Month: March 2021

External File Sharing Best Practices

With the growth of work-from-home employees, remote file sharing has become more important than ever. Most organizations employ some sort of external file sharing solution, but all employees must know how to share folders and files safely and securely.

Sharing links that require no authentication may be convenient and useful in many situations, especially when you are sharing read-only files with external users. However, not all content is appropriate for unauthenticated sharing. It is important to put safeguards in place to help protect the organization’s confidential content and make it easy for authorized employees to access.

For these reasons, your organization needs to establish and adhere to a set of best practices for external file sharing.

Why External File Sharing is Essential to Your Business

If your business has employees working from home or on the road, they need to be able to access the same files and documents that they would if they were working on-premises. It is also necessary to share some files — typically on a read-only basis — with clients, vendors, and other external users.

This type of enterprise file sharing results in important benefits to your employees and your company, including:

  • Increased productivity, especially for remote workers
  • Enhanced collaboration between employees in different locations
  • Ability to securely share files with important clients
  • Easier to keep track of users, files, and data storage

Challenges of External File Sharing

Challenges of external file sharing
Challenges of external file sharing

External file sharing is not without its challenges. When implementing an external file sharing solution, you need to be aware of the following:

  • Remote workers need real-time access from any location and any type of device
  • Employees need to be able to quickly and easily locate specific files and content (according to M-Files, 86% of employees say they have difficulties searching for the files they need)
  • Certain files need to be accessible by clients, vendors, and other third parties
  • Sensitive files need to be secured from unauthorized access

Fortunately, all of these challenges can be met by following a set of established file-sharing best practices.

10 Best Practices for External File Sharing

Keep your shared files organized

When your organization opts for an external file sharing solution, it is essential to follow all industry best practices to make this file sharing both easy to do and secure. You want only your employees and designated third parties accessing your shared files – which means all concerned need to be aware of and observe these best practices.

Plan the File Structure

Before you begin file sharing, you need to plan the file structure. You want an orderly, logical, and hierarchical series of folders so that users easily figure out what goes where. This file structure delineates between which files can be shared externally and which can’t.

Follow these best practices when planning your organization’s file structure:

  • Create two top-level folders, one for external sharing and the other for internal sharing only
  • Keep all sensitive documents within a specific master folder so that permissions can be applied at the top level
  • Put all compliance-related documents within a specific master folder
  • Don’t go too deep with subfolders; keep the number of levels no more than five deep
  • Be consistent with your file structure and don’t allow individuals to make exceptions
  • Document your file structure strategy so future managers and staff will know the logic behind what you did

Use Consistent Naming Conventions

Your carefully-planned file structure should be paired with effective conventions for naming your files. Folder names should be clear, descriptive, and consistent. Users should be encouraged to follow similar naming conventions for the files they create and be strongly discouraged against creating inconsistent file names.

Follow these best practices when establishing your organization’s file naming conventions:

  • Use folder names that reflect their content or function; don’t use generic names such as FOLDER01
  • Folder and file names should be descriptive
  • Folder and file names should meaningful to anyone accessing the content
  • Consider a naming convention that includes whether the file is for internal or external use, the department or unit involved, the name of the document, the date of creation, and the current version. For example: internal_department_name_date_version
  • Discourage the use of overly-long names
  • Encourage the use of terms that are commonly used throughout your organization
  • Mandate consistency in file names  and don’t allow exceptions

Employ Collaboration Options

Today’s work environment is becoming increasingly collaborative, with documents passed around and shared by multiple team members. Common best practices to follow for collaborating on shared documents include:

  • Encourage employees to take advantage of all available collaboration options, such as notifications, comments, approvals, and versioning.
  • Employees should opt to “follow” documents so they’ll know when the documents are updated
  • All sharing should take place online, via the browser, not offline

Utilize Versioning

You should configure your file sharing service or software tools to automatically manage the various versions of all documents. Employees need to be assured that they’re always working on the latest versions of their documents, especially in group projects. (This is another reason to discourage or prohibit employees working with offline versions of files.)

Limit Access to Files

Access to all files should be limited to those employees who need access. Not everyone needs universal access to all documents. Employ the Zero Trust model, where no individual has automatic access to valuable data. Limit access only to those employees working on those specific files.

To that end, consider using tiered access, where some employees have write/edit access, some have read-only access, and some are denied access to specific files. Determine levels of access to ensure that files can’t be accessed by individuals without proper authorization.

Setting permission levels is also important when you allow clients, vendors, and others outside the company to access specific files. When dealing with external file sharing, it often makes sense to enable read-only access for outsiders.

Maintain Data Security

Data security needs to be at the forefront of all of your file-sharing activities. You want your data to be secure from theft or other unauthorized access. If your systems are breached, you want your data to remain off-limits to intruders.

Follow these best practices to enhance your organization’s data security:

  • Encrypt all stored data
  • Use end-to-end encryption when sharing, uploading, or downloading files
  • Discourage or prohibit file sharing via email
  • Discourage or disable file downloading
  • Password protect all files that are shared externally

Develop Retention Policies

Documents should not be kept any longer than necessary. Some documents need to be kept for legal, compliance, or historical reasons, but most files used in your organization have a much shorter shelf life. It’s important to cull unnecessary files to both minimize your data storage costs and simplify the search for truly necessary documents. (According to Varonis, 70% of files on file-sharing services are never shared.)

As such, you need to develop detailed retention policies for all files created within or shared with your organization. Here are some best practices to follow:

  • Follow all industry and governmental rules and regulations for how long you need to retain documents
  • Require employees to set expiration dates for all external and public file links
  • Organize in a common folder all documents that pertain to similar retention or compliance rules
  • Discourage or prohibit offline copies of documents
  • Set rules to automatically delete all files past a certain age in non-protected folders
  • Remind employees regularly to delete all unnecessary files

Regularly Audit File Access

It’s essential to know which files are being accessed, how, and by whom. That means regularly monitoring access to shared files – especially those that contain sensitive or confidential information. Follow these best practices:

  • Managers or team leaders should subscribe to notifications when critical files are accessed
  • IT staff should conduct periodic audits of key files to see who has accessed them
  • Access to critical files should be periodically reevaluated

Educate Your Users

Finally, you need to educate your employees on the importance of data security and essential file-sharing operations. They need to know everything about external file sharing, from how to share a folder online to how to share files safely and securely. Equally important, they need to know what they shouldn’t share externally, and why. The most secure file sharing solution is only as strong as the employees using it. Make sure your employees are trained on the proper techniques – and check in on them periodically to ensure they’re following your designated best practices.

Turn to Triofox for Secure File Sharing

Triofox enables secure file sharing and collaboration for both employees and external users, according to the best practices presented above. Users can set an expiration time on public links, make content read-only,  disable downloading, password-protect shared content, and subscribe to change notifications. When you need an easier-to-use, more secure external file sharing solution, turn to Triofox.

Contact us today to learn more about Triofox’s secure file sharing solution.

How to Overcome Data Sprawl in Your Organization

With storage costs plummeting and as mobile device usage increases, data is growing exponentially worldwide. Exponential growth in the use of multiple devices by employees in enterprises has become a norm. Furthermore, the changing paradigm of working away from the office has led to individuals relying on various cloud services to access their work documents.

The transition to purely cloud-based storage services from in-house storage solutions has also increased Data Sprawl. Cloud storage is often cheaper for businesses as it offers a scalable solution that is stored off-site. However, this development has increased Data Sprawl if there are no tabs kept on data growth.

A typical employee working from home may be using his mobile device to access file-sharing services, email systems, and his company’s ERP or CRM Software. As a result, companies are facing data sprawl. To avoid working in chaotic data environments, organizations need to efficiently manage data sprawl.

Let us look at what exactly is data sprawl and how your organization can overcome it.

What is data sprawl?

Data sprawl is the humongous amount of data that enterprises produce globally daily. It happens as a direct result of the data produced due to the growth in various operating systems, mobile and enterprise applications, BYOD (Bring Your Own Device) policies, and data warehouses worldwide.

Data sprawl is the proliferation of data into endpoints, servers, applications, BYODs, operating systems, network environments, and even other geo servers, which can be a challenge to monitor and control.

What are the problems that enterprises face due to data sprawl?

Making sense of data stored at multiple locations

In an enterprise, similar data may be stored at different servers or devices. As a result, it is not an easy task to perform meaningful analysis of data stored in different locations and formats. How does your organization make sense of the data if it is stored in such a way?

Security Concerns

When it comes to devices that have access to company data, security becomes a major concern. Cyber attacks are on the rise, but a lesser-known and equally dangerous threat is the malicious insider; data sprawl puts companies at a higher risk of falling victim to attacks like data theft or data compromise carried out by employees. Worse yet, many organizations fail to combat these attacks simply because they aren’t aware of them.

Data sprawl can create serious security concerns for your organization. With BYOD policies in place, data ends up going outside your secure network. Data stored in cloud file storage repositories (such as OneDrive and Google Drive) may be vulnerable to hacking attempts.

Further, with regulations like the GDPR in full swing, mishandling customer and sales data can result in hefty fines for breaching compliance. Your business may even end up losing customers in the process.

IoT adoption causing data analysis requirements to increase exponentially over time

An estimate by Business Insider predicts that there will be more than 40 billion IoT devices across the globe by 2027. IoT devices today can address real-life problems, and as a result, almost all enterprises have an edge strategy in mind.

Data is the lifeblood of edge computing strategy. Edge devices gather, store, and analyze information about an individual and their environment. More data is in devices in disparate formats, and all this data needs to be analyzed. Enterprises have to first reconcile the data into a single format and then analyze it to make sense of the disparate data. In fact, nowadays, companies are thinking more and more about prioritizing edge IoT for their analytics.

How can you overcome Data Sprawl in your Organization?

1. Opt for On-Premise file-sharing solutions

Rather than having employees adopt the practice of storing files in public-facing cloud solutions such as Dropbox or Google Drive, enterprises should consider going for a private file-sharing solution accessible to employees over the internet. Gladinet is a company that offers Triofox, an on-premise file sharing solution for enterprises. Some of the advantages of using such a solution are:

  • Private file sharing
  • Allowing the enterprise to self-host the solution
  • Integration with your existing Active Directory
  • Enabling remote and mobile access to file server shares directly over HTTPS

Some benefits of file sharing in such a scenario are:

  • Data Privacy is guaranteed
  • Collaboration is simplified
  • File servers can be accessed using mobile devices
  • Management of users, access control, and storage are simplified
  • Permissions can be granularly managed centrally
  • Productivity rises for employees across the board

2. Set enterprise-wide policies for data security

An enterprise-facing data sprawl and the security risks that may arise because of the data sprawl should create policies that outline how employees should access and handle data. An example is a policy that restricts users from accessing the company infrastructure through Wi-Fi networks that are publicly accessible and inherently insecure. Another example is a policy that forces users to change their passwords periodically. Additionally, enforcing multi-factor authentication (MFA) and single sign-on (SSO) along with properly training employees on data risks and related safety measures will go a long way in preventing data loss. 

3. Integrate software applications used across the enterprise

Another way of cutting down on data sprawl is to integrate software applications across the organization. Doing so helps reduce the number of information silos created by different departments or branches of a large enterprise that use various software applications. Not only will doing such an integration cut down on data sprawl, but it will also give stakeholders full visibility into company operations. Such an approach will allow the management to make smarter decisions by drawing upon employees’ collective intelligence at different organizational levels.

Want to know how to prevent data sprawl with the help of Gladinet’s Triofox? Signup today here for data sprawl prevention.