Enterprise File Sharing Solution

Businesses have varying file sharing needs. Large, multi-regional businesses need to synchronize folders across a large number of sites, whereas small businesses may only need to support a handful of users in a single site. Construction or advertising firms require sharing and collaboration with very large (several Gigabytes) files. Financial services or healthcare providers have stringent compliance requirements.

As a key stakeholder, your recommendation or decision impacts the degree of adoption of your file sharing solution, as well as the overall productivity of your organization.

To aid your vetting process, here are 5 things to consider when evaluating enterprise file sync and share (EFSS) solutions:

1. Built for Businesses or Built for Consumers?

Many popular file sharing solutions were built for individual users. They onboarded tens of thousands of ‘freemium’ users before realizing that their freemium business models weren’t generating nearly enough revenue to justify their unrealistic valuations. So they went after businesses.

The needs of businesses, however, vary significantly from the needs of individual users. For freemium solutions, re-architecting from the ground up for businesses didn’t make a great deal of sense because the existing base of consumers still needed to be supported. Maintaining two separate platforms would have destroyed their already thin margins.

So these Consumer-first solution providers simply slapped an admin interface and a single sign-on process on top of their consumer solutions, and rolled out ‘for Business’ offerings. The result? A collage of individual user accounts.

All business information resides in someone’s account rather than in a centralized, managed repository. Control over information, by design, lies more with the content creator than with administrators. Searching for a document or running an audit requires searching individually through each user account. As you’d expect, this architecture does not scale.

Business-first file sharing solutions, on the other hand, are architected from the ground up for businesses. They possess a centralized content repository that is managed by administrators, eliminating content silos. They address numerous other limitations of Consumer-first solutions such as sub-folder level permissions, which we’ll discuss at length in future posts.

Key Takeaway:

If your small business has a handful of users and a single site, a Consumer-first solution may work out fine. Otherwise, opt for a Business-first file sharing solution. How can you tell? Look for the suffix ‘for Business’ or ‘Business’ in their names.

2. Cloud, On-Premises or Hybrid Storage – Do You have Options?

Back in the day, files were stored and shared from file servers. Then came the cloud, and organizations began moving files to the cloud. But many organizations continue to use file servers, for reasons such as:

• They have significant investments and massive repositories residing in in-house file servers. Moving everything to the cloud may simply not be viable in the near future
• They deal with very large files that are impractical to store on the cloud due to the latency associated with synchronous, multi-user access over the Internet
• They operate in highly regulated environments that impose stringent restrictions on the storage of sensitive information on the cloud

A cloud-only file sharing solution does not work for these organizations. An on-premises solution on the other hand requires sustained capital outlay (to support a growing content repository), and does not offer the flexibility and usability of cloud-based solutions.

If you’re faced with this conundrum, you need a Hybrid file sharing solution. Hybrid solutions allow access to content stored both in the cloud and in on-premises servers. They can synchronize content between the cloud and all your sites, as well as directly between any pair of sites without first syncing with a cloud. So every file can be accessed from every site (subject to applicable access restrictions, of course).

Key Takeaway:

Hybrid EFSS file sharing solutions are your safest bet. They protect both your cloud and on-premises file sharing investments and support the widest range of use cases.

3. Will Your Confidential Information Be Secure?

When it comes to security, not all EFSS solutions are created equal. Because your employees, partners, customers, vendors and contractors are all potential users of your file sharing infrastructure, having bulletproof security and granular administrative control over user accounts is critical.

Here are some key requirements to consider when evaluating the security features of EFSS solutions:

• Sub-folder Permissions: Unique user permissions for sub-folders is a table stake requirement for businesses. Take the example of a financial analyst who needs to be able to access to all the sub-folders within the Finance folder, except Payroll.  Your EFSS solution should allow an administrator to provision access to the Finance folder (and all its nested sub-folders) for the financial analyst, and then remove her access to the Payroll sub-folder. It is almost certain that your business will require role based sub-folder permissions, and some EFSS solutions don’t support this feature. Beware!

• Encryption: Your EFSS solution should allow content to be encrypted at rest (i.e. not in use), in motion (i.e. accessed over a network) and in use (when viewed or edited), with state of the art encryption algorithms. It should support encryption with internally generated keys as well as with and third-party encryption keys (e.g. from Amazon AWS CloudHSM or Microsoft Azure Key Vault).

• Administrative Control over External Users: When employees share files with external collaborators – like contractors, vendors, partners and customers – is your confidential business information secure? If the EFSS solution requires external collaborators to use independent accounts (that are not managed by your administrators) to access your business information, then the answer is likely no. Choose a solution that provides complete administrative control over internal and external user accounts, including special limited-access accounts for external users and the ability to remote-wipe files on devices belonging to a user.

• Retrieving Deleted Files: When a user accidentally or maliciously deletes important files, they go into a Trash folder. Is the Trash folder accessible to administrators? Or do the files go into a private Trash folder within the user’s account that is only accessible to the user? Businesses need EFSS solutions that offer a centralized Trash folder managed by administrators. So when a user deletes files, an admin can easily locate and retrieve them as needed.

• Comprehensive Auditing: Your EFSS solution should provide comprehensive audit capabilities, including the ability to monitor logins, permission changes and user events for internal and external user accounts.

Key Takeaway:

With security, there can never be too much. Security is as much about having complete visibility and control over your content as it is about preventing malicious attacks and theft.

4. Will Your EFSS solution Scale with your Business?

In this digital age, we’re all generating more content than we ever did before. As your business grows, or as the number of employees accessing your EFSS solution expands, can your EFSS solution scale?

More specifically, can users sync several hundreds of thousands of files between their numerous devices and the cloud? Sync a 1.5 GB file in less than 30 minutes, upload 100,000 files to the cloud in less than 2 hours or download 15,000 files in less than 15 minutes? Be sure to ask for performance metrics and comparisons with other vendors before you make a decision.

Key Takeaway:

Select an EFSS that will not only meet your performance requirements today but also scale for your future needs.

5. Will Your Business Be Compliant?

Depending on the industry or region it operates in, your business may be need to comply with standards like EUDPD, ISO/IEC 27001, FINRA, HIPAA, 21 CFR part 11 (FDA) and SSAE 16.

Select an EFSS solution that complies with the regulatory requirements your business is subject to, and offers extensive audit trails to prove compliance.

Key Takeaway:

Being non-compliant with regulations applicable to the industry or region your business operates in can greatly damage your business. Choose an EFSS solution that meets your compliance needs, and offers deep audit trails to monitor and establish compliance.

By Rajesh Ram