Enterprises are becoming more technologically diverse and that means they’re generating more data. Enterprises are also becoming more dependent on third-party service providers and that means it’s harder to keep track of sensitive information, namely where it sits, who has access to it and what’s being done with it.
Governance over external file sharing is the practice of securing and monitoring the sensitive information that comes into and leaves the organization.
In a previous post, we looked at the broad requirements for file sharing governance and identified four feature sets or “pillars” required for an effective integrated data governance framework. Those pillars are:
- Security
- Governance
- Ease of use
- Integration and automation
In this post, we’ll take a closer look at security—why it’s important and why enterprises need a solution that’s more comprehensive and extensible than the point solutions available today.
Disparate Data and Desperate Times
Here’s what on the mind of many CISOs today:
- Data breaches are becoming more common and more costly. Billions of records are being leaked each year.
- Login credentials stolen from one data breach can often be used to launch other data breaches, compounding the dangers of each breach that occurs.
- Shadow IT is pervasive, creating all kinds of unknown risks and vulnerabilities.
- The number of devices is growing dramatically, driven by mobile computing and the skyrocketing growth of IoT.
- Enterprise security teams are short-staffed, and the security professional job shortage is expected to reach millions of positions by 2020.
- Regulatory penalties for data breaches are becoming more severe, exemplified by the GDPR rule that allows companies to be fined up to 4% of their annual revenue for failing to protect the data privacy of consumers.
Customer records, contracts, financial data, intellectual property and other sensitive information is flowing in and out of an organization at all times and in increasing amounts. Employees are collaborating with partners, contractors, agencies, regulators, customers, and other trusted users. That content sharing is taking place in ad hoc ways on an ever-changing pool of devices, most of which are not under the IT department’s control. As much as CISOs need to improve firewall security, address Wi-Fi vulnerabilities, and ensure that all systems are up to date with patches, they also need to protect the content that travels inside and outside the organization.
Outbound, this shared content can lead to data leaks. Inbound, the same content can become a vehicle for malware.
Prohibiting the flow of content isn’t an option as it would bring enterprise operations to a grinding halt. Slowing the flow of content with numerous security measures, technologies, and time-consuming tasks, would greatly hinder productivity—and likely encourage employees to seek risky workarounds with Shadow IT solutions like CD ROMs, USB drives, Dropbox, Evernote and Google Drive.
Ultimately, CISOs and their teams need to secure sensitive information sharing in a way that doesn’t compromise employee productivity. Therefore, the ability to share sensitive information in a way that enhances productivity by making content even easier to find, share, and manage, is ideal.
How a Secure File Sharing Platform Can Help
At Accellion, we’ve developed a secure file sharing platform, kiteworks, that ensures all sensitive information, whether it’s stored in on-prem or in cloud-based ECM systems, as well as ERP, CRM and other critical business applications, can be accessed and shared securely. When using kiteworks, organizations have an added layer of security and control that provides organizations with an integrated governance framework to have full visibility into all file activity on the platform, including where sensitive information sits in the network, who has access to it and what’s being done with it.
Sensitive information, such as customer data, intellectual property, financial information, and legal contracts, is more susceptible than ever before to unauthorized access. Brute force attacks, misconfigured AWS servers, lost or stolen devices, phishing attacks all put valuable enterprise data at risk. With data breaches at an all-time high, it is more important than ever for organizations to have full control over their content. Accellion kiteworks enables organizations to securely access, protect and share sensitive information stored in disparate systems across the enterprise including:
- Enterprise Content Management (ECM) platforms, including Microsoft SharePoint and Documentum, as well as public cloud file sharing services such as Box, Dropbox, and Google Drive, and content stored on Windows File Shares and other data repositories on-premises or in the cloud.
- Critical enterprise applications like SAP, Oracle, Salesforce, Epic and Cerner, by utilizing extensive REST-based APIs.
- Microsoft solutions, including Outlook, Office for desktop and O365, as well as Microsoft applications like Word, Excel, and Power Point; users in fact can send these files securely while in these solutions and apps
With kiteworks, organizations can move seamlessly between these systems to find and share information. They can also ensure this information stays secure with anti-virus (AV), data loss prevention (DLP) and advanced threat protection (ATP) scans of all files going in and out of kiteworks. In addition, organizations have total visibility into all file activity going through the kiteworks platform. Who accessed a file? When was it accessed? From what IP address? Was the file modified or downloaded? These and other insights are available to organizations and are fully auditable.
Comprehensive Security for SMBs and Enterprises
To provide this comprehensive security, kiteworks applies its own security measures and integrates with other security products and services for the enterprise, creating a single, coordinated best-of-breed solution. Accellion kiteworks’ security measures include:
- A virtual hardened appliance that reduces the surface area hackers can target
- Support for private cloud and hybrid cloud implementations, giving enterprises full control over the location and storage of their data.
- Encryption of content in transit and at rest
- Full control of encryption keys, ensuring that enterprises have full control over access to their content
- Granular policy controls
- Rule-based permissions for access
- Embedded AV protection
- Integration with popular security technologies, such as:
- LDAP and Microsoft Active Directory
- Single Sign-on services
- Multi-factor authentication (MFA) services
- Data Loss Prevention (DLP) services
- Advanced Threat Prevention (ATP) products
- Secure “containers” on mobile devices, protecting content from illicit access or malware contamination either on storage or in memory
In a time of growing security risks and regulatory pressures, a secure file sharing platform that enables full visibility into all of an organization’s content provides CISOs with increased visibility, control, and peace of mind.
To learn more about Accellion kiteworks, please contact us.