Enterprise file sync and share brings file synchronization and file sharing under IT control. Its competitor is public offerings that are outside of the oversight of the organization and puts corporate data at risk. For an enterprise file sync and share (EFSS) strategy to be successful it must meet the expectations of the users while providing security for the organization and oversight by IT.
EFF Requirement 1: User Acceptance
It may surprise some that user acceptance is the most import aspect of the EFSS project instead of security or oversight. The reason is simple. If users don’t adopt the EFSS platform they will continually reject its use and will to “sneak” in other services they do like. Without acceptance, even the most secure solution in the world is useless if users won’t use it.
To gain acceptance the solution needs to have feature parity with the leading public solutions like DropBox and Google Drive. The attractiveness of these solutions is partly because of an it “just works” reputation and partly because of an “ease of use” aspect. The EFSS solution needs to integrate with the various operating systems the user has on the laptop or desktop (Windows, MacOS), as well as mobile iOS and Android products. It should also provide web-based access for times when the user’s laptop or device is not available.
The solution should provide the original reason for FSS: Popularity, synchronizing data between the various users devices and the ability to share files via a link. One aspect of user acceptance that makes EFSS different is IT oversight and control over the synchronization and sharing of data. EFSS provides IT control over what types of data users can share, with whom a user can share data with and how long the organization will allow a user to share a specific piece of data.
EFF Requirement 2: Secure Data Synchronization
The first part of secure data synchronization is encryption. Data needs to be encrypted while stored at the central repository, while in transit to the user’s device and while it resides on the user’s device. That way almost any breech in organization security will lead to another layer of secure files a hacker would have to breach. An EFSS solution should give the organization complete control over the encryption keys so only the organization can make the decision on when to unlock data.
Another aspect of security an EFSS solution should provide is control over what data users can synchronize to their devices. The organization should have the flexibility to limit the amount of corporate data exposure on devices. The EFSS solution should also provide the ability to wipe data from users devices if that user looses a device or leaves the company.
EFSS Requirement 3: Secure Data Sharing
Companies often have joint projects with other companies. The ability to easily share files between those businesses is critical. But many times the sharing is between competitors who are partnering on one project but remain competitive on others. And the cooperation doesn’t last forever.
EFSS Requirement 4: Cloud Flexibility
The final requirement of an EFSS solution is cloud flexibility. Some organizations will want to put their data in the cloud, others will not. The EFSS solution should enable the organization to leverage a private cloud storage (a.k.a object storage) system. It should handle the conversion between what the organization knows (NFS and SMB) and what the private cloud storage uses (object storage).
As we discussed in our entry, “Enterprise File Sync and Share vs. A File Strategy”, organizations should look beyond an EFSS solution to a strategy. But EFSS remains a core element and IT needs to make sure it delivers on the four key requirements; user acceptance, secure data synchronization, secure data sharing and cloud flexibility.
To learn more about developing a secure file strategy watch our on-demand webinar, “5 Must-Haves to Achieve Total File Security in the Cloud“.