Businesses seek out enterprise-level file management platforms for many reasons. One is ease-of-use in sharing files, another is to have a unified place for server and cloud storage and yet another is to have a backup option in case of disaster.
But most importantly, businesses look for file management platforms because they offer a secure solution for the sensitive data that comes and goes from their organizations every day.
How is it these platforms keep data and files secure?
The goal in secure file management is to keep the entire channel of communication encrypted. SmartFile encrypts files at “rest”, or ones stored on your server, with Advanced Encryption Standard (AES) 256-bit. Files in “transit”, or ones sent through email or uploaded to the cloud, use 128-bit encryption.
Both are standard encryption methods approved for use by the National Institute of Standards and Technology (NIST), which dictates the standard that government files should be encrypted at. AES 256-bit is approved for use in encrypting classified government files.
2) User Management
With hardware and applications secured up to the highest level, it’s less likely that a data breach would occur through a weakness in the system and more likely that it would occur due to negligence on a user’s part.
Intelligent file management systems have to account for the human error that users often make. A business will want to choose a file management platform that lets an administrator control use through granular permissions.
For instance, in SmartFile’s file management platform, we give administrators the option to assign a home directory to a user that’s several layers below the actual home directory. Unlike a typical letter drive, the user can only see the home directory and cannot go into other parent folders or unassigned directories. Use groups and access permissions to adjust that, but those are the default settings.
Another feature that deals with secure file sharing is the option to only allow users to download and upload files using a secure connection method. Rather than using a browser UI through HTTPS, administrators can dictate files only be transferred using FTP over SSL, SFTP using authentication keys for login instead of usernames and passwords or through WebDAV.
Controlling everything a user has access to, as well as how they can use files, is an essential feature to look for in a secure file management platform.
Sometimes businesses protect their files and organization from outsiders to keep themselves safe. Other times, companies are responsible for protecting not just their data, but the data of the people who interact with them.
They must be compliant with the regulations of their industry or legislation the government has passed. Healthcare, government, finance and energy industries all have strict compliance standards.
A HIPAA compliant file management platform will ensure that any personal health information (PHI) is as secure as possible during storage and transfer.
Files are safeguarded with encryption, but also need a fastidious audit log that tracks file and site activity, including the login attempts, username, IP address, file path and time/date that a file was accessed. In some industries, this data must be maintained for 3, 7 and even the duration of someone’s life PLUS 7 years.
4) Updates and Maintenance
Both maintenance and updates are an important part of choosing a file management platform. Without updates, your platform will depreciate not just in value but in security, with new threats appearing every day.
SmartFile offers continuous maintenance, running antivirus scans on all files as their received. SmartFile updates for on-premise devices are offered quarterly and new features are being released as they’re built for cloud accounts.
5) File Lifecycle Management
Just like storage rooms of the past, many businesses have old files that they’re hoarding. Where this becomes a problem is if these documents have PHI or other sensitive information on them; these types of files need to be tracked and maintained.
With file lifecycle management features, files can be tracked by date and activity. An administrator will create a path for a file and if they hit certain milestones, a specified action will occur.
For instance, HIPAA audit logs need to be kept for 6 years. After 6 years, that file could be automatically sent to a server for storage or could be set to be destroyed. An administrator could also have the ability to intervene before a file is destroyed.
The 5 points above are all elements of a secure file management platform. Assess your needs when it comes to file management and security and figure out which are most important to you.
If you’d like to talk about SmartFile’s file management platform, give us a call and we can discuss how we can meet your secure file management needs.