Enhance End User Access to Amazon AWS S3 With Mobile Remote File Access

The global pandemics have accelerated the rise in telecommuting and remote working has brought about the need to facilitate remote access to objects stored in AWS S3 buckets. Organizations whose end users just require access to Amazon S3 need a client application that provides easy access, as Amazon S3 is not beginner-friendly. While Amazon has an S3 file gateway service/ virtual software appliance that provides an interface for on-premise access to objects in the bucket by caching recent S3 files locally and presenting an SMB or NFS endpoint, one can see how remote access can pose a problem. A clear example is outlined in the use case below.

  • A private investment firm migrated 2TB data to Amazon S3.
  • Deployed the file gateway virtual appliance on their on-premise server but used it as an SMB share via an on-premise virtual appliance.
  • Found it very difficult to connect when working outside the network perimeter, hence deployed a VPN to connect to the office network to mount the drive and access S3 buckets. 

The problems encountered:

  • Multiple objects are created with every change made by an SMB client through the file gateway, and the need for lifecycle policies to be set up to curtail it and can quickly complicate things.
  • It’s inconvenient to connect to a VPN to mount a drive to an internal IP address before using Amazon S3 as an SMB share.

In this article, we’ll show you how to work around Amazon’s S3 file gateway’s LAN access constraints for simplicity and convenience in a remote working environment.

Why S3 Object Storage?

Amazon S3 is a highly durable, cost-effective, and scalable cloud infrastructure service for enterprises. When used as an on-premise server backup, it offers flexible storage management capabilities, even much better than other cloud computing service providers.

Scaling business infrastructure to the cloud is a digital transformation trend businesses are adopting to meet growing business needs and survive in the rapidly evolving digital world. While cost is an inhibiting factor for cloud migration, Amazon S3 offers the best cost-saving incentives, especially for businesses with big data. With S3 bucket unlimited storage capacity, companies do not have to worry about incurring heavy expenses from storing their data in the cloud or managing data centers to keep up with their growing storage needs.

The primary concern about mirroring in-office user experience to ensure seamless collaboration while maintaining security and controlling data resources to stay policy-compliant is quite challenging.

As previously stated, the S3 file gateway enables on-premise applications with low-latency access to data stored in the bucket, which means provisions should be made for users accessing those objects outside the network perimeter. While there are a number of S3 access tools available, such as CloudberryLab S3 Explorer, TntDrive, or ElephantDrive, few provide a ‘file server’ experience to simplify the process, much like Dropbox provided a user-friendly interface to store files, relying solely on the S3 bucket storage architect of the AWS.

1. High Complexity

S3 is a massive storage bucket, so IAM policies need to be updated to provide folder-level permissions for those with access to particular S3 buckets to ensure granular control over data. However, Amazon’s IAM policies can get complex, especially when many users require varying levels of access permissions to multiple buckets.

2. Data Compliance

There is no central console to monitor or account for who has access to what data or to track users’ activity. Because S3 does not have a bucket filter option, any user identity generated in the IAM can display all buckets in the linked AWS account, which could result in a compliance breach.

Triofox is a cloud file server solution that addresses these problems. Equipped with remote and mobile access features, the Triofox client agent can be used as a gateway stand-in when coupled with an identity provider (IDP) for authentication to access files stored in the S3 bucket.

How Triofox Addresses the Challenges?

1. Eliminate VPN Hassles

Triofox’s mapped drive eliminates excessive workarounds to access files (stored as objects), saving users time and enabling IT personnel to focus on more critical tasks.

2. Provides Security Without Compromising Productivity

Triofox supports native integration with Active Directory to protect sensitive files from unauthorized access while providing a seamless remote working experience for authenticated users across devices, improving productivity. End-users also have restricted access to their files and file shares, which are provided automatically when the existing identity management system is integrated.

3. Cache files for low Latency Access and WAN Optimization

Like the S3 file gateway, Triofox provides local caching to enable users offline access to recent files. A helpful feature for users working from home with lower bandwidth. In this case, an encrypted, remote agent cache is set up on each client, and only changes are synchronized to the file storage when connectivity is restored. It is also helpful for employees who need access to data but might not be in a location with an active internet connection.

In addition, access can be immediately cut off from the central console when an endpoint is compromised. 

4. Maintain Data Governance and Compliance Guidelines

IT has full control over what happens to data thanks to a centralized user management panel. Every activity performed on data is logged and traceable to the user thanks to its audit trace and files log feature.

 Triofox Implementation

Here’s how Triofox can be used to enhance S3 bucket access:

  • Deploy Azure Active Directory as the identity provider (sync on-premise AD with Azure Active Directory).
  • Configure and Install the Triofox server on a clean Windows Server virtual machine and integrate Active Directory, selecting S3 as the file storage (see link for complete steps).

The result is end-users can enjoy the ease of a cloud server interface. This is an excellent solution for organizations that prioritize security and productivity.

Register today for a free demo: https://calendly.com/triofox/demo

How to Properly Map Cloud Storage as a Network Drive: 4 Easy Steps

It’s become a common problem for IT engineers to provide secure cloud access to company information without duplicating effort. For your business, you may want to give your staff access to network resources like mapped drives, but struggle to find a way of doing so securely. With Triofox, you can provide remote and mobile access to your file server shares quickly and easily.

Most employees only need access to a mapped drive to remain productive. While various tools can help you do this, you may find implementations that lead to problems. Some require you to duplicate the information or have connections that time out, needing you to re-authenticate in a web browser. Triofox provides reliable, secure access to information inside your company network by mobilizing your onsite servers, folders, or files.

4 Steps to Properly Map Cloud Storage as a Network Drive in Triofox

If you need to make a network drive available as a map cloud storage location, you can use Triofox to achieve this quickly. It doesn’t require you to change your current operating system while making your files accessible in a virtual drive. You can see some other issues users experience with different solutions from this post.

1. Installing Triofox

To start, you’ll need to download and install the Triofox Client. Before you can download the clients (available for Windows and Mac), you should log in to your Triofox account. You can find the links to the different clients at the top of the page. Select the package and download the Windows Client Installer. After the download completes, run the package.

2. Logging In to Triofox

Once the installation completes, you’ll receive a prompt to log in to your Triofox account. Enter the details to authorize your Triofox client and establish a connection to your Triofox credentials. If you want the client to launch at startup, select the “auto-login next time’ option before completing the process. You can find your client in the programs and tasks menu.

3. Accessing the Files and Folders You Want

There are two ways you can configure your access to your files and folders. With Triofox Cloud Drive, you have direct, on-demand access to your files. Alternatively, you can use bi-directional folder synchronization between your client and cloud drives. After installing the client, you can find your cloud drive in your system tray. From here, you can manage Triofox including synchronization settings, accessing the web-portal, or open up your Management Console.

4. Connecting to Your Cloud Storage Drive

After you’ve set up the way you want to manage your files, you can access your cloud drive like any mapped folder. Using the Windows Explorer, you’ll find your drive below the This PC section. Simply drag and drop files into the folder and manage all functions just like any local storage device.

Easily Map a Cloud Drive in Triofox

Triofox is perfect for small businesses or large enterprise deployments. It uses your existing security policies and drive access rights to ensure you can manage who has access to what information. For situations where you want to provide cloud access to authorized users, you can get up and running quickly with Triofox as your cloud management tool. Additional features allow you to lock files, limit offline access, or manage access rights in the Management Console.

If you need a secure, fast, and reliable way to map cloud storage to a network drive, start a free trial of Triofox today.