Information security is an elusive discipline. Purists look for the most secure mechanisms, and most others don’t care until it’s too late. In this dichotomous world, the security controls that get most widely adopted are the ones that have the least friction and provide reasonable protection. Username and passwords continue to be ubiquitous and PKI is barely visible.
With the advent of Cloud there are new concerns that have come to the forefront. It has become clear that information security has a lot to do with control – the ability to act without any dependence on the cloud provider. We see our customers looking for three specific capabilities for different but related reasons:
1. Data residency options
2. Physical control of content
3. Logical control of content
Data residency options are sought primarily for compliance with privacy laws. The government of the home country wants to retain sovereign rights on the data of its citizens and prevent foreign governments from issuing subpoenas for it. Data sovereignty is purely a function of the geographical location of the data. Syncplicity by Axway with Syncplicity by Axway StorageVaults addresses that concern directly by allowing our customers to pick and choose the type and location of their storage by content categories. Any provider that does not offer an in-country data storage option is not likely to be able to meet this requirement.
Customers want the ability to take a system offline in the face of any perceived or real risk. This again is best addressed by having physical access to the storage. A customer can isolate the system by powering down storage or disconnecting it from the network. Syncplicity by Axway StorageVaults addresses this concern, as customers can pick their storage in their data center as the target. Cloud providers cannot meet his requirement by offering an in-country data center because customers don’t have control over the physical infrastructure, and only on-premises storage can address this concern.
The final frontier of control is logical control of content. This is where customers seek to restrict access to only people they authenticate. Any outsiders, including government agency or cloud provider employees, should not be able to access customer data. This has been a hard problem. One solution that has been suggested is customer-controlled encryption keys. This is a solution that falls short—not because it fails to secure but because it breaks the functions that the application is supposed to deliver in the first place. If the cloud provider cannot decrypt the data, functions like sorting, adding, searching, subtracting, and any number of data manipulations just don’t work. There are myriad patch solutions that preserve format and/or some functionality, and there is at least one ambitious one namely, homomorphic encryption. But none of these solutions really address the problem for sync, share, and collaboration applications like Syncplicity by Axway.
What our engineers have come up with is an ingenious solution that applies the age old “two-man rule” to this problem. The two-man rule is a simple, elegant, and robust system that is still used to protect land-based US ICBMs. We reckon if it works for ICBMs, it should be good for customer content as well. We call our innovative application of the “two-man rule” StorageVault Authentication. At its core StorageVault Authentication requires two independent parties to authenticate the user before getting access to the system. With StorageVault Authentication (SVA), you, our customer, are one of those two parties. Hence SVA is an additional layer of authentication that users need to go through when accessing a specific storage device for the first time. This additional authentication is provisioned and managed by the customer and the authentication handshake happens directly between the client and storage layer. This ensures that the cloud provider has no control, and hence no way, to access customer content. There are many details that our engineers have refined while working closely with large enterprise customers to ensure that both security and UX goals are met.
We are very excited to make this capability available to our customers at EMC World 2014, and for customers who care about the three points above, we can assure you that no one else in the market delivers on them.
It’s time to redefine mobile productivity on your terms with flexible deployment options that allow you to choose your own storage model. With Syncplicity by Axway, you can customize deployments to fit your specific storage architecture and security needs.
Do you require an on-premises storage solution? We’ve got you covered. Is the cloud the best option for you? Syncplicity by Axway can do that, too. Want the best of both worlds? Then go hybrid.
Syncplicity by Axway provides the freedom of storage choice, which allows you to deploy enterprise-grade file sharing and collaboration capabilities across your organization without changing your current infrastructure. Learn more about flexible deployment options and all the other ways we’re Redefining Mobile Productivity at EMC World 2014!
Don’t miss these sessions, check our Syncplicity by Axway custom schedule:
While you’re there, stop by our booth #458 in the EMC WORLD main floor, or visit us in the Momentum booth #1002. We’re here to answer all your questions about integration, security, storage choice, and more!
Syncplicity by Axway has launched a new and improved support site to help you and your users get the support you need, 24/7, 365 days a year.
The brand-new site sports a fresh, streamlined look complete with new end-user documentation and an intuitive, easy-to-use interface that you’ve come to expect from Syncplicity by Axway. It’s all of our support resources at your fingertips, when you want them. Our goal? To deliver IT support resources to you, and to take the burden off your shoulders by helping your users get—and stay—up and running. You can just feel the support.
What are some of the things you and your users can do at our new support site? On the new site, Users can easily:
Start exploring support.syncplicity.com today, where all-new user content is ready to go! IT Support documents are still available at manual.syncplicity.com but stay tuned for the new and improved versions coming to the site soon.
We’ve been cooking up some cool new content that we’d like to share with you.
Take a guess at what we’ve got in store. Here’s a hint…
What do you do to become light but not bright?
To move the largest of things with the lightest of touch?
And to hold all that you need in the palm of your hand,
ready to use but never to lose?
ANSWER: You GO LITE, of course, with Syncplicity by Axway. See how!
EMC World 2014 is just around the corner! Visit Syncplicity by Axway to see how we’re REDEFINING enterprise file sharing and collaboration. Our intuitive apps are engineered to enhance the mobile experience and help your users Go Lite by breaking free of the shackles of laptops and desktops—securely, of course.
Here’s how we’re redefining mobile productivity:
In-app editing. Forget the security woes of third-party apps. Our in-app mobile editing capabilities allow users to review and update documents without even leaving the security of Syncplcity’s application. From a Word doc that needs editing to a PowerPoint that needs presenting, help your users ditch the laptop and do it directly from their smartphones or tablets.
File distribution for a mobile workforce. With Syncplicity by Axway, users can collaborate and share files anywhere, anytime from mobile devices. They can safely send those Word docs and sales reports to colleagues across the room, or across the country without the hassle of file size and bandwidth limits, ever.
Always secure. Syncplicity by Axway works on any device, anytime, anywhere, and it’s all powered by enterprise-grade security that’s backed by EMC. It’s safe travels, always.
So visit us at Momentum at EMC World 2014 to learn more about going lite and join us for these great sessions:
You can also stop by our booth #458 in the EMC WORLD main floor, or visit us in the Momentum booth #1002. We’re here to answer all your questions about integration, security, and more!
The use of enterprise file sync and share applications has seen tremendous growth in the past year. A December 2013 ESG report noted that 42% of organizations have IT sanctioned and company-funded file sharing applications – a sizable increase from the 28% just one year earlier. Clearly, the promise of these platforms - secure and easy viewing, sharing and editing of enterprise content – has grabbed the attention of forward looking organizations looking to enhance workforce productivity.
With this industry in a stage of tremendous growth, we thought it would make sense to take a deeper dive into the issues customers have experienced as they explore and deploy file sync and share technologies.
In our experience at EMC Syncplicity by Axway, we’ve seen three distinct evolutionary stages in enterprise file sharing. The first is completely end user-centric, often at the disadvantage of the cautious IT department. This stage is marked by a demand for convenience above everything else. The second stage prizes security and compliance, almost always at the expense of user convenience. The third stage – by far the most critical for enterprises – is when these two stakeholders reconcile their differences for mutual benefit, and adopt a solution that satisfies their diverse needs.
Stage 1: Convenience at Any Cost
It’s no secret that technology users have embraced popular public cloud-based services in their work and personal lives. Obvious examples are social media applications such as Facebook, Twitter, and LinkedIn, email services such as Gmail and Yahoo, and note-taking applications such as Evernote. These services are intuitive, easy to use, and are readily available at no cost to users on their desktops, laptops and mobile devices – a consequence of the “bring your own device” (BYOD) phenomenon. Users now expect all the work applications they use to be just as intuitive, easy to access and engaging.
The drawbacks to the enterprise, in this stage, need little explanation. Most organizations do not want their employees storing critical data in the public cloud. These applications do not meet the stringent regulatory compliance standards for transmitting or sharing critical data. To put it bluntly, these services may be convenient, but they are rarely up to IT snuff.
Stage 2: Security Brings the Hammer Down
As the pain of stage one becomes clear to IT, we enter a second stage mired in the “us versus them” paradigm. IT departments, fearing the risk to their organization’s most important asset – data –and facing mandates to comply with corporate and government regulations, are reluctant to give employees access to certain applications that require storing and accessing information on public clouds. IT departments have experienced too many data leaks or exploits through breaches or cyber espionage and it’s no surprise that a whopping 95% of organizations who use public clouds are searching for alternative data storage methods.
It’s at this second stage that IT quashes the use of purely public file sync and share platforms, pushing users to adopt older, more traditional file sync and share or FTP solutions that are slow, clunky, difficult to use and add, at least from the user’s perspective, very little value to their work. In the second stage, users start to rebel, taking matters into their own hands by downloading these banned “shadow IT” file sharing solutions, essentially returning the company to the first stage.
Stage 3: Hybrid Cloud Reconciliation
It’s at this third and final stage that users and IT find the solution that meets their collective needs. Specifically, users get a simple and easy-to-use platform, while IT departments can enforce strict policies on who can access what document when and where, and can dictate that certain data be stored on-premises, thereby avoiding the security and/or compliance headaches that can occur with a purely public cloud deployment. We call this the hybrid cloud model: it gives customers a choice to store their data in the public cloud or on-premises. Instead of file sync & share provider dictating where the information is stored, IT departments drive the decision making process, but maintain the support of end users by providing an ideal app experience regardless of the targeted storage backend.
At EMC Syncplicity by Axway, we’re working hard to help our customers bypass the first two stages – which are fraught with infighting, security and compliance challenges, low usage rates, and a significant reduction in productivity. Our customers require a solution that breaks the mold of the “security versus user experience” false dichotomy. Businesses demand simple and secure file sharing solutions in order to realize the full value of the app-based sharing economy. Any platform that does not satisfy the key demands of both users and IT departments inevitably falls short of the core promise of enterprise file sync and share and will never be fully adopted – and our customers cannot afford to be in that situation.
(Originally published on Wired Insights)
It’s no secret that smartphone adoption continues to explode with some studies estimating that 22 percent of the global population owning at least one device. That exceeds the 20 percent estimated to own PCs.
This growth trend makes complete sense given that smartphones and tablets now come equipped with computing power comparable to that of a mid-range laptops and desktops. Users are now embracing mobile devices as their primary work and personal computing devices while sacrificing few, if any, capabilities. It is no surprise that BYOD is today’s default expectation in the workplace. This paradigmatic shift is ushering in a new era for how users interact with information on their devices, but its full potential will only be realized if certain steps are taken.
With mobile fast becoming the de-facto computing platform, users are demanding improved user interfaces and experiences, similar to what they have gotten accustomed to with consumer apps. Even with hundreds of millions of dollars being invested in the development of enterprise mobile apps, end-users are still frustrated by their mobile work experience. They are no longer willing to put up with an antiquated desktop experience poorly translated into a mobile environment.
For example, until now, the primary goal of the mobile file sync and share apps has been to enable users to interact passively – to deliver simple access to files. This was, and has been, an important first step to extend access to desktop files from any device at any time. However, widespread mobile adoption is resulting in a convergence of forces including simplified user interfaces, and, most importantly, vastly improved and innovative software design that empowers sophisticated and intuitive interactions which have the promise to redefine how we interact with information.
Historically, users had to be exceptionally well organized to be productive, i.e., they needed to meticulously organize their files. In the new paradigm, the workflow is flipped with files keeping users themselves organized through follow a file, shared link, and folder, automatic insight alerts, and real-time push notifications. All these capabilities provide us the visibility into who, where and when our friends and colleagues are interacting with files.
What should be expected in this rapidly approaching mobile shift? We should expect to see two things.
First, it will be necessary to redefine, but not wholly reject existing structural work models. You don’t want to throw away the baby (or the tub) with the bathwater. Users do not want a completely new way of working -- file systems still have meaning. They want existing tools they use on the desktop to be simplified and optimized for the mobile platform, but with the same reassuring capabilities such as document creation, editing, annotation and presentation across all device platforms.
But within a smaller form factor and screen, simplified experience and progressive disclosure principles must be embraced. In this approach, the app reveals or discloses only the most necessary information in order to make it easy to complete a task.
Second, we should expect to see new or enhanced capabilities emerge which were impossible or poorly implemented in the era of the desktop, but are now reality on the mobile platform. Some of these capabilities already exist, such as voice to text recording -- ideal for content creation. Some are likely to go mainstream in the near future such as geo-location driven features where users can, for example, track or limit file access by location, or receive urgent reminders to approve time-sensitive files, or review a document in real-time with your colleagues using your tablet or smartphone
As mobile devices become further entrenched as the primary computer for the vast majority of the workforce, users are demanding a seamless experience that takes advantage of this unique platform’s strengths. The opportunities for progress and innovation are almost unlimited; from leveraging the inherent portability of the hardware, to respecting the need for simplified design, to transitioning it from consumption to a creation platform to using automation and location to eliminate mundane tasks.
Forward thinking companies will be the ones who embrace this directive and develop apps from a mobile first design principle to capitalize on delivering this new experience without time, location or access limitations.
Varun Parmar leads product management and user experience at EMC Syncplicity by Axway
We asked dozens of people within the Syncplicity by Axway team to challenge themselves for 30 days to only take a mobile device to meetings and leave their laptop at the desk. Or at home! The challenge was to experience first-hand what it’s like to rely only on a mobile device for everything from content consumption to editing.
Truth be told, I got a head start. The idea was hatched over the holidays and I started doing it almost immediately, well before our new mobile apps were launched.
Some of you probably saw my earlier tweets. And probably also saw that after a few weeks I slowed down on my “Go Lite” tweets. It turns out, this was not because I lost interest in the challenge. Quite the contrary! “Going Lite” became so deeply ingrained in how I did my work that I completely forgot I was taking a challenge!
And, that’s why I said the challenge was “concluding”—for me and many of you I know it will now be business as usual. I have no intention of going back.
So what did I learn from my experience?
What I liked the most…
Of course, if mobile devices could replace laptops 100% then laptops would no longer exist.
Here are some things that challenged me…
The Go Lite challenge showed me first hand how so many “work streams” in our daily routine do can now be done entirely on mobile devices. But that doesn’t mean all of them can.
Some work streams require vendors to take a “mobile first” approach—where vendors need to understand that their user is now most often mobile, and accessing the app on a mobile device, so everything about the app and user experience needs to start with “mobile”.
A growing number of work streams require a “mobile only” approach—the end user is always mobile and requires capabilities that leverage features only available on mobile device (e.g., camera, microphone, location awareness, proximity awareness, touch screen, etc.)
For a growing minority of apps, it’s still acceptable to follow a “mobile also” approach when the primary use case requires the processing, screen, and user input characteristics of a desktop or laptop. But new mobile devices are starting to close those gaps. And, enterprise vendors that are still building “mobile also” apps for mobile users will need to wake up soon!
Thanks again to everyone inside Syncplicity by Axway, EMC, and many of our customers and friends that took the Go Lite challenge. This was as much about learning as it was to have fun. And we hope you did both!
Head of Marketing
Over the past three weeks our Go Lite app masters and device demons have honed their strategies and sharpened their skills. As they’ve leveled up from mobile enthusiasts to Olympian challengers, they’ve gathered a few key insights that they’re willing to share—and here they are. (To learn more about the Go Lite Challenge, click here).
Finally…I can edit Microsoft Office docs
Kharisma (@kkmoraksi) cracked the code on downtime in the field. No more booting up her laptop, finding a WiFi network, and connecting to a VPN just so she can review a sales presentation or edit a Word doc. She’s a free spirit—just her and her iPad rockin’ the Office docs with the Syncplicity by Axway app. The simple ability to review and edit documents has flipped her downtime to uptime, and that has made her way more productive. “I can finally get real work done with my iPad!”
Seriously…I can do all this on an iPad?
Christina (@camacho1277) loves her iPad mini. And now she uses it for pretty much everything—webinars, file sharing, note taking, expense management, editing Word docs, and everything in between. Once she set up her iPad with WebEx, Evernote, Concur, Syncplicity by Axway, and a couple other key apps, she was good to go. So where’s that gotten her? Organized. More organized than ever. No more loose papers or sticky notes trailing behind her, “everything is in one place and it travels with me.”
Mobile multitasking is double the fun
What’s better than one mobile device? Two mobile devices, of course. If you ever need to do two completely different things at once—like look something up on the internet while editing a document—Leonard (@leonard_chung) has figured out the secret to mobile multitasking for you. “I’ve got an iPad and a smartphone…what’s keeping me from using them both at the same time?” With two screens, two keyboards, and two internet connections, it’s doubly easy to do twice as much.
Keep these three tips from our Go Lite team in mind:
Live. Share. Learn.
Do you have some life changing advice for mobile enthusiasts? We’d like to hear your Go Lite insights!
Ike got security.
"If you want total security, go to prison. There you're fed, clothed, given medical care and so on. The only thing lacking... is freedom."
- Dwight “Ike” Eisenhower
With mobility screaming freedom, clearly, “prison” is not an option for your content. Information security, today, is more complex than ever. Complexity leads to brittleness resulting in less security, not more. Instead of exacerbating the problem by walking you through hundreds of security controls we have in place, like many others, we plan to share with you three specific things we do differently that help you achieve more security. These are in response to the questions that we have heard you ask time and again, in a myriad of ways.
I know my users love Syncplicity by Axway but:
Stop by our booth #2521 at RSA Conference: