Subscribe to Recent Blogs feed
Updated: 1 hour 13 min ago

Serving Up DRM with a Side of Usability

May 19, 2014 - 3:46pm
Blog Image: 

One of the biggest complaints we hear around digital rights management (DRM) is how complex it makes even the most basic of actions. While its intentions are pure – securing confidential data – it’s often considered too unwieldy to use in day-to-day activities.

Enterprise organizations and government agencies have an urgent need for enhanced solutions that protect sensitive business information, no matter what device it is being shared or accessed from. With this in mind, we’re introducing user-friendly DRM features for kiteworks that enhance the security of document sharing, without hampering business productivity.

For example, a sales representative needs to send proprietary product roadmap information to a prospective customer, in order to close a deal. To ensure that the prospect doesn’t accidentally forward along the materials to other people, where it could end up in a competitors hands, the rep makes the document View-Only in kiteworks, and watermarks the content. This means that the prospect can view the materials, but they cannot download, forward or copy the file. The sales rep can win a new customer by providing future product capabilities, without fear that he will be the cause of a data breach for the company.

Or say a legal counsel is preparing documents for a court case. She goes to send a number of exhibits to opposing counsel, only to realize that she accidentally included documentation from a different case. In kiteworks, she can now go into the Activity Stream and withdraw the file, ensuring that her current case can continue on schedule, but that sensitive data has not fallen into the wrong hands.

With our new features users get the security benefits of DRM, without impeding their day-to-day activities. Click here to learn more about our new kiteworks features that securely improve the productivity of any workforce.

Tags:  Data Security and Compliance, Mobile Productivity, UX

5 Key Differences between Accellion and Box

May 16, 2014 - 2:42pm
Blog Image: 

Security questions stemming from Edward Snowden’s NSA revelations are continuing to concern IT leaders, who are now looking at just how much control they have over data housed in public cloud solutions. This is causing them to look more seriously at private cloud solutions for mobile file sharing, which were built for enterprises looking to have control over their sensitive business data. 

With this in mind, we decided to compare our private cloud solution with Box’s public cloud solution, so IT leaders had a clear view of the differences. To really understand what Box is offering, it’s necessary to read more than feature checklists and press releases. For example, Box’s LDAP integration turns out not to support multiple-LDAP instances, and its so-called support for Enterprise Content Management requires enterprises to duplicate any ECM content they want to make available to mobile users.

Here’s a quick summary of five key differences between Accellion and Box:

  • Architecture. Surveys (for example, this one by ESG and this one by Research Now) show that enterprises strongly prefer private-cloud or hybrid-cloud solutions for storing and sharing confidential files. Accellion supports private clouds and hybrid clouds. Box offers only a public cloud solution. Public clouds deprive enterprises of full control over their data. For example, Box controls the encryption keys used to store enterprise data on its servers.

  • Integration with Enterprise Content Management (ECM) Platforms. Box requires enterprises to duplicate ECM content on the Box platform in order to access ECM connect through the Box service. Accellion enables mobile workers to access ECM content securely from mobile devices without investing in duplicated storage.

  • Secure Mobile Editing. Accellion enables mobile users to edit files in a secure environment. Box requires users to edit files in third-party editors, potentially exposing files to malware and unauthorized distribution.

  • Enterprise Integrations. Accellion provides integration with existing enterprise infrastructure, including anti-virus (AV) services, Data Loss Prevention (DLP) services, LDAP, multi-LDAP, and in-house applications. Box supports more limited integrations. For example, Accellion integrates with any standards-based DLP solution, but Box only integrates with one DLP solution, who happens to be another cloud vendor.

  • Compliance. Accellion supports compliance with SOX, GLBA, HIPAA, and FDA requirements, and has received FIPS 140-2 certification required for use by U.S. federal government agencies. Accellion also complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland (the “Safe Harbor Frameworks”). Accellion also meets the data sovereignty standards of European nations who mandate what region data must be stored in based on a files content or user access. Box has achieved compliance with HIPAA and HITECH obligations and is willing to sign HIPAA Business Associate Agreements (BAAs). The company has been issued an SSAE 16 Type II report and is Safe Harbor-certified. Box has not received FIPS 140-2 certification. Being a public cloud service hosted in the U.S., it cannot comply with data sovereignty and location regulations in the E.U. and in other regions outside the U.S.

Enterprises choosing Box end up with less-than-complete control and security, while assuming the operational overhead and added expense of duplicating files and undermining their strict ECM security policies. In contrast, the Accellion private-cloud solution answers the enterprise market’s need for mobile, scalable, flexible file sharing. Accellion preserves and extends existing security policies and infrastructure, rather than subverting or duplicating them.

To learn more about the differences between these two solutions, download our new white paper, Accellion vs. Box: 5 Key Reasons Enterprise IT Selects Accellion.

Tags:  Data Security and Compliance, Enterprise Content, Private Cloud File Sharing

5 Key Differences between Accellion and Box

May 16, 2014 - 2:29pm
Blog Image: 

Security questions stemming from Edward Snowden’s NSA revelations are continuing to concern IT leaders, who are now looking at just how much control they have over data housed in public cloud solutions. This is causing them to look more seriously at private cloud solutions for mobile file sharing, which were built for enterprises looking to have control over their sensitive business data. 

With this in mind, we decided to compare our private cloud solution with Box’s public cloud solution, so IT leaders had a clear view of the differences. To really understand what Box is offering, it’s necessary to read more than feature checklists and press releases. For example, Box’s LDAP integration turns out not to support multiple-LDAP instances, and its so-called support for Enterprise Content Management requires enterprises to duplicate any ECM content they want to make available to mobile users.

Here’s a quick summary of five key differences between Accellion and Box:

  • Architecture. Surveys (for example, this one by ESG and this one by Research Now) show that enterprises strongly prefer private-cloud or hybrid-cloud solutions for storing and sharing confidential files. Accellion supports private clouds and hybrid clouds. Box offers only a public cloud solution. Public clouds deprive enterprises of full control over their data. For example, Box controls the encryption keys used to store enterprise data on its servers.

  • Integration with Enterprise Content Management (ECM) Platforms. Box requires enterprises to duplicate ECM content on the Box platform in order to access ECM connect through the Box service. Accellion enables mobile workers to access ECM content securely from mobile devices without investing in duplicated storage.

  • Secure Mobile Editing. Accellion enables mobile users to edit files in a secure environment. Box requires users to edit files in third-party editors, potentially exposing files to malware and unauthorized distribution.

  • Enterprise Integrations. Accellion provides integration with existing enterprise infrastructure, including anti-virus (AV) services, Data Loss Prevention (DLP) services, LDAP, multi-LDAP, and in-house applications. Box supports more limited integrations. For example, Accellion integrates with any standards-based DLP solution, but Box only integrates with one DLP solution, who happens to be another cloud vendor.

  • Compliance. Accellion supports compliance with SOX, GLBA, HIPAA, and FDA requirements, and has received FIPS 140-2 certification required for use by U.S. federal government agencies. Accellion also complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland (the “Safe Harbor Frameworks”). Accellion also meets the data sovereignty standards of European nations who mandate what region data must be stored in based on a files content or user access. Box has achieved compliance with HIPAA and HITECH obligations and is willing to sign HIPAA Business Associate Agreements (BAAs). The company has been issued an SSAE 16 Type II report and is Safe Harbor-certified. Box has not received FIPS 140-2 certification. Being a public cloud service hosted in the U.S., it cannot comply with data sovereignty and location regulations in the E.U. and in other regions outside the U.S.

Enterprises choosing Box end up with less-than-complete control and security, while assuming the operational overhead and added expense of duplicating files and undermining their strict ECM security policies. In contrast, the Accellion private-cloud solution answers the enterprise market’s need for mobile, scalable, flexible file sharing. Accellion preserves and extends existing security policies and infrastructure, rather than subverting or duplicating them.

To learn more about the differences between these two solutions, download our new white paper, Accellion vs. Box: 5 Key Reasons Enterprise IT Selects Accellion.

Tags:  Data Security and Compliance, Enterprise Content, Private Cloud File Sharing

Mobilizing Your Road Warriors

May 15, 2014 - 10:44am
Blog Image: 

When traveling for work – whether to a sales meeting two hours away or a product development meeting across the country – your employees aren’t just thinking about work, they are actually being productive. At least that’s what every organization hopes is happening.  

A survey conducted by HP of European business travelers revealed some interesting findings:

  • 93% of business travelers prepare materials for meetings while en route to the meeting.
  • 54% use at least half of their travel time for managing tasks relating to the purpose of the trip.
  • 88% are able to follow-up on work-related matters and be productive while on the road, estimating that 31% of their time is used for reading emails, 24% for doing research and 22% for content production and editing.

Therefore, it wasn’t a huge surprise to learn that the office is no longer the place where employees feel the most productive. The survey found that 73% of business travelers feel that the time spent on the road provides them with an opportunity to be more productive and take care of tasks that are behind. Plus, 56% said they feel most innovative and get the best ideas outside the office space. 

In order to harness this innovative thinking and overall productivity boost, employees need mobile tools that make that happen. After all, it’s pretty tough to do content production and editing on the road without easy access to the information you need.

Graphic Systems Group, a creative production agency in New York City, was facing this exact predicament. One of its top executives was regularly on the road to meet with clients and had no easy way to get a hold of video files, movie demo reels and other client deliverables. With kiteworks he’s able to access files, make edits or content changes, and send graphic-heavy client deliverables to all stakeholders, from wherever.

Learn how kiteworks helped turn GSG’s road warriors into mobile productivity machines. Download the full story here

Tags:  Advertising, Mobile Productivity

Mobilizing Your Road Warriors

May 15, 2014 - 10:41am
Blog Image: 

When traveling for work – whether to a sales meeting two hours away or a product development meeting across the country – your employees aren’t just thinking about work, they are actually being productive. At least that’s what every organization hopes is happening.  

A survey conducted by HP of European business travelers revealed some interesting findings:

  • 93% of business travelers prepare materials for meetings while en route to the meeting.
  • 54% use at least half of their travel time for managing tasks relating to the purpose of the trip.
  • 88% are able to follow-up on work-related matters and be productive while on the road, estimating that 31% of their time is used for reading emails, 24% for doing research and 22% for content production and editing.

Therefore, it wasn’t a huge surprise to learn that the office is no longer the place where employees feel the most productive. The survey found that 73% of business travelers feel that the time spent on the road provides them with an opportunity to be more productive and take care of tasks that are behind. Plus, 56% said they feel most innovative and get the best ideas outside the office space. 

In order to harness this innovative thinking and overall productivity boost, employees need mobile tools that make that happen. After all, it’s pretty tough to do content production and editing on the road without easy access to the information you need.

Graphic Systems Group, a creative production agency in New York City, was facing this exact predicament. One of its top executives was regularly on the road to meet with clients and had no easy way to get a hold of video files, movie demo reels and other client deliverables. With kiteworks he’s able to access files, make edits or content changes, and send graphic-heavy client deliverables to all stakeholders, from wherever.

Learn how kiteworks helped turn GSG’s road warriors into mobile productivity machines. Download the full story here

Tags:  Advertising, Mobile Productivity

Mobile Adoption Increases Email Usage, Putting Data Security and Governance at Risk

May 8, 2014 - 1:39pm
Blog Image: 

When enterprises go mobile, email usage increases.

That’s just one finding in a new survey by Solar Winds about email usage and management in mid-size and large enterprises in the U.S. and Canada.

Mobile workers are not just accessing more of their email remotely (though they’re doing that, too). They are also sending and receiving larger volumes of email.

In the survey, respondents were asked about how email changed once users adopted smart devices such as smartphones and tablets:

  • 49% said that email volumes had “greatly increased”
  • 38% said that email volumes had “somewhat increased”

Why the increase? Mobile workers need to share files and communicate with colleagues. On the go, they can’t simply ask questions over the cubicle wall. Making a flurry of phone calls takes too much time. Lacking another solution for mobile asynchronous communication, these workers naturally turn to email.

Email, however, is risky. It’s still a major vector for inbound security attacks. Phishing attacks have become a favorite technique for hackers, criminal syndicates, and nation-state actors targeting corporate users who have access to critical data and servers. Data breaches rose 62% in 2013, in part because of the success of these email-borne attacks.

Email is risky in other ways, as well. Employees might email sensitive files too broadly. They might send a confidential file to a trusted colleague or outsider who then forwards the file accidentally or intentionally to an unauthorized party. Emailed files might linger on servers indefinitely, prey to hackers or curious administrators. If email is hosted by a third-party, other organizations might gain access to it. The survey found that almost 60% of respondents expected their email to be hosted within 5 years, further increasing the riskiness of email.

Enterprises should not try to eliminate email—it’s obviously an essential channel for communications—but they would be prudent to offer a more secure, manageable solution for mobile users to share files. If mobile file sharing were secure and convenient, mobile workers would not have to rely on email for conveying sensitive information. They could still use email for basic messaging while taking advantage of a secure communications solution for sending and receiving files and for syncing them across devices. Designed with security in mind, the solution would encrypt files at rest and in transit and enable administrators to track the distribution and access history of sensitive content. Commenting and real time collaboration also reduces email usage and would make end users more productive.

Such a solution would offer other features of use to mobile users—features missing from email—such as:

  • File versioning
  • Automatic notifications upon edits
  • Threaded discussions about file contents and edits

Files would be protected in a secure container on mobile devices, shielded from malware and interference from other mobile apps. Corporate data would be safe, convenient, and audited.

Business moves quickly, and mobile computing is party of that accelerated world. By complementing email with a secure file sharing solution, enterprises can keep mobile workers continuously informed and productive and while also keeping sensitive data continuously secure and controlled.

To learn about kiteworks, Accellion’s solution for secure mobile file sharing, please contact us.

Tags:  Data Security and Compliance, Mobile Productivity, Private Cloud File Sharing

Mobile Adoption Increases Email Usage, Putting Data Security and Governance at Risk

May 8, 2014 - 1:32pm
Blog Image: 

When enterprises go mobile, email usage increases.

That’s just one finding in a new survey by Solar Winds about email usage and management in mid-size and large enterprises in the U.S. and Canada.

Mobile workers are not just accessing more of their email remotely (though they’re doing that, too). They are also sending and receiving larger volumes of email.

In the survey, respondents were asked about how email changed once users adopted smart devices such as smartphones and tablets:

  • 49% said that email volumes had “greatly increased”
  • 38% said that email volumes had “somewhat increased”

Why the increase? Mobile workers need to share files and communicate with colleagues. On the go, they can’t simply ask questions over the cubicle wall. Making a flurry of phone calls takes too much time. Lacking another solution for mobile asynchronous communication, these workers naturally turn to email.

Email, however, is risky. It’s still a major vector for inbound security attacks. Phishing attacks have become a favorite technique for hackers, criminal syndicates, and nation-state actors targeting corporate users who have access to critical data and servers. Data breaches rose 62% in 2013, in part because of the success of these email-borne attacks.

Email is risky in other ways, as well. Employees might email sensitive files too broadly. They might send a confidential file to a trusted colleague or outsider who then forwards the file accidentally or intentionally to an unauthorized party. Emailed files might linger on servers indefinitely, prey to hackers or curious administrators. If email is hosted by a third-party, other organizations might gain access to it. The survey found that almost 60% of respondents expected their email to be hosted within 5 years, further increasing the riskiness of email.

Enterprises should not try to eliminate email—it’s obviously an essential channel for communications—but they would be prudent to offer a more secure, manageable solution for mobile users to share files. If mobile file sharing were secure and convenient, mobile workers would not have to rely on email for conveying sensitive information. They could still use email for basic messaging while taking advantage of a secure communications solution for sending and receiving files and for syncing them across devices. Designed with security in mind, the solution would encrypt files at rest and in transit and enable administrators to track the distribution and access history of sensitive content. Commenting and real time collaboration also reduces email usage and would make end users more productive.

Such a solution would offer other features of use to mobile users—features missing from email—such as:

  • File versioning
  • Automatic notifications upon edits
  • Threaded discussions about file contents and edits

Files would be protected in a secure container on mobile devices, shielded from malware and interference from other mobile apps. Corporate data would be safe, convenient, and audited.

Business moves quickly, and mobile computing is party of that accelerated world. By complementing email with a secure file sharing solution, enterprises can keep mobile workers continuously informed and productive and while also keeping sensitive data continuously secure and controlled.

To learn about kiteworks, Accellion’s solution for secure mobile file sharing, please contact us.

Tags:  Data Security and Compliance, Mobile Productivity, Private Cloud File Sharing

Too Many Employees Ignore BYOD Security

May 7, 2014 - 10:39am
Blog Image: 

Considering the risks that BYOD mobile activity can pose to enterprises, CIOs have a right to be dismayed by two recent surveys showing just how little some employees care about protecting data on mobile devices.

A recent survey by Centrify found that:

  • 43% have accessed sensitive corporate data on an unsecured public network.
  • 15% have had their personal account or password compromised.
  • 15% believe they have little or no responsibility to protect the data stored on their personal devices.

Imagine 150 employees of a 1,000-person company casually using public Wi-Fi hotspots and downloading risky public-cloud file sharing services and other risky apps. While they may not be concerned about protecting the corporate data on their devices, a single breach could potentially cost the organization millions of dollars.

A separate survey conducted by Absolute Software found that:

  • 25% of employees in industries such as banking, energy, healthcare, and retail feel that it’s not their problem if they accidentally leak confidential data.
  • About 33% of employees who had lost their phones did not change their habits afterwards.
  • 59% of employees estimated the value of the corporate data on their phones to be less than $500.

Employees are far too sanguine about the value of corporate data: even 50KB of the right data can be worth a lot more than $500. A study of data breach costs by the Ponemon Institute and Symantec found that the cost of a single breached healthcare record in 2013 was $233, not counting any additional costs from penalties imposed by the HHS and the FTC. Across all industries, the cost of a single breached record in the U.S. was estimated at $188.

Leaking confidential data such as product plans or partner contracts can erode an organization’s competitive advantage, costing potentially millions of dollars. Clearly, employees need to be reminded about the true value and costs associated with corporate data.

Knowing that many employees are lackadaisical about data security, CIOs should invest in mobile security solutions that do not rely on end users following best practices or being security-minded. A mobile security solution that keeps corporate data separate from personal data is a crucial choice for enterprises, especially when employees are casual, if not careless, about data security and compliance.

Tags:  BYOD, Data Security and Compliance, Mobile Productivity

Too Many Employees Ignore BYOD Security

May 7, 2014 - 10:37am
Blog Image: 

Considering the risks that BYOD mobile activity can pose to enterprises, CIOs have a right to be dismayed by two recent surveys showing just how little some employees care about protecting data on mobile devices.

A recent survey by Centrify found that:

  • 43% have accessed sensitive corporate data on an unsecured public network.
  • 15% have had their personal account or password compromised.
  • 15% believe they have little or no responsibility to protect the data stored on their personal devices.

Imagine 150 employees of a 1,000-person company casually using public Wi-Fi hotspots and downloading risky public-cloud file sharing services and other risky apps. While they may not be concerned about protecting the corporate data on their devices, a single breach could potentially cost the organization millions of dollars.

A separate survey conducted by Absolute Software found that:

  • 25% of employees in industries such as banking, energy, healthcare, and retail feel that it’s not their problem if they accidentally leak confidential data.
  • About 33% of employees who had lost their phones did not change their habits afterwards.
  • 59% of employees estimated the value of the corporate data on their phones to be less than $500.

Employees are far too sanguine about the value of corporate data: even 50KB of the right data can be worth a lot more than $500. A study of data breach costs by the Ponemon Institute and Symantec found that the cost of a single breached healthcare record in 2013 was $233, not counting any additional costs from penalties imposed by the HHS and the FTC. Across all industries, the cost of a single breached record in the U.S. was estimated at $188.

Leaking confidential data such as product plans or partner contracts can erode an organization’s competitive advantage, costing potentially millions of dollars. Clearly, employees need to be reminded about the true value and costs associated with corporate data.

Knowing that many employees are lackadaisical about data security, CIOs should invest in mobile security solutions that do not rely on end users following best practices or being security-minded. A mobile security solution that keeps corporate data separate from personal data is a crucial choice for enterprises, especially when employees are casual, if not careless, about data security and compliance.

Tags:  BYOD, Data Security and Compliance, Mobile Productivity

Enterprises are Falling Behind on BYOD Security

April 30, 2014 - 4:29pm
Blog Image: 

New data breaches make headlines every week, and most IT departments are concerned, if not outright alarmed, about the security risks of BYOD. They cite data loss, illicit data access, and malware as top security concerns for their network and mobile users.

So how are enterprises doing when it comes to implementing security measures guarding against data breaches and malware infections resulting from BYOD? Not very well, according to recent surveys.

There is a startling gap between enterprise mobile security policies and actual practice. In a survey of 1,600 IT professionals in LinkedIn’s Information Security Group last year, more than 75% of respondents were concerned about data loss resulting from BYOD. Sixty-five percent were concerned about unauthorized access to internal systems, and 47% were concerned about BYOD carrying malware into the enterprise.

However, many enterprises are failing to implement or fully enforce their BYOD security policies:

  • Two-thirds of the enterprises with BYOD security measures don’t fully enforce them.
  • About 75% of enterprises have not educated employees about BYOD risk.
  • Only 31% require employees to configure a device PIN or key lock on mobile devices.

Lacking comprehensive BYOD security, enterprises leave themselves exposed to risks of data breaches, unauthorized system access, and malware.

Why are these enterprises so reluctant to implement and enforce strict security measures?

In many cases, IT organizations fear that employees will balk at any new mobile security features they find cumbersome or time-consuming. Mobile workers have become accustomed to mobile experiences that are quick and easy. A swipe of a finger or a couple of taps lets users perform basic operations in a fraction of the time required for desktop systems. Even as simple a security measure as entering a four-digit PIN to unlock a screen is considered cumbersome by some users.

To protect data and infrastructure while satisfying users, IT organizations need to find a way to make mobile computing secure and compliant, as well as quick, easy, and enjoyable. Learn how kiteworks by Accellion will please both IT departments and end users alike.

Tags:  BYOD, Data Security and Compliance

Researchers Find Security Flaw in Public Cloud File Sharing

April 29, 2014 - 9:38am
Blog Image: 

Many public-cloud storage providers promise high levels of security for their clients’ data. However even those storage providers that claim that clients’ data is always encrypted may be susceptible to a design flaw that enables service provider employees to gain illicit access to that data, according to researchers at Johns Hopkins University.

A technical paper published this month, by university researchers, analyzed the data security implemented by several cloud storage providers. These storage providers promise that their “zero-knowledge environments” prevent employees from accessing clients’ confidential data. They found, however, that whenever a client shares data with another user, encryption keys are generated, and those keys are fully under the control of the service provider. Theoretically, a service provider employee could intercept the keys and perpetrate a man-in-the-middle attack against the client, gaining access to the client’s data without the client’s knowledge.

This security vulnerability is simply yet another potential security shortcoming inherent in public-cloud storage services, some of whom have already been susceptible to service outages and security leaks.

So how can businesses avoid potential security risks? Organizations can consider deploying private-cloud storage solutions to manage their content. In private cloud solutions, an organization keeps full control over its own encryption keys, eliminating the possibility of man-in-the-middle attacks by outsiders.

For those that choose to use cloud solutions, there are certifications that detail which solutions are actually secure enough for enterprises to use. One example is the Skyhigh CloudTrust™ rating, which details the select cloud services that fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection. Accellion just received the highest rating of Enterprise-Ready for kiteworks, our mobile collaboration and file sharing solution, putting our security protocols and functionality in the top 10 percent of all cloud providers. Learn more about the rating here.

Tags:  Data Security and Compliance, Private Cloud File Sharing

Deploy Your Own Enterprise Dropbox Alternative

April 23, 2014 - 4:16pm
Blog Image: 

If I had a dollar for every CIO who has told me a Dropbox or Box security horror story, I’d be well on my way to retirement. Consumer-based file sharing solutions continue to plague organizations, popping up throughout departments without IT’s sign off. Even those high up on the corporate ladder are guilty as charged, with a survey by SafeNet Labs finding that 40 percent of executives use Dropbox to store and share documents fully knowing it’s against company policy.

This is the challenge that Arrow Energy – owned by Royal Dutch Shell and PetroChina – faced. Dropbox and Box were gaining steam among Arrow’s staff, compromising the organization’s information security, reporting, and audit trail requirements. Staff needed to share, review and refine large engineering documentation with internal and external stakeholders, in an efficient manner, and employees were pushing to be able to work via their mobile devices. None of the company’s current solutions fit the bill.

The time was ripe to find a single, secure solution to engage with external audiences and to support Arrow’s shift to iPads and mobile devices. They had a list of requirements for a solution that would meet their needs:

1) The ability for employees to share and collaborate on files of any size

2) File sharing had to be fast and easy to use for all types of devices, including phones and tablets

3) Tight data security, with audit and reporting capabilities

Learn more about the path that led Arrow to “use Accellion as our own enterprise Dropbox.” Download the full case study here.

Tags:  Collaboration, Consumer Products, Energy, Oil and Gas

The Snowden Effect – NSA PRISM Negatively Impacts Public Cloud Providers

April 21, 2014 - 9:36am
Blog Image: 

Global IT leaders are increasingly concerned about where and how their data is stored, and the cloud services they’re implementing, according to a new survey from NTT Communications.

This so-called ‘Snowden Effect’ has started to shift perceptions of IT professionals around the world. More than half of respondents said that more attention is being paid to the region where data is stored, and just under half are carrying out more due diligence on cloud projects. Around 35 percent said they have changed their procurement policies for cloud providers since Snowden’s revelations, with 62 percent stating that the PRISM news has stopped them from moving their information and communications technology into the cloud.

In fact, the Information Technology Industry Council (ITI) believes that eroding trust in public cloud, due to the furor over the NSA surveillance programs, could lead to lost income in the tens of billions of dollars for U.S. cloud providers.

While some IT organizations, even pre-NSA Prism, didn’t trust public cloud solutions with their sensitive data and chose private cloud providers instead, many organizations had begun putting their corporate information into the hands of the very providers who were enabling the NSA’s data collection policies. The ensuing revelations about the kinds of data that were collected, and for how long, has put security at the forefront of conversations about how to best share and store data.

Individuals and organizations alike have been floored by the sheer size of the data collection occurring under the NSA PRISM program, and the number of organizations participating. Google, Facebook, Microsoft, and Yahoo! were all called out by name as companies whose servers have been tapped, or would soon be tapped, by the NSA and FBI.

This is a perfect example of the kind of control you give up by utilizing a public-cloud solution. Whether it’s automated email scanning from Google, or the fact that cloud storage services such as Box and Dropbox own the encryption keys to customers’ data, by using a public cloud service provider, you’re losing control of your data. 

Tags:  Data Security and Compliance, Private Cloud File Sharing, Technology

More Evidence that Enterprises Prefer Private Cloud File Sharing

April 17, 2014 - 12:16pm
Blog Image: 

Recent security questions that have been raised around Box and Dropbox’s ‘enterprise’ or ‘business’ solutions have made many organizations stop and question how exactly they’re sharing their sensitive data. 

The result of that questioning? Enterprises strongly prefer on-premise private cloud file sharing, due to the enhanced data security it offers. We wrote recently about research from the Enterprise Strategy Group on this topic, and now a new study by Research Now, corroborates those findings. According to the Research Now survey:

  • 63% of enterprises prefer private cloud file sharing and sync solutions over public-cloud offerings such as Dropbox.
  • 55% of enterprises with 30,000 or more employees have banned public cloud file sharing solutions to prevent data leaks.
  • 31% of enterprises have experienced at least one data leak in 2013 from employees sharing files through often unsanctioned file share and sync services.

Even if enterprises use public cloud solutions to solve other business challenges, they are moving quickly to adopt private cloud file sharing solutions:

  • 45% of organizations are considering private cloud file sharing and sync solutions.
  • 25% of organizations have already implemented private cloud file sharing and sync solutions.

Research Now’s study agrees with the concerns we’re hearing from our customers. IT organizations recognize the data security threat posed by public cloud file sharing services like Dropbox. Consumer-grade public cloud services enable employees to upload content without any IT oversight and share that content indiscriminately, which means confidential files can easily end up in the hands of unauthorized users.

When IBM ran a data security audit a few years ago, it found that confidential files like project plans had been shared too broadly through tools like Dropbox and Evernote. IBM then banned both of these solutions from their network.

These studies shows that other organizations are following IBM’s example. They are banning risky public cloud services like Dropbox, and investing in carefully planned private cloud file sharing services that meet the content access and collaboration needs of today’s mobile workforce, so employees can work securely, wherever.

Tags:  Enterprise Content, Mobile Productivity, Private Cloud File Sharing

What’s Your Mobile Security Grade?

April 16, 2014 - 3:16pm
Blog Image: 

Be honest. How would you rate your mobile security: poor, adequate or excellent? If you answered “excellent” then consider yourself among the elite. Only five percent of organizations we surveyed (in conjunction with ISMG) rated their security policies as such, compared to 75 percent who believe their processes are either “poor,” or “need improvement.”

That means, that for the majority of organizations, there’s tremendous progress yet to be made.  Mobile malware is proving to be relentless, growing at a startling rate of 614 percent from 2012 to 2013. Add to that the fact that more than half of mobile devices (53 percent) are now storing confidential business data and it’s easy to understand why you should do everything within your power to prevent a mobile breach.

To that end, we’ve outlined 14 steps to help you better secure your mobile workforce. You likely already have some pieces in place, but it’s the gaps that can leave your company and your users vulnerable. In order to breach-proof devices under your management, a comprehensive security solution is required – one that offers seamless productivity and access for end users, but also 24x7 administrative controls and monitoring.

For example, a best practice is to create a “walled garden” for business data, storing information in a secure container separate from consumer apps and personal documents. This makes it easy for IT to monitor enterprise information while respecting the privacy rights of employees using their own devices for work. 

Another is remote wiping, which gives administrators the ability to delete business data and apps on a mobile device that’s lost, stolen or in the possession of someone who has left the organization. For example, if Joe Smith has left the company, an IT administrator should be able to delete his files on all the mobile devices currently storing them, including mobile devices belonging to his co-workers as well as devices not configured with Mobile Device Management (MDM) software.

That’s just a few of the 14 steps the companies should review and implement to truly secure their business content on mobile devices. To dive into the complete list and find out how your organization stacks up, download our new whitepaper on “Mobile Data Security: 14 Steps to Securing Your Mobile Workforce” now.

Tags:  Data Security and Compliance, Mobile Productivity

Secure Dropbox Alternative – Private Cloud File Sharing

April 11, 2014 - 3:50pm
Blog Image: 

Dropbox threw its hat into the enterprise ring this week when it exited beta, and made its Business solution available to workplaces worldwide. However, despite its claims that the solution is now ready for enterprise use, there are still plenty of red flags being raised about their security protocols and functionality, not least being their public cloud architecture.

The ongoing saga of the NSA data collection, started by Edward Snowden’s revelations, clearly illuminates that any data stored by a public cloud service is potentially subject to snooping by government agencies. In addition, public cloud file sharing services also expose customers to these additional data security risks:


Loss of control over data

Public cloud file sharing services, such as Dropbox, typically co-mingle data from different customers.  While this provides Dropbox with storage economies it reduces the control a customer has on where their data is stored and who has access to that information.  Additionally, public cloud providers own the encryption keys to the data housed on their servers, rather than the customer, further increasing the risk of data exposure.  For most enterprise organizations these risks are too great and lead corporations and government agencies to select private cloud file sharing for the additional data protection.


Security outages

Security glitches have the potential to expose confidential data to hackers and other unauthorized users. When a security glitch at Dropbox removed password protection from all user accounts, tens of thousands of files were accessed. Dropbox customers have no idea how many of those files were compromised.  Just this January, hackers claimed responsibility for shutting Dropbox’s service down for a few hours.


Compliance violations

Users sharing confidential data, such as financial records, outside the approved and monitored processes defined by the IT department, put the enterprise out of compliance with regulations such as SOX. And users at healthcare organizations can violate HIPAA by improperly sharing patient health information. Because Dropbox does not integrate with most DLP solutions, it limits the ability of enterprises to monitor the content of individual files, which can cause them to be non-compliant.

For most enterprises these risks are too great, and lead many to consider a private cloud file sharing solution. With private cloud file sharing, enterprises retain control and ownership of their data and the encryption keys to access that data. This means that the enterprise organization is in control of who can access that data including any government agency that requests information or metadata. 

Dropbox’s public cloud architecture is a large obstacle to winning enterprise deployments.   In the meantime Accellion continues to win enterprise business with its private cloud file sharing solution – check out the corporations and government agencies that use Accellion here>>

Tags:  Data Security and Compliance, Private Cloud File Sharing

Getting to Yes Faster – The Mobile Sales Team

April 10, 2014 - 12:16pm
Blog Image: 

Accelerating sales cycles, and getting to “yes” faster, is the goal of all organizations and recent survey results indicate that mobilizing the sales team can deliver significant productivity improvements. According to a recent study by Constellation Research, mobilizing a sales team:

  • Reduces sales cycles by 9.5%
  • Increases deal sizes by 1.8%
  • Increases up-sell rates by 8.2% and up-sell revenue by 8.8%
  • Increases cross-sell rates by 16.9% and cross-sell revenue by 13.3%

These positive results were echoed in a survey by the Sales Management Association, which found that:

  • 23% more firms meet team quotas when employing a sales mobility strategy
  • 70% of sales organizations using tablets have already realized positive ROI

So how does mobilizing a workforce contribute to these productivity improvements? Let’s review some of the inefficiencies inherent in sales efforts.

Complex sales involve many individuals, usually from many departments and in different geographic locations. To exchange information, sales managers often rely on email to communicate. When proposals, technical specifications, legal contracts, and other critical sales documents travel back and forth through email, delays naturally occur, in part because people check their email on different schedules, and accessing and collaborating on documents often requires tools only provided on laptops and desktops.

So how is the sales process streamlined by a mobile workforce and sales team? Let’s take a look at the mobile-enabled sales process. Sales people require a smartphone or tablet, obviously, but what else? They’ll need a secure solution to share and access critical content, like kiteworks by Accellion, and a mobile device management solution to authenticate the user, like Good Technology, and e-signing technology to digitally finalize contracts, such as DocuSign.

Here is how the workflow of a mobile salesperson would play out with these mobile solutions:

John (Sales Manager) is trying to close a deal in the last week of the quarter.

  • John receives an email on the Good for Enterprise email client from Steve (Legal counsel from prospect’s legal team) requesting changes to the Purchase Agreement.
  • John opens the document in kiteworks, creates a folder, adds the document and shares it with Steve.
  • Steve opens the document in kiteworks and annotates his changes using integrated PDF annotator.
  • John receives a notification in his Activity Stream and works with his Legal team to make the necessary changes.
  • He then, shares the updated document via kiteworks and assigns a task to Steve to sign the document.
  • Steve opens the document in Good enabled DocuSign app, signs the contract and marks his task as completed.
  • John closes the deal in record time!

The evidence is clear. If your organization wants to increase its sales results and operational efficiency, a secure mobile file sharing solution, integrated with MDM capabilities and e-signing, is a smart investment.

Tags:  Collaboration, File Sharing, Mobile Productivity

Law Firms Weighed Down by Exponential Data Growth

April 9, 2014 - 10:19am
Blog Image: 

IDC estimates that there will be 40 Zettabytes of data on the planet by 2020. That translates to approximately 5,247 GB of data for every person on earth, including you. Therefore, it probably comes as no surprise that the analyst firm in turn predicts that enterprise data stores will grow an average of 60 percent annually. How can IT keep up, to ensure all data is shared and stored securely?

Because of this growth, many organizations are essentially drowning in information – with more data to manage than they are capable of handling. Law firms in particular are notorious for having large amounts of information that they need to share, edit and collaborate on with both internal and external parties.

Husch Blackwell LLP, a full-service litigation and business law firm, had this exact problem, and was struggling to manage the sharing of large volumes of documentation for current client cases, which was putting significant stress on the firm’s email system. This was hindering communications and driving employees to offload file sharing to archaic methods, such as thumb drives and CDs. While these methods got the job done, they created additional costs, were inefficient, and created serious security concerns.

Learn how Husch Blackwell freed employees from the burden of sharing large amounts of data, by implementing a private cloud file sharing solution, enabling users to securely access and share client casework. 

Tags:  Data Security and Compliance, Enterprise Content, Private Cloud File Sharing

Public Cloud Data Handoff – Know the Security Risks

April 8, 2014 - 9:34am
Blog Image: 

I call it the “public cloud handoff.” You select a public cloud service provider to support a piece of your business and then hand over responsibility for your critical business information, putting the onus on the vendor to care for your enterprise data as if it were their own. However, operating with an “out of sight, out of mind” philosophy can cause serious risk to your data security.     

It’s important to realize that when it comes to the public cloud, what you don’t know can hurt you. There are certain risks associated with public cloud services and being aware of these not only makes you a more educated user, but also enables you to advocate for the security features that your business requires.

Roger Grimes with InfoWorld recently provided a top five list of cloud risks that is a must-read for organizations that are using and/or considering a public cloud service.  Here’s a snapshot of his list of cloud security issues that businesses everywhere need to know about:  

1)     Shared access: The public cloud approach of sharing computing resources (storage, CPU, memory, etc.) with other customers creates potential vulnerabilities, including your data being leaked to other users or a hacker being able to exploit customer data.  

2)     Virtual exploits: Find out what virtualization products and management tools your services provider is using to prevent server hosts and guests from being compromised.

3)     Authentication, authorization and access control: Ask the vendor if authentication processes are shared among accounts, how data is encrypted, who holds the encryption keys, where data is stored, and how many accounts can access their systems.

4)     Availability: In order to protect against lackluster fault tolerance and availability, Grimes recommends backing up your data that is being stored in the cloud.

5)     Ownership:  This is an important point that we’ve stressed in past posts (“Who Controls the Keys to Your Data Kingdom?”):  when you share your data with a public cloud provider, you end up sharing ownership – and in some cases, turning over ownership to the provider.

These public cloud security risks are the reason most enterprises are staying away from using a public cloud provider to store and share their sensitive business information. Learn more about Accellion’s private cloud file sharing solutions that provide robust data security features here.

Tags:  Data Security and Compliance, File Sharing, Private Cloud File Sharing

Telemedicine, mHealth – Real Life Stories to Warm Your Heart

April 3, 2014 - 11:02am
Blog Image: 

Every now and then something crosses your desk that makes you stop for a timeout.  As someone who has worked in the technology industry for more than 20 years, it’s safe to say that I love technology. However the stories that were shared with me today from our customer Seattle Children’s Hospital on their use of Accellion secure mobile file sharing are truly inspiring. Enabling the delivery of critical medical treatment to babies – this is technology delivering true value.

Read Seattle Children’s Hospital use cases here and here.

The Seattle Children’s Hospital is on the front-line of research and technology, with healthcare providers working day and night to give children the absolute best life they can. From innovative cancer treatments to telemedicine referrals to rural communities, Seattle Children’s Hospital is taking technological advances and turning them into ways to better treat and cure their patients.

Inspiring stories like these remind me that what I love most about technology is how it touches and improves our lives. We are honored to work with Seattle Children’s Hospital in helping them deliver critical healthcare. Thank you to all the staff and to Wes Wright, CIO, for all that you do. 

Tags:  Healthcare, Mobile Productivity

Pages