FREE TRIAL
dracoon-login-w
FREE TRIAL
dracoon-login
Menu
Get started
LOGIN
DRACOON-Cloud-Services-und-Cloud-Computing

Enterprise File Sync and Share

Sharing, distributing and synchronizing files has become a part of everyday work in many companies. However, this often happens without the consent of the IT-department putting them in an uncomfortable situation. Even today, security relevant files are often exchanged via unencrypted email attachments or – even worse – with help of public cloud-services such as Dropbox, Google Drive & Co.

This safety problem with data transfer has become ever more pressing over the years, so that the research and advisory firm Gartner created a new product category in 2014: Enterprise File Sync and Share, in short EFSS. You will receive more detailed information in the following article.

 

What is Enterprise File Sync and Share?

In general, the term Enterprise-File-Sync-and-Share-Solution is used for applications that enable data transfer and synchronization within and outside of a company. The main focus lies on secure data transmission and cloud-based storage devices.

If end users are using cloud services open to the public, this results in so-called shadow IT. This and unsafe file-transmission via email lead to unavoidable compliance problems. Therefore, company IT-departments need to introduce EFSS tools. They need to be as easy to handle as common public clouds and at the same time a give the system administrators full control.

IT admins can already choose from a selection of multiple EFSS products. All of them can be used to synchronize and share files and documents with different end-devices and other users. For this purpose, EFSS tools often use online-storages that are either located in a public cloud or in a company internal private cloud. Here the data is stored centrally and encrypted.

Main functions of EFSS applications

In general sync and share tools offer the synchronization of files from different sources via upload and download links.
Version conflicts are solved and files released.

Simple systems are limited to the simple encrypted transfer from one user to another. This should replace the email. On the other hand, professional EFSS-tools are designed for collaboration. This means that version management, the resulting conflicts and their solutions are of main interest. Working groups are able to work together on the same document.

Requirements and advantages

A significant security feature of EFSS tools is encryption. Here end-to-end encryption plays an important role. Files are not only encrypted in the computer center of the provider but already on the user-computer, optimally as soon as they are stored on the virtual drive or on a defined folder of the EFSS program. Furthermore, an access control in from of a 2-factor-authentification should be integrated, in order to prevent unauthorized file access.

File authorizations should be individually adjustable. For example, only reading, reading and writing, deleting of files etc. should be managed. Furthermore, logging functions should be traceable through an administration tool. This helps trace who, when and what someone did with a file (managing, copying, deleting) and when which file was transferred to which recipient. In other words: The company needs to always be informed of the EFSS-user’s activities. Especially in strictly regulated sectors such as security, telecommunications or health care. Compliance reasons alone mean that unawareness (of who can see and change which files) cannot be tolerated. For this reason, an accurately adjustable user management is essential. Only then a company can precisely specify which employees, business partners or clients have access to defined data rooms and possibly sensitive data content.

At the same time, it needs to be guaranteed that the administrator himself cannot access the data content. The cloud service provider is must not have access to the files.

A function to set access time limits is also useful. This ensures that after the time is up the access is barred. If an authorization is withdrawn through a time limit or by the file-creator, the access to the file on the EFSS server is barred.

An EFSS-System needs to have an API in order to be integrated into software-based company processes; for example, the normal use of Outlook together with the cloud services. Last but not least, the EFSS needs to be easy to operate for the end-user, in order to gain acceptance. Only then the use of shadow IT can be stopped in the future.

During day-to-day work a well thought out File-Sync-and-Share Solution shows its practical and economical value: The automated synchronization of edited files means that the most recent version is available on all end devices. The users do not have to search for ages for the newest version. Therefore, the workflow is more efficient, and the company gains productivity.

 

Enterprise File Sync and Share and the GDPR

In order to comply with the GDPR’s European regulations, the data centre of the cloud provider must be safety certified in accordance with ISO 27001. It also requires that the data center is located in the applicable legal area. Therefore, the use of cloud-servers in the US or far east is ruled out. This should prevent non-European secret services from legally accessing the secured data.

 

EFSS and end devices

From a technical point of view EFSS-systems consist of two components: the cloud server, which centrally provides files for retrievals and updates, and the client-software that runs platform-independently on different end-devices. They can be desktop computers or mobile devices such as tablets or smartphones. Moreover, the end-users can also access the files with every web-browser, edit and share them with others.

 

Conclusion

In our mobile world it is essential to have access to company data, everywhere and always. Of course, this confronts the IT with challenges, but with EFSS it also offers new chances. If File-Sync-and-Share-tools on every company end-device stop the use of private filesharing accounts, it is a big achievement for data security. This requires end-user clients with high usability – only what is easy to operate will be accepted and used. This guarantees the safety and control mechanisms needed to prevent company data from falling into wrong hands. At the same time Enterprise-File-Sync-and-Share-products help lower the IT and operating expenses.

Barmer_Logo
Skoda
HELIOS-Logo
Logo_Völkl
Telekom
Bayerischer_Landtag_Logo

Enterprise File Sync and Share with DRACOON 

DRACOON is a German Enterprise File Sync and Share service for companies. With the software you can securely store, manage and send all your company data. DRACOON offers you numerous advantages to ensure secure and EU-GDPR-compliant data storage. The client-side encryption prevents data from flowing off.

 

  • Made & Hosted in Germany: DRACOON is being developed in Germany and operated in ISO27001-certified computer centers.

  • Multiple awards and certifications: Various seals such as ISO27001, EuroPriSe and BSI C5 confirm DRACOON’s highest security standards. 

  • GDPR-compliant thanks to Privacy by Default and Privacy by Design: As a German provider DRACOON is subject to the strict German security laws and supports you in implementing and complying with the EU-GDPR thanks to data protection-friendly technology design (Privacy by Design) and default settings (Privacy by Default). This enables you as a user to work automatically in compliance with data protection regulations.

  • Highest security thanks to client-side encryption: All data is already encrypted at the end device. On the server itself there is no possibility to decrypt the data because the key material is on the client. This way we ensure that neither we as a cloud provider nor third parties are able to access your stored data.

  • Protection against ransomware attacks: In case of a hacker-attack, affected data can be restored at any time via the recycle bin.

  • Integrated reporting tool / audit log: The reporting tool with audit log provides information about file access. Authorized persons can trace who shared, edited, or deleted data.

  • Modern rights management: With DRACOON you can assign access rights easily and individually to internal employees as well as external parties. This ensures, for example, that certain people only have read access, while others can also edit and delete data. Thus, for example, the IT department retains organizational sovereignty but has no read and write rights to financial or personnel data. As a result, IT administrators can also be completely denied access to certain data (such as salaries, balance sheets, etc.). DRACOON also gives you the opportunity to limit the availability of data.

  • Demand-oriented billing: The required DRACOON licenses are billed on a user basis. This allows you to adapt DRACOON to your needs at any time.

Enterprise File Sync and Share with DRACOON

Save, share and manage your files in a GDPR-compliant manner for 14 days for free!

Try now

DRACOON-Logo_Footer_2024_B

© 2023 DRACOON GmbH
Made in Germany
Phone. +49 (941) 7 83 85-0

Get in Touch with Us!

Company

Industries

Solutions

Service

How to handle Security Incidents

Responsible Disclosure of vulnerabilities
Element 1