With more and more employees working from home, many businesses seek to move data from their on-premises servers to cloud storage services. One of the more popular cloud storage solutions is Microsoft’s Azure Files – although it presents its own unique set of challenges to companies seeking to serve their remote workforces better. In this blog, we will look at how to improve access to Azure Files.
What Azure Files Is – and Why It’s Popular
Azure Files is a managed file share service for files stored in the Microsoft Azure cloud. Microsoft Azure is a cloud platform used by large and small businesses for data storage, app hosting, and other purposes. Azure Files allows companies to share files hosted in the cloud with remote employees located anywhere in the world.
Using standard protocols like SMB or NFS, Windows Server administrators can set up access to Azure archives. Users can mount Azure Files directly from the cloud or on-premises servers. Users can access Azure Files from a Windows, macOS, or Linux machine.
Many organizations use Azure Files because it makes it relatively simple to share files via the cloud. It can easily replace on-premises file servers and existing file shares with minimal maintenance. File shares can also be cached on local Windows Servers if desired.
Challenges in Using Azure Files
Azure Files sounds like the perfect solution for organizations with work-at-home employees who need to access files remotely. However, users have discovered that it is less than ideal, with many challenges that impact the service’s ultimate usability.
The biggest challenges in using Azure Files include:
No native mobile application for access from phones and tablets
No file locking, which could result in multiple users overwriting each other’s changes
Potential sync problems with local caching
Inefficient bandwidth use from repeatedly downloading the same files from the cloud
These issues can result in inefficiencies and, sometimes, corrupted files. They also are keeping many organizations from embracing Azure Files as their remote file sharing solution.
A Real-World Example
One of our clients decided to transfer all of their on-premises data to Azure Files from local file servers. However, after conducting a service test, they discovered several issues due to the lack of file locking and other popular system features.
This client has offices in two different locations, in the U.S. and Dubai, UAE. The client’s file server is in the U.S. The client currently accesses local files at both locations and needs to access U.S.-based files from the Dubai office..
The client needed the same set of files to be present in both locations. The client had to transfer the files from both on-premises sites to a cloud file server to achieve this. The client chose Microsoft Azure Files to accomplish this.
The Azure Files solution appeared to be a viable option. Microsoft’s data center in Dubai is not far from the client’s Dubai office. His US office is also next to the Azure East data center in the United States.
The client began by syncing files from his office in the United States to the Azure cloud but soon ran into Azure’s lack of file locking functionality. People in both the US and Dubai offices were seeing different copies of the same file was inconvenient. Latency issues plagued the client, especially when it came to files syncing.
As a result, the client was forced to seek out another choice. They went with Triofox.
How Triofox Makes it Easier to Access Azure Files
All of these issues are addressed by Triofox, which provides all required file system features for Azure Files, including:
File locking
On-demand synchronization
Instant syncing to the central storage repository
Efficient bandwidth utilization
Secure mobile app access
With Triofox, Azure Files becomes much more usable for remote workers. Files are locked during editing so that essential data is never inadvertently overwritten. Azure file shares look just like typically shared folders on users’ devices.
Triofox offers web browser, desktop/laptop, and mobile access. The Triofox mobile app enables users to access files at home from their own mobile devices. Remote access is easy and secure..
Let Triofox Be Your Azure File Sharing Solution
Triofox is a file server enhancement solution that supplements Microsoft’s Azure Files remote file sharing. With Triofox, remote users have secure access to data in Azure Files with all the file locking and synchronization features that ensure safe and efficient operation. Contact Triofox today to learn more about how Triofox can help your organization get more out of Azure Files – and create a more efficient and practical remote workforce.
Any enterprise interested in reaping the benefits of a cloud (or hybrid) deployment should examine all available security models carefully. Almost everyone agrees that the cloud will continue to play an important role in our digital future. It enables seamless scaling, cost-effective management of resources, and provides access to business resources from almost anywhere.
Anyone who isn’t seriously considering installing any Line-of-Business (LOB) applications in the cloud is falling behind their competitors. One of the key challenges that your organization will have to overcome when moving to a hybrid deployment model is ensuring your data and network stays secure at all times.
Although most security analysts will tell you that there’s no such thing as a single solution to address all of your concerns, many will agree that a framework using the Zero Trust Access Model (ZTNA) is the best way to go. With this approach, companies can secure data and limit the risk of a specific breach from spreading to the entire network.
ZTNA has been around for years and works for most hybrid environments, including those where remote access is a critical part of business continuity. In this blog, we’ll look at what a ZTNA framework entails and where it works well. We’ll also give you some considerations for improved cloud security and how you can establish direct access as a ZTNA alternative to help ensure you protect your LOB application data.
What is a ZTNA Security Framework?
Cloud security is receiving a lot of attention lately due to some high-level data breaches over the last few years. In fact, if you’ve moved a hybrid deployment in the last two years and haven’t experienced a breach, you’ll be in the minority. One of the buzzwords flying around in the industry and often toted as a best-in-class solution is ZTNA. What this means is the company adopted a zero-trust access model for all their applications using a set of technologies and policies.
Using the most granular set of permissions and policies, companies can secure any internet-facing application on the user layer. Security professionals define ZTNA as a Software-Defined Perimeter (SDP) because it creates a well-secured barrier between the company’s networks and each application housed in their environment.
How Does the ZTNA Model Work?
Most companies are used to network-centric security solutions like a Virtual Private Networks (VPNs) and Firewalls (FWs). ZTNA takes a fundamentally different approach to system security. The primary difference is by separating the IT environment’s network security from remote access requests. Protecting the entire network expands the security perimeter while having to deal with a wide variety of possible vulnerabilities. What makes ZTNA different is it creates a case-by-case access control framework for every application deployed in the environment.
To achieve this, ZTNA champions the following four principles:
Isolating application access from network access – ZTNA only grants access to specific applications based on the user’s exact credentials and applying granular permissions to every access request.
Hides the network from unauthorized users – By granting out-bound only connections, no unauthorized user will even know the network exists or have the ability to exploit it beyond the application involved.
Requires native app segmentation – Grants access on a one-to-one basis, where only one user-to-application connection keeps the rest of the IT system secure and credentials allow access to only the application required.
Deemphasizes network security in lieu of application security – ZTNA leverages encrypted micro tunnels between the user and specific application, and as such doesn’t allow any compromised device to infect the rest of the network.
These four principles help create a secure, software barrier between the company’s networks and individual applications. If an employee uses a compromised device to access company systems, the infection cannot spread unless a hacker engineered it to overcome the software layer of protection.
Challenges Arising from ZTNA Security Models
Zero trust means just that, you don’t trust anything in your IT system. It includes people, devices, data, networks, and workloads. One of the key drawbacks to this approach is the level of effort required. To establish a ZTNA security framework, you’ll need to increase the control you exercise on every single application within your environment.
Some of the primary challenges with ZTNA includes:
Increased time and effort – Establishing a ZTNA model requires building the security framework from the ground up. There’s no such thing as group control or application pool security, so you’ll have to define every application’s access model and pair it with a specific user.
Managing more devices – Similarly, users may want to access their applications from any device, meaning security professionals need to adapt their solutions to accommodate these different types of access requests.
User and application-level control mean additional admin – To ensure only authorized users have access, the application landscape needs to be as granular as possible and managed at that level. Companies need to consider the workloads it will add to their security resources.
May require specialized skills – To ensure you are managing the security of every application, the organization may need to adopt a solution like containerization to achieve ZTNA. With containerization, every application is contained within its own bucket and data exchanges happen only on the server-side of the software.
Benefits of ZTNA Trust Models
Because ZTNA is a fundamentally different approach to the way most organizations deal with application security, it requires a shift in the mind-sets from your security professionals. That said, it does bring additional benefits to the company when implemented correctly.
With the smart segmentation of application layer data, you can reduce exposure to vulnerabilities, improve your security orchestration, and manage application access policies effectively. While the benefits of ZTNA are plenty, the additional effort required to implement, administer, and maintain ZTNA should be part of your assessment before opting to go with this framework.
For most organizations looking to speed up their hybrid and cloud adoption, a ZTNA alternative like Triofox could provide better results.
Enabling Secure Remote Access using Triofox Instead
Triofoxstreamlines your access model for both cloud and on-premises deployments. Whether you want a hybrid application implementation or just need to provide remote access to your own data center, Triofox is one of the few ZTNA and VPN alternatives available.
The way Triofox works doesn’t require a fundamental change to your security posture while enabling remote access to your LOB applications. You can maintain your current security frameworks and extend these to networks that your staff needs to access over the internet.
How Triofox Works and How It Compares to ZTNA Models
Triofox extends your existing security infrastructure whenever it routes a remote access request to an application within your system. The Triofox server integrates with your corporate network and current Active Directory (AD) configuration.
With integration to your current AD, you can also maintain your existing NTFS permissions. No additional configuration or extra admin effort will be required. Your security resources can go about their daily tasks while staff has the necessary remote access (at the right granular levels) to stay productive.
The key difference between Triofox and ZTNA models is that your current AD remains the central control panel for all your remote access needs. Once a user requests access, Triofox issues an authentication token based on the permissions you’ve previously defined in your AD. End-to-end encryption keeps your data secure in transit and staff do not have to deal with additional complexity when accessing LOB applications.
Consider a ZTNA Alternative with Triofox Secure Remote Access
Every organization can benefit from a cloud or hybrid deployment. The only thing holding you back is your security considerations. With Triofox, you don’t have to rebuild the wheel when it comes to network and application security. You can safely deploy your file servers on-premises or in the cloud and simply extend your existing security and establish direct access as a ZTNA alternative
To see how Triofox can provide you with elevated security while speeding up your cloud adoption, sign up for a free trial today.
Ransomware attacks are becoming an increasing threat to businesses, organizations, and municipalities worldwide. If your organization becomes the victim of one of these attacks, you may be forced to pay hundreds of thousands— if not millions— of dollars to regain access to your systems and data.
What is Ransomware – and How Does It Work?
A ransomware attack is a type of extortion initiated over the Internet—a cyberattack for profit. Most ransomware attackers work for criminal organizations or foreign nations that are in it purely for the money. They threaten to hold an infected system and its data hostage until a hefty ransom is paid.
Who Do Attackers Target?
Any type of organization can be the victim of a ransomware attack. Some attackers focus their attention on a single business or government entity. Others cast a wider net, sending ransomware to a large number of targets, assuming that at least a few recipients will click on a link and release the virus onto their computers.
How Does Ransomware Infect Your System?
A ransomware attack is typically triggered by a phishing attempt on an employee somewhere in the targeted organization. When an unsuspecting victim clicks a link in the phishing email and subsequently enters their username and password, the attacker gets access to the user’s system and plants the ransomware. Another common approach is to send the victim an email with an ordinary-looking attachment. When the user opens the attachment, the ransomware infects the host system.
Some ransomware attackers launch their attacks immediately on the initial infection. Others wait patiently for the ransomware to spread across large computer systems. In some cases, a ransomware attack can happen weeks or months after the initial infection.
What Does Ransomware Do to Your System?
Once the cyber extortionist initiates the attack, the ransomware goes to work. The malicious software encrypts data across the infected system so that it cannot be accessed. Some ransomware also encrypts the operating system of the infected computers, rendering them completely unusable. The most sophisticated ransomware is also capable of infecting data backups, making it virtually impossible for the targeted organization to restore data from a previous date. Users at the targeted entity are frozen out of the entire computer system.
The cyber extortionists, who have taken great care to cover their tracks online, then send the victim a ransom notice. This notice may automatically appear on the screens of infected computers or it may arrive in an email message. The message notifies the victim that their computers and data are encrypted and provides information on how to satisfy the attacker’s demands. This typically involves making a payment, usually in Bitcoin, to an untraceable online bank account. Ransom demands range from several thousand dollars to several million. At this point the victim has two choices: they can pay the ransom or take the hit.
What Happens After a Ransomware Attack?
If a company or organization chooses not to pay the ransom, it can attempt to restore affected data from a previous data backup. This may or may not work, depending on whether the ransomware has also frozen the backup. If the entire computer system is locked up, the organization may need to purchase new computers and servers. The cost to proceed without paying the ransom may exceed the price of the ransom itself.
Paying the ransom as demanded isn’t without risk. There is always the chance that the cyber extortionist may take the money and run, leaving the infected systems inoperable. Even if the cyber extortionist provides the key to decrypt the locked data, the victim might still encounter problems. Not all affected data is always recoverable, and some damage to files or systems may be irreparable.
If your organization is attacked, you’ll probably be offline for days or weeks. You’ll also pay the cost of downtime and the expense of bringing the system back online.
Anatomy of a Ransomware Attack?
Most ransomware attacks take place over six distinct stages.
1: Campaign
The initial state of the attack typically involves the distribution of phishing emails. The campaign may target a specific organization or distribute en masse to a large number of potential victims.
2: Infection
After a victim clicks the link in the phishing email, the malicious code is downloaded to the victim’s computer and executed. At this point, the host system is officially infected – although no files have yet been encrypted. If the infection can be identified at this stage, it can be removed before any damage is done.
3: Staging
In this stage, the malicious code establishes a connection to the attacker’s command and control server. The attacker can now send commands to the infected system.
4: Scanning
The attacker now scans the infected system to determine which files to encrypt. This may take hours, days, or even weeks, during which time the malicious software hides undetected on the victim’s system. There is still time, at this stage, for the infection to be detected and deleted without any damage to the host system.
5: Encryption
This is the stage where the damage occurs. At the attacker’s command, the ransomware encrypts all or selected files on the victim’s system.
6: Payday
During this final stage, the victim’s system becomes inoperable and the attacker sends the victim an electronic ransom note. The note demands payment, typically in Bitcoin, to decrypt the affected files and return the infected system to normal.
The Very Real Costs of Ransomware
Ransomware is one of the most serious cybersecurity threats faced by organizations today. The FBI reports that more than 4,000 ransomware attacks take place every day. Ransomware attacks entities of every size, from small businesses to large hospital systems to entire school systems and city governments.
Ransomware attacks are increasingly costly. Sophos’ The State of Ransomware 2020 report details that organizations that choose not to pay the ransom spend just over $732,000 to return their systems to working conditions. Organizations that choose to pay the ransom are out the cost of the ransom and additional remediation costs, for an average of $1.45 million per attack. That’s in addition to the average 19 days of downtime organizations experience after an attack.
Knowing all this, can your company afford to be a victim of ransomware?
How to Detect a Ransomware Infection – Before It’s Activated
The most obvious sign that you are a victim of a ransomware attack is that your systems freeze up, your data files become inaccessible, and you receive a ransom note from the attackers. By this time, however, it’s much too late to do anything about it other than respond to the attacker’s demands.
It is essential to detect an infection before the ransomware is activated. You need to employ measures that actively seek out ransomware infections in your system.
The process of proactively proving your system for ransomware and other cyber threats is called threat hunting. Threat hunters evaluate network traffic and activity to look for signs the system has been compromised.
One of the most common signs of compromise is the presence of a persistence mechanism. Malware inserted into a system needs to endure when the system is rebooted, or else the attackers have to keep reinserting the malware again and again. To maintain an infection, the malware must have some sort of persistence mechanism. Threat hunters look especially for signs of a persistence mechanism, which they can then analyze and track to discover the malicious software itself.
How to Protect Against Ransomware
There is no single solution that completely protects against ransomware attacks. You need to employ a multi-faceted security program to protect against, detect, alleviate, and recover from ransomware attacks.
Protection Starts with Your Employees
Since most ransomware intrusions start with a phishing attack, it’s important to beef up your phishing defenses. This includes strengthening anti-phishing education for all your employees and stressing – over and over again – not to click links or open attachments in unsolicited email and text messages.
Employees should also be trained not to download files from unknown websites or accept media and USB drives from untrusted sources.
Cybersecurity Defenses
Naturally, your IT staff should play a significant role in your defense against ransomware. Staff needs to make sure that all operating system and software are fully updated and install all of the following:
Anti-malware software
Web filters
Email security filters
Robust firewalls
It’s also important to implement measures that ensure ransomware removal in the event of an infection.
Back-Up Your System Just in Case
In addition, you need to take precautions in case your organization is the victim of a ransomware attack. You need to frequently make multiple backup copies of all important files, documents, and software and store some of these backups offsite or in the cloud. You need to be able to restore your system if your system or files are wiped by an attacker.
How Triofox Can Protect Your Business from Ransomware Attacks
Triofox is a file server enhancement solution that provides secure file sharing for your on-premises and remote workforce. Triofox can also help your organization protect against ransomware attacks with its robust ransomware protection.
Triofox continuously monitors all Triofox clients and takes proactive action if it sees any unusual activity from any device. If an attack is detected, the software disables access for the affected device and sends an alert to the system administrator. To enable your team to recover from ransomware and other attacks, Triofox also includes offsite file server backup.
Triofox also provides an easy-to-access version control history that simplifies recovery from Cyber-Attacks including ransomware and malware.
Contact us today to learn more about Triofox’s ransomware protection.
With the growth of work-from-home employees, remote file sharing has become more important than ever. Most organizations employ some sort of external file sharing solution, but all employees must know how to share folders and files safely and securely.
Sharing links that require no authentication may be convenient and useful in many situations, especially when you are sharing read-only files with external users. However, not all content is appropriate for unauthenticated sharing. It is important to put safeguards in place to help protect the organization’s confidential content and make it easy for authorized employees to access.
For these reasons, your organization needs to establish and adhere to a set of best practices for external file sharing.
Why External File Sharing is Essential to Your Business
If your business has employees working from home or on the road, they need to be able to access the same files and documents that they would if they were working on-premises. It is also necessary to share some files — typically on a read-only basis — with clients, vendors, and other external users.
This type of enterprise file sharing results in important benefits to your employees and your company, including:
Increased productivity, especially for remote workers
Enhanced collaboration between employees in different locations
Ability to securely share files with important clients
Easier to keep track of users, files, and data storage
Challenges of External File Sharing
Challenges of external file sharing
External file sharing is not without its challenges. When implementing an external file sharing solution, you need to be aware of the following:
Remote workers need real-time access from any location and any type of device
Employees need to be able to quickly and easily locate specific files and content (according to M-Files, 86% of employees say they have difficulties searching for the files they need)
Certain files need to be accessible by clients, vendors, and other third parties
Sensitive files need to be secured from unauthorized access
Fortunately, all of these challenges can be met by following a set of established file-sharing best practices.
10 Best Practices for External File Sharing
When your organization opts for an external file sharing solution, it is essential to follow all industry best practices to make this file sharing both easy to do and secure. You want only your employees and designated third parties accessing your shared files – which means all concerned need to be aware of and observe these best practices.
Plan the File Structure
Before you begin file sharing, you need to plan the file structure. You want an orderly, logical, and hierarchical series of folders so that users easily figure out what goes where. This file structure delineates between which files can be shared externally and which can’t.
Follow these best practices when planning your organization’s file structure:
Create two top-level folders, one for external sharing and the other for internal sharing only
Keep all sensitive documents within a specific master folder so that permissions can be applied at the top level
Put all compliance-related documents within a specific master folder
Don’t go too deep with subfolders; keep the number of levels no more than five deep
Be consistent with your file structure and don’t allow individuals to make exceptions
Document your file structure strategy so future managers and staff will know the logic behind what you did
Use Consistent Naming Conventions
Your carefully-planned file structure should be paired with effective conventions for naming your files. Folder names should be clear, descriptive, and consistent. Users should be encouraged to follow similar naming conventions for the files they create and be strongly discouraged against creating inconsistent file names.
Follow these best practices when establishing your organization’s file naming conventions:
Use folder names that reflect their content or function; don’t use generic names such as FOLDER01
Folder and file names should be descriptive
Folder and file names should meaningful to anyone accessing the content
Consider a naming convention that includes whether the file is for internal or external use, the department or unit involved, the name of the document, the date of creation, and the current version. For example: internal_department_name_date_version
Discourage the use of overly-long names
Encourage the use of terms that are commonly used throughout your organization
Mandate consistency in file names and don’t allow exceptions
Employ Collaboration Options
Today’s work environment is becoming increasingly collaborative, with documents passed around and shared by multiple team members. Common best practices to follow for collaborating on shared documents include:
Encourage employees to take advantage of all available collaboration options, such as notifications, comments, approvals, and versioning.
Employees should opt to “follow” documents so they’ll know when the documents are updated
All sharing should take place online, via the browser, not offline
Utilize Versioning
You should configure your file sharing service or software tools to automatically manage the various versions of all documents. Employees need to be assured that they’re always working on the latest versions of their documents, especially in group projects. (This is another reason to discourage or prohibit employees working with offline versions of files.)
Limit Access to Files
Access to all files should be limited to those employees who need access. Not everyone needs universal access to all documents. Employ the Zero Trust model, where no individual has automatic access to valuable data. Limit access only to those employees working on those specific files.
To that end, consider using tiered access, where some employees have write/edit access, some have read-only access, and some are denied access to specific files. Determine levels of access to ensure that files can’t be accessed by individuals without proper authorization.
Setting permission levels is also important when you allow clients, vendors, and others outside the company to access specific files. When dealing with external file sharing, it often makes sense to enable read-only access for outsiders.
Maintain Data Security
Data security needs to be at the forefront of all of your file-sharing activities. You want your data to be secure from theft or other unauthorized access. If your systems are breached, you want your data to remain off-limits to intruders.
Follow these best practices to enhance your organization’s data security:
Encrypt all stored data
Use end-to-end encryption when sharing, uploading, or downloading files
Discourage or prohibit file sharing via email
Discourage or disable file downloading
Password protect all files that are shared externally
Develop Retention Policies
Documents should not be kept any longer than necessary. Some documents need to be kept for legal, compliance, or historical reasons, but most files used in your organization have a much shorter shelf life. It’s important to cull unnecessary files to both minimize your data storage costs and simplify the search for truly necessary documents. (According to Varonis, 70% of files on file-sharing services are never shared.)
As such, you need to develop detailed retention policies for all files created within or shared with your organization. Here are some best practices to follow:
Follow all industry and governmental rules and regulations for how long you need to retain documents
Require employees to set expiration dates for all external and public file links
Organize in a common folder all documents that pertain to similar retention or compliance rules
Discourage or prohibit offline copies of documents
Set rules to automatically delete all files past a certain age in non-protected folders
Remind employees regularly to delete all unnecessary files
Regularly Audit File Access
It’s essential to know which files are being accessed, how, and by whom. That means regularly monitoring access to shared files – especially those that contain sensitive or confidential information. Follow these best practices:
Managers or team leaders should subscribe to notifications when critical files are accessed
IT staff should conduct periodic audits of key files to see who has accessed them
Access to critical files should be periodically reevaluated
Educate Your Users
Finally, you need to educate your employees on the importance of data security and essential file-sharing operations. They need to know everything about external file sharing, from how to share a folder online to how to share files safely and securely. Equally important, they need to know what they shouldn’t share externally, and why. The most secure file sharing solution is only as strong as the employees using it. Make sure your employees are trained on the proper techniques – and check in on them periodically to ensure they’re following your designated best practices.
Turn to Triofox for Secure File Sharing
Triofox enables secure file sharing and collaboration for both employees and external users, according to the best practices presented above. Users can set an expiration time on public links, make content read-only, disable downloading, password-protect shared content, and subscribe to change notifications. When you need an easier-to-use, more secure external file sharing solution, turn to Triofox.
Contact us today to learn more about Triofox’s secure file sharing solution.
With storage costs plummeting and as mobile device usage increases, data is growing exponentially worldwide. Exponential growth in the use of multiple devices by employees in enterprises has become a norm. Furthermore, the changing paradigm of working away from the office has led to individuals relying on various cloud services to access their work documents.
The transition to purely cloud-based storage services from in-house storage solutions has also increased Data Sprawl. Cloud storage is often cheaper for businesses as it offers a scalable solution that is stored off-site. However, this development has increased Data Sprawl if there are no tabs kept on data growth.
A typical employee working from home may be using his mobile device to access file-sharing services, email systems, and his company’s ERP or CRM Software. As a result, companies are facing data sprawl. To avoid working in chaotic data environments, organizations need to efficiently manage data sprawl.
Let us look at what exactly is data sprawl and how your organization can overcome it.
What is data sprawl?
Data sprawl is the humongous amount of data that enterprises produce globally daily. It happens as a direct result of the data produced due to the growth in various operating systems, mobile and enterprise applications, BYOD (Bring Your Own Device) policies, and data warehouses worldwide.
Data sprawl is the proliferation of data into endpoints, servers, applications, BYODs, operating systems, network environments, and even other geo servers, which can be a challenge to monitor and control.
What are the problems that enterprises face due to data sprawl?
Making sense of data stored at multiple locations
In an enterprise, similar data may be stored at different servers or devices. As a result, it is not an easy task to perform meaningful analysis of data stored in different locations and formats. How does your organization make sense of the data if it is stored in such a way?
Security Concerns
When it comes to devices that have access to company data, security becomes a major concern. Cyber attacks are on the rise, but a lesser-known and equally dangerous threat is the malicious insider; data sprawl puts companies at a higher risk of falling victim to attacks like data theft or data compromise carried out by employees. Worse yet, many organizations fail to combat these attacks simply because they aren’t aware of them.
Data sprawl can create serious security concerns for your organization. With BYOD policies in place, data ends up going outside your secure network. Data stored in cloud file storage repositories (such as OneDrive and Google Drive) may be vulnerable to hacking attempts.
Further, with regulations like the GDPR in full swing, mishandling customer and sales data can result in hefty fines for breaching compliance. Your business may even end up losing customers in the process.
IoT adoption causing data analysis requirements to increase exponentially over time
An estimate by Business Insider predicts that there will be more than 40 billion IoT devices across the globe by 2027. IoT devices today can address real-life problems, and as a result, almost all enterprises have an edge strategy in mind.
Data is the lifeblood of edge computing strategy. Edge devices gather, store, and analyze information about an individual and their environment. More data is in devices in disparate formats, and all this data needs to be analyzed. Enterprises have to first reconcile the data into a single format and then analyze it to make sense of the disparate data. In fact, nowadays, companies are thinking more and more about prioritizing edge IoT for their analytics.
How can you overcome Data Sprawl in your Organization?
1. Opt for On-Premise file-sharing solutions
Rather than having employees adopt the practice of storing files in public-facing cloud solutions such as Dropbox or Google Drive, enterprises should consider going for a private file-sharing solution accessible to employees over the internet. Gladinet is a company that offers Triofox, an on-premise file sharing solution for enterprises. Some of the advantages of using such a solution are:
Private file sharing
Allowing the enterprise to self-host the solution
Integration with your existing Active Directory
Enabling remote and mobile access to file server shares directly over HTTPS
Some benefits of file sharing in such a scenario are:
Data Privacy is guaranteed
Collaboration is simplified
File servers can be accessed using mobile devices
Management of users, access control, and storage are simplified
Permissions can be granularly managed centrally
Productivity rises for employees across the board
2. Set enterprise-wide policies for data security
An enterprise-facing data sprawl and the security risks that may arise because of the data sprawl should create policies that outline how employees should access and handle data. An example is a policy that restricts users from accessing the company infrastructure through Wi-Fi networks that are publicly accessible and inherently insecure. Another example is a policy that forces users to change their passwords periodically. Additionally, enforcing multi-factor authentication (MFA) and single sign-on (SSO) along with properly training employees on data risks and related safety measures will go a long way in preventing data loss.
3. Integrate software applications used across the enterprise
Another way of cutting down on data sprawl is to integrate software applications across the organization. Doing so helps reduce the number of information silos created by different departments or branches of a large enterprise that use various software applications. Not only will doing such an integration cut down on data sprawl, but it will also give stakeholders full visibility into company operations. Such an approach will allow the management to make smarter decisions by drawing upon employees’ collective intelligence at different organizational levels.
Want to know how to prevent data sprawl with the help of Gladinet’s Triofox? Signup today here for data sprawl prevention.
Cloud computing and storage was one of the major enablers of businesses around the globe over the last decade. It may have started as a buzzword in 2010, but the infrastructure that supports cloud adoption can now transform how your company and employees perform work. Analysts expect the global public cloud services market to reach $623.3 billion by 2023.
Cloud migration also means different things to different organizations. A single team may not need all the company information available in the cloud, so you may want to implement a hybrid system that only provides access to specific files from outside the network. With Triofox, you can quickly migrate the on-premises data to the cloud and set up a remote access solution that remains secure while enabling remote work.
What Happens When You Migrate Business Data to the Cloud?
The cloud is the term you use for information that remains accessible from outside your corporate network. Once you move your data to the cloud, your staff can access files and folders from any connected device using a secure connection. Every company will have different needs, so the cloud migration strategy you use should consider your business needs. Triofox helps you to use your existing IT infrastructure as part of your cloud deployment.
Why Should You Migrate Your Business Data to the Cloud?
To understand the benefits of moving your business data to the cloud, you’ll need to consider your current pain points. If you regularly consume more IT resources than you have available, a cloud service can help you overcome those challenges. Some of the biggest benefits of cloud migration include:
Reduced cost of resources as you only pay for what you use.
Improved redundancy as you no longer depend on on-premises servers.
Increased performance of the IT systems and greater productivity from your resources.
Greater elasticity and self-service provisioning.
How Is Your Data Stored in the Cloud?
All your business-critical data that’s in the cloud still exists on servers. The difference is that you’re no longer responsible for provisioning and maintaining your servers (unless you opt to deploy a hybrid cloud model. Most organizations prefer a hybrid model as it gives you control over specific parts of your IT infrastructure while making service providers responsible for other portions.
If you want to deploy only some of your business data to the cloud, you can use Triofox for your cloud migration strategy. The software enables you to provide remote access from any workstation with a secure connection to either on-premises file servers and other data or third-party cloud services.
How to Establish a Secure Connection to Retrieve Data from the Cloud?
Every implementation is different and uses a variety of cloud migration services that will influence how you find your information. Triofox enables you to configure and map a cloud network drive accessible from your employee’s workstation or mobile device. If your organization uses Microsoft Active Directory, you can maintain your current network and drive structures while granting access to the specific file server shares to your employees.
Start Your Cloud Migration Checklist by Checking Out Triofox
Triofox is a smart and secure way to start your cloud migration checklist. It ensures you control all your data sources from a single management console without increasing data sprawl. Using your existing network layout, on-premises infrastructure, and employee credentials, you can start your cloud migration with Triofox quickly.
If you want more information about how to migrate to the cloud using Triofox, schedule a demo with us today.
Many companies struggled to comply with government regulations and stay at home orders that aimed to keep staff safe during the COVID-19 pandemic. For some, it was more complex than simply setting up a Virtual Private Network (VPN) and allowing staff to work from home.
Governments around the world had to act quickly to slow the spread of the virus, but the best way to protect populations was to enforce the necessary social distancing. The boost this gave to remote work technologies hasn’t gone unnoticed. Stock prices for companies who were perfectly poised to provide remote work tech skyrocketed.
Similarly, employees who had to perform duties from home found that productivity stayed the same or even increased. While work from home has been on an upward trend over the last ten years, since the start of 2020, it is now part of good business practice for your organization to establish an effective and secure remote access solution. If your company operates in an area or territory where VPNs are illegal (like the United Arab Emirates), you can still implement remote work and it may even be a better solution than a traditional VPN.
Why are VPNs Illegal in the UAE?
In July last year, the UAE’s President, His Highness Sheikh Khalifa bin Zayed Al Nahyan published a royal edict banning the use of VPNs. In an attempt to combat cybercrimes, the law states that anyone using a fraudulent computer network protocol address (or IP address) to commit a crime or just to prevent discovery will face imprisonment and have to pay a hefty fine.
The wording of the law may leave some VPN providers guessing if there are any loopholes, as the two major telecom companies (Etisalat and Du) does provide the service legally. Seeing as the majority of residents living and working in the UAE are foreigners, the law creates an inconvenience for individuals and companies alike.
The UAE isn’t the only territory that banned VPNs. Currently, the following countries have laws prohibiting or limiting the use of these networks:
Russia, Belarus, North Korea, Turkmenistan, Iraq, and Turkey have implemented complete VPN bans
UAE, Uganda, and China have tightly regulated or partially blocked VPNs
For companies operating in these territories, there’s no upside to not complying with the regulations. In the UAE, some VPNs may still work but if you’re operating your business and relying on remote work, it’s definitely not worth the risk. Besides, VPNs are no longer the most efficient remote work tech available today.
What are the Drawbacks of VPNs?
VPNs are actually an outdated technology. It’s been around for ages and has received little to no updates except slight improvements with the encryption used by these connections. Other drawbacks include slowing down your internet connection, becoming costly at scale, and requiring excessive admin effort to maintain.
Some services may also block VPNs and prevent access, making the effectiveness of this solution uncertain. The worst providers have little scruples and could be selling your browsing and internet habits to a third party. Although most corporations won’t use a VPN service that has a bad reputation, if you don’t know what’s going on in your network, it could put your organization at risk.
A final drawback of VPNs is that it grants complete access to the company’s internal networks that could see personal devices infect the IT system with malware or viruses. With newer remote work technologies available, the effort, risk, and uncertainty regarding VPNs should make it a final resort instead of a preferred solution.
How Does a VPN Work?
VPNs allow you to access resources on a network by transferring your connection via an encrypted channel (also called a tunnel or pipe). The destination will see your address as originating from within the network and as such, allow you to access files, services, or other infrastructure via the VPN’s server.
Any request from your device will go to the VPN server before it re-routes you to the required network resources, usually encrypting the request between the origin and destination. It’s these additional routing paths required between you and the destination that will influence your internet speeds, leading to inefficient connections.
Are There Viable VPN Alternatives Available?
You don’t have to move your company servers to a cloud service to enable remote access. With Triofox, it’s still possible to provide secure access to your file servers while your staff works from home. You can implement remote work that’s compliant with the applicable laws and without having to expose your servers to the internet.
Benefits of Triofox for Remote Access to On-Premises File Servers
To provide companies with secure, efficient, and compliant remote access, Triofox comes with a host of features. Triofox is an easy-to-use, encrypted solution that outperforms VPN in most metrics. Here are some of the primary benefits you get from using Triofox.
Assures Safe and Secure Remote Access to File Servers
Instead of implementing cloud storage that will increase data sprawl in your organization, you can retain your existing file server deployment while enabling secure remote access. Triofox allows you to connect directly to your on-premises file servers and network drives without having to implement any additional solutions or elevated security controls.
Reduces Need to Retrain Users
Some VPNs are complex to operate and maintain, requiring additional training for your users and administrators. Troubleshooting issues with a VPN is complex and time-consuming. With simplified and encrypted access to your company servers, you won’t need to spend additional time and resources on educating your employees on the safe use of a VPN.
Triofox integrates with your existing active directory and NTFS permissions, eliminating the need to administer multiple access control solutions. For employees, it’s easy to use and works just like any mapped network drive or file explorer.
Works Like Cloud Storage Using Your Own Servers
Users can access all their work files as the sharing and security settings extend to remote locations without requiring a reconfiguration of your IT systems. Triofox provides you with Office365 integration to help you get back to work quickly. You also get support for offline folders to keep staff productive even when internet connections aren’t available. To keep everyone on the same page, you have on-demand synchronization and parallel data transfer for large files.
Comes with Loads of Security Features
Endpoint and connection encryption keeps all communications secure, while staff will only have access to the files and folders you already permitted them to use. Additional security features include two-factor authentication (2FA) with support for both Google Authenticator and Amazon MFA or DUO.
Keeps Staff Productive from Anywhere
Once workers aren’t sharing a workspace, it’s a challenge to keep them informed about progress and prevent mismatched data. Triofox helps you by providing version control, file locking, and conflict detection. Alerts and change notifications help prevent any mistakes from creeping into your workflows and ensures all employees know what another is doing while working remotely.
Consider Triofox as Your Remote Access Solution
Triofox brings new efficiencies to workforces who are required to work remotely. With VPNs, the admin effort is massive while access is slow or in some cases, prohibited. As Triofox extends your file servers’ NTFS permissions and integrates with your active directory, it enables collaboration from any remote location. You can reduce the costs associated with VPN solutions, minimize your data sprawl, boost your remote work productivity, and enforce all data security just like within your corporate network.
Simplify your file server management and ensure compliance with Triofox even when moving to a mobile workforce. To see how it works, sign up for a free trial today.
As you work from home to adapt to the new normal, you could be unaware of the threats posed to your home security.
At the office, the IT department ensures that corporate data is protected by correctly updating corporate devices. This is also done by setting up anti-malware software in their organization’s network and devices such as anti-spyware, antiviruses, and firewalls.
However, when you shift to remote work and use your personal devices and network, you can’t guarantee their safety because they are not under the management of the IT Team. This lack of protection increases the risks of being attacked.
When you leave your devices unmanaged, they become vulnerable to hacker infiltration and corruption by malware. In effect, when you try to access the corporate network through VPN with your devices in this state, it’s as if you’ve turned them into Trojan horses. Neglecting your home security can make your devices carriers of malware that may eventually result in a corporate nightmare.
According to a survey led by Malwarebytes, a cybersecurity firm, remote workers inadvertently expose 20% of their organizations to security breaches. As a consequence, their organizations literally had to pay the price for the damage caused by malware infections and security breaches.
You can prevent this from happening by identifying remote access risks and learning how to simplify your home security.
You may unknowingly make your network more susceptible to hacking by connecting to an unsecured Wi-Fi network, visiting harmful sites, or downloading dangerous software. Plenty of legacy firewall rules permit entry to most areas of the VPN, making your network more accessible to attackers.
No matter how secure your Virtual Private Network (VPN) is, you have to be careful of sudden cyberattacks. For your company, it’s safer to base access on user identity. Only grant certain groups limited access depending on what the job requires. More access can be given when needed.
Use network segmentation and layer 7 control to lessen the movement of an attacker. You should also patch internal servers and clients, as well as take advantage of advanced threat prevention capabilities, and use an antivirus to counter infiltration.
2. A Deluge of New Devices to Protect
Since the workforce has shifted from being on-site to remote, it has become a challenge for security teams of organizations to determine which devices they must protect. While there are organizations that let their employees bring their work devices home, others are permitted to use their personal devices for business purposes.
For this reason, security teams must be able to install, manage, and support security products even while the users are at home.
Begin by expanding endpoint security to remote employees. You have to broaden both the detection and response capacity along with the endpoint security.
Decide which endpoint and network solutions apply to your geographically distributed workforce. Choose solutions that counter fileless attacks, malware, exploits. They must not only prevent these threats but be able to notice suspicious behavior.
Only allow trusted devices to connect to the corporate network.
3. Lack of Visibility into Remote User Activity
Security teams have trouble keeping track of remote endpoint devices for malware and other cyberthreats because they cannot see the remote user’s activity and traffic inside the network. As a result, it makes it harder for them to check if there are threats from remote users or see if an attacker who can transfer to the hosts of the network has penetrated a user’s device.
Instead of going for point solutions, look for security platforms that boost integration between systems. This lessens the need to keep switching between tools and all data becomes more visible, even remote user activity.
4. Users Mixing Home and Business Passwords
If you tend to recycle your passwords, you should stop it now. Using the same password for different websites or accounts means that if one of them becomes compromised, your password could get posted on a site such as pastebin.com. Then attackers will be able to take over every account you own, even the ones you use for work. You wouldn’t want that to happen, would you?
Using personal devices and networks makes this worse since the standard of security is not as high as it is in the office.
As a precautionary measure, security teams must teach users how to tell if they are being phished, advise them to create strong and unique passwords, and use a password manager especially if they have a hard time remembering their passwords. Enforce multi-factor authentication and client certificates. Everyone in the organization should be informed of this, especially if they do not have an on-site email or network security.
5. Opportunistic Phishing Attempts
The COVID-19 pandemic has brought with it a lot of uncertainty and has also given scammers an excellent opportunity to phish. They influence users to click on malicious links by instilling fear, panic, and urgency. This is why the Coronavirus Scam has so many victims. When users get overwhelmed with information about the pandemic, it pushes them to indiscriminately click on every link related to it.
In order not to become a victim of phishing, employees should be informed about how to detect and report suspicious emails. They should also be instructed to keep their email security updated and their endpoints protected.
If you simplify your home security, you’ll be able to fight against these threats effortlessly. You can do this with the secure remote file server access using Triofox.
Simplify Work from Home Security with Triofox
Triofoxprovides remote access using agents to connect to the corporate network via HTTPS. These are some of the advantages of using it for remote work:
Simplifies remote access
It makes remote access so easy that users don’t need the training to be able to access it. It gets rid of VPN headaches and support calls. You don’t have to move to the cloud.
You are also provided a mapped drive that’s similar to the one connected to the file server.
Makes remote access just as secure as working in the office
It insulates corporate networks from unmanaged devices. This eliminates the threat from unmanaged networks and devices that can easily be hijacked to create Trojan horses that use VPN connections as infiltration conduits.
Helps control your unmanaged endpoints
Triofox’s management console provides policy-based administrative controls that prevent or protect against suspicious behavior on the client’s server. These are:
Stopping executables and zip files from being run from mapped drive. You can be sure that there wouldn’t be any unwanted access to your files through the mapped drive. You’ll be able to find the location of the data, who can access it, and how they’re using or sharing it. You can centrally manage users, access controls, and storage for each user if desired.
Auditing and reporting to keep track of suspicious behavior. Every activity is monitored so you know whether someone has hacked into your server or if malware is present. You won’t have to panic over a surprise security attack.
Endpoint encryption, remote wipe, and other data loss features. No need to worry about your files getting corrupted or accidentally deleted. You also don’t have to fear losing your data forever.
Stay Safe from Remote Access Risks
Cyber attackers are always on the prowl whether you’re working in the office or at home. You need to take the necessary measures to secure your network and devices wherever you go. You must be able to select a security solution that fits your remote team and educate them on how to spot these potential cyber threats.
Don’t let remote access risks ruin your business continuity. Keep remote access risks and other IT threats at bay by installing Triofox now. We mobilize your servers and increase your workforce’s productivity without sacrificing data ownership, data privacy, and security. We also help you achieve a seamless transition to remote working by securing your remote and mobile access to file servers.
Want to know how to safely share files in a remote office? Read our guide about secure file sharing.
Cybersecurity is essential to keep information about your business private and avoid cyberattacks. It’s one of the most important aspects that businesses should pay attention to in the 21st Century.
This topic is so vital that recent research shows that current CEOs prioritize cybersecurity over physical security.
In 2020, cybersecurity is more important than ever. Workforces moved towards home offices because of the COVID-19 pandemic, and this is changing how businesses work. Some people will continue to work from home in the following months, and some may never return to the office.
Globalization also makes it easier for anyone to work from any country. The mobile workforce is growing and there’s no signal that it will stop growing anytime soon.
Unfortunately, working at home can create several security breaches in businesses. At their homes or during a trip, your employees may not have the same levels of protection that they would have at the office.
People can get infected with malware during their time off, they can be hacked, and their passwords can be discovered. A single mistake may cause you to have a huge problem on your hands.
So, how can you protect your information?
2-factor authentication (2FA) can be a solution that will help your company stay protected.
What is 2-Factor Authentication?
2-factor authentication, also known as multi-factor authentication (MFA), is a technological solution that implements additional layers of protection before information can be accessed. Basically, it introduces another step before a user can log in. Therefore, it enhances protection because it increases the number of steps a person has to take to gain access to a database.
To log into most websites, you only need a password. If your username and password match, the site allows your entry and you can see its content. However, this is not a very secure method of protecting data. With a single piece of information, the password, anyone could steal your employee’s identity and get access to classified information from your business.
You can see how 2FA works by examining how an ATM works. Before using it, you need your bank card and your password (or biometric identification, in some cases). This combination makes it impossible for someone to take your money if you ever lose your bank card because they won’t have the password. The same happens if they have the password, but not the card.
Why 2FA is Important for a Remote Workforce
Working from home often causes security breaches. Employees are often oblivious about the best cybersecurity practices in their daily lives. The recent spike in the number of breaches during the pandemic shows that.
In an office, each computer is programmed in a way that will diminish the possible entry points for hackers. However, when people are at home, they will probably use their own computers or smartphones, so it’s far more likely that they will come in contact with malware while accessing websites for leisure.
Right now, more companies are also using cloud services as a way to share vital information with the workforce. In many cases, people can only access this information while physically in an office before. However, now they can do it from anywhere. So, any person, including a hacker, can access your information with the right clearance.
This combination considerably increases the stakes of someone who should not have access to the information of your business receiving it. Using 2FA systems doubles the efficiency of the steps necessary to ensure security.
Even small businesses without much sensitive information can benefit from using additional layers of protection. You definitely don’t want third parties to have information about your customers or employees. Data leaks can even result in lawsuits in some cases, so preparation is essential before the worst happens.
Types of 2-Factor Authentication
Passwords are the most common method to authenticate your identity. These are other popular methods that you can use in 2FA:
Biometric Identification
This method is popular for phones. It’s effective because only the registered person can access the system, so the chances of breaches are much lower. Fingerprints or retinal scans are not easy to fake. While you could hack a system and change a password, the same can’t be said for a fingerprint.
Phone Verification
The user registers a number and receives a text message whenever they try to log in. By using the code, the system can then be accessed. The message is usually short (four to six digits) and changes every time, so it can’t be faked, but it’s not long enough so it becomes a hassle when you want to log in.
Push-based Verification
After you install the software on your device, it sends a prompt to your phone during the login. Then, you can either approve or deny the attempt. It’s one of the most straightforward methods, and it’s great for mobile work.
USB/Card
You use a physical token (generally a USB device or, in the case of banks, a card) to access the information. If you use this method, you’ll have to carry the token with you at all times or you won’t be able to access the data.
Email-based Systems
You will receive an email with either a number or a link. Like the codes sent by phones, you simply need to use it to get clearance.
What Are The Pros and Cons of Using 2FA?
It’s impossible to deny that 2FA systems offer several advantages to its users. However, 2FA also has some drawbacks, especially when implementing the system for the first time.
Pros of 2FA for Your Remote Team
These are some of the main advantages that you will get by using 2-factor authentication:
An extra layer of protection: Your data is more secure when you use this system. Many users choose passwords that are too easy to guess (like “123456”) or write down their passwords somewhere. So, passwords are poor protection by themselves.
A boost in reputation: Employees and customers will both appreciate that their personal information is secure. A leak is bad press for a company, so avoiding one will boost the confidence that people have in your business.
Reduction in operating costs: Over time, 2FA will diminish the time that your company spends resetting passwords. Accounts will suffer from less suspicious activities, so you don’t need to change passwords all the time.
It’s highly customizable: You can pick whatever method suits your business as there are several options to choose from.
Cons of 2FA for Your Remote Team
2FA may be lacking in these areas:
It’s not infallible: 2FA and MFA systems are good, but they’re not completely hacker-proof. You need a robust system to be fully protected from external threats.
You still have to store your authentication factors safely: If you lose the factor that authenticates your entry, you will lose access to the system, which can make you lose some time.
Hard for non-tech savvy users: Employees without technical skills may need additional training to use some of the systems properly.
Which 2-Factor Authentication Should You Pick?
App-based services are a pretty good pick. Both models with code verification and push notifications work well. They’re easy to use even if your employees are not very experienced with technology. Anyone proficient with using a smartphone will learn the ropes quickly.
Another kind of system that is very secure is using a USB device. However, it’s not as quick to use as the other models, so there’s a trade-off between security and usability.
The only systems that you should actively avoid are the ones that use SMS. Telecom companies are not necessarily very reliable and SIM cards can often be cloned. Also, it’s easy to look at passwords sent by SMS if lock-screen notifications are currently enabled on your phone.
Which system to pick? There’s no universal answer here. It’s important to choose one that will suit your needs, ranging from the most secure to the handiest methods.
Triofox Has The Solution You Need
If you’re looking for a new solution that will enhance how you share files with your employees, Triofox is the right answer. Our company uses built-in 2-factor authentication solutions to enhance the productivity of your business without compromising the security or the privacy of your data.
Do you want to upgrade the security of your mobile workforce? Call Triofox to get the solution you need.
As a business, you would like to protect confidential data from leaking and ending up in your competitor’s hands. You would like to get alerts in advance for any abnormal behavior of employees who, for example, are about to leave your company and perhaps are downloading all the confidential data to their devices before they leave the company. The employees can then take your data to the new company, and you may lose a competitive edge in the industry you serve.
As the workforce becomes more mobile and remote, businesses struggle to find ways to ensure the workforce has all the tools to remain productive. They have a challenge in finding solutions that can enable mobile and remote access with a familiar user experience that requires minimal training and full control, ownership, and visibility.
There are numerous data breaches these days, not just from outside sources but also from bad actors inside the company looking to harm the company and its name. Most of the time, IT puts a lot of emphasis on protecting the data from outside sources. Very little attention is given to protecting the data from internal company employees, which can damage more than external sources.
Hence, companies should adopt technologies that will enable the mobile workforce with productivity tools and all the advanced features built-in to monitor any unusual activity from internal users.
Triofox comes in and provides a solution that enables secure and remote access to company files and has all the protection; for example, proactively monitoring all users’ actions and behaviors. Suppose there is anything out of the norm, Triofox will take automatic steps like disabling that user’s access to company files and sending alerts to IT to take proper action before the employees take company data and give it to their competitors.
Triofox adds ransomware protection and alerts to your files. It will monitor the Triofox clients and automatically shut them down if it sees a possible attack or any unusual activity. It also sends an alert to the administrator when it detects the threat and adds versioning and offsite backup of your file server, allowing you to recover from any attacks or accidental deletions.
For example, with Triofox, you can configure the following policies for proactive alerts and monitoring:
Automatically disable a device if the device changes more than n files in 10 minutes
Notify the administrator if more than n files changed in one minute
Notify the administrator if more than n files changed in one minute
