enterprise-class file sharing tools with the capabilities
end-users demand and IT needs to regain and retain control. Look for solutions with robust authentication and permissions management capabilities that allow you to:
• Analyze and appropriately manage every message and file that enters or exits your network, 24x7x365.
• Create and establish security, sharing and permissions policies within the application itself.
Regain & Retain Control
• Ensure data is accessible only by authorized individuals and file sharing is in compliance with corporate policy. • Control exactly who can
create and share folders, and determine with whom content can be shared.
• Simplify management via integration with your Active Directory or other LDAP Directories.
With such tools in place, IT can govern the flow of data as it moves in and out of the organization and control exactly who has access to high-value business information assets. Users can share sensitive, private or regulated data inside and outside of the organization safely within this framework, and IT can efficiently and effectively meet the demanding compliance mandates of even the most highly-regulated industries, such as healthcare, life sciences, government, financial and legal services.
11
12
TIP 4
The days of 9-to-5 office-based workdays are long over and employees are more geographically dispersed than ever. Along with business-authorized computers, they frequently use a host of mobile devices as well as their own home-based computers to get their jobs done. Recent studies show that:
• The number of employee-owned smartphones and tablets used in the enterprise will more than double by 2014, reaching 350 million, compared to nearly 150 million in 2012.3
• Over 80% of employees need to access work documents from outside the office.4
• 74% of business professionals currently use tablet
computers.5
As the prevalence of mobile devices grows, so do corporate data security and compliance concerns. Increased mobility and the Bring-Your-Own-Device (BYOD) boom may be boosting productivity and changing the way we work. At this point, however, most employees’ personal smartphones, tablets and mobile
Enable Mobility
devices are not equipped with the tools required to protect and secure corporate data and assets.
To safely enable and support the adoption of BYOD policies across the workplace, IT should provide secure enterprise collaboration tools that give employees the freedom to access, transfer and synch corporate files, folders and data from anywhere, at any time, from their desktop or mobile devices. Enterprise-class policy controls and encryption are a must to enable secure mobility and file sharing. IT should be able
to easily define, set and maintain secure collaboration policies that don’t restrict employee productivity. The right tools will provide a controlled environment where users can easily share files and folders, from any device, within and outside the organization while complying with corporate policy and data security requirements.
13
14
TIP 5
New file sharing services seem to appear on the scene almost daily. Yet, most consumer-based file sharing services, particularly those offered by large search engines and other advertising-driven companies, don’t have corporate security or regulatory compliance in mind. User agreements rarely include data protection guarantees, often because providers need to profile users for targeted advertisements. In fact, many free cloud-based file sharing services retain the right to use information and even share it with others. Far from being concerned about protecting your
data assets, these companies are in the business of tracking and monitoring their users’ behavior in order to capture sales opportunities. When it comes to protecting your corporate data, the stakes are simply too high to trust anything but a proven, secure solution from an established, reliable vendor. Thousands of customers across the globe working in the most highly-regulated industries trust Axway to help them safely move, manage and secure data assets. Axway DropZone™ is the proven and secure alternative to consumer-based file sharing
Trust the Security Pros
services. Built on Axway’s established security framework and leveraging over a decade of innovation and award-winning email security and data loss prevention (DLP) solutions, DropZone is:
• Easy-to-Use: DropZone provides the easy-to-use collaborative file sharing capabilities of popular consumer-grade file sharing services. Its intuitive interface ensures rapid adoption and empowers employees to safely exchange critical information inside and outside the enterprise – without relying on unauthorized or potentially harmful file sharing tools. • Simple to Install and
Administer: Available as a physical or virtual appliance, DropZone can be installed in minutes to provide complete control over information entering and leaving your
organization. The solution can be deployed as a standalone product or in conjunction with the Axway MailGate Secure Collaboration (SC) platform, for a complete, secure collaboration environment on one appliance with a single administration console. Axway MailGate SC simplifies management with one comprehensive secure email solution for inbound, outbound and encryption, providing secure file delivery without impacting your current environment.
• Secure: DropZone delivers a true balance between user productivity and corporate security with complete encryption of data in transit and at rest to ensure full security and file fidelity. Multiple tiers of security can be combined or used individually to secure outbound data.
15
Organizations using DropZone can establish, apply and easily monitor corporate security policies for file sharing from within the application. • Made for Today’s Mobile
Workforce: DropZone makes mobile data access safe for work. With secure mobile clients for iOS and Android devices, the solution gives IT departments the ability to provide end-users with a safe method to share files, synch data and applications, and safely interact with internal and external collaborators from the device of their choosing. • Flexible and Highly
Manageable: DropZone integrates seamlessly with your existing architecture, established Data Loss Prevention (DLP) applications and services with no browser or operating dependencies. The open application
programming interface (API) gives you the freedom to add new capabilities and security levels as organizational needs change, without making any alterations to enterprise systems, protocols or end-user workflows. User role and permissions management deliver powerful authentication capabilities and provide strict control over who is allowed to create, share and access folders, to ensure that all actions comply with corporate security and compliance policies. Plus, a quota system provides efficient and effective storage management.
With Axway DropZone, IT can finally provide the secure collaboration solutions
employees need to do their jobs from any device – without putting the company or its data assets at risk.
16
17
ABOUT
About Axway
For over a decade, Axway has provided leading organizations around the world with proven technology solutions that integrate, manage, secure and govern the business-critical interactions that accelerate enterprise performance. Our award-winning solutions span business-to-business integration, managed file transfer, business operations monitoring, process management, and email and identity security — offered on premise or in the Cloud with professional and managed services. Axway delivers the cloud integration, API and identity management capabilities customers need to extend the boundaries of their enterprise and fully govern their flows of data out to the cloud, mobile and beyond.
Learn more about Axway, DropZone and our Secure Collaboration Solutions:
www.axwaysecurity.com
855.627.1258 Sales 877.943.6733 Federal END NOTES:
1 “CIO-CSO Axway Quick Poll.” Conducted by IDG Research Services on behalf of Axway.
January 2013.
2 Ibid.
3 “Mobile Security Strategies: Threats, Solutions & Market Forecasts 2012-2017.” Juniper
Research. June 2012. http://www.juniperresearch.com/viewpressrelease.php?pr=330
4 “BYOD, File-Sharing Causing Headaches for IT.” eWeek. June 2012. http://www.eweek.
com/c/a/IT-Management/BYOD-FileSharing-Causing-Headaches-for-IT-121228/
5 “Business, IT Professionals Move Toward Android Tablets.” IDG Connect. July 2012.
