Archive for category Data Security

RSA Conference 2015 Recap

Posted by on Friday, 8 May, 2015

RSA Conference 2015 Moscone Center South HallAfter an influx of high-profile data breaches, it was no surprise that the RSA Conference saw a record crowd this year of 33,000 attendees. The Moscone Center in San Francisco is a great venue and packed with attendees, over 500 vendors, 290 sessions and 700 speakers, there was no disputing the fact that if you were interested in anything related to information security, this was the place to be.

Walking amidst the sea of vendors in the North and South Halls it was easy to be simply overwhelmed by the sheer volume of displays, gimmicks and swag tactics. As this was my first RSA Conference, I was very excited to see and experience the myriad of phenomenon that comes standard with any conference of this size. Some of the booth displays are seriously impressive, huge LED screens, Oculus Rift interactive displays, flashy lights and celebrity look-alikes were everywhere. The great thing about it is that every single person or vendor at the conference was working toward the same goal in some form or fashion…securing information. If you were on a mission to find a product or person to help you achieve a higher level of security for your company’s specific needs, chances are you would find it here once you took the time to look. With so much going on, after a while everything starts to look the same, so you really have to pay attention or engage in conversations to figure out what most of the vendors at RSA Conference are representing.

RSA Conference 2015Sharing Files, Sharing Conversations

The GoAnywhere Booth at RSA 2015In the slightly quieter South Hall, our booth saw significant and steady traffic throughout the conference. It was great talking to people and getting firsthand feedback on the challenges they face and the concerns they had about security for their organizations. One thing I found to be a recurring theme in these conversations was the desire for file sharing solutions that were not cloud-based. I thought that was interesting as it seemed there were 10 cloud vendors for every non-cloud vendor with a display at RSA 2015.

With the sheer volume of cloud products represented, it was nice seeing the looks on people’s faces when they learned that GoAnywhere is an on-premise Managed File Transfer (MFT) product. I wish I had a dollar for every time someone said, “Not in the cloud? Oh good, better security.” I think as more people come to realize that they are responsible for the security of their data no matter where it is stored, being able to encrypt, control and monitor that data in your own local environment becomes paramount for many.

RSA Conference 2015I like analogies and when it comes to cloud vs on-premise, I personally tend to think of it in terms of storage. I can store my belongings in my home or I can pay for a space at a public storage facility. If my belongings were in a public storage facility, all it takes is someone with a lock cutter to gain access and chances are with all the traffic going in and out, it wouldn’t be noticed until it’s too late. RSA Conference 2015Personally, I prefer storing things in my basement or attic simply because I am diligent (perhaps overly so) about my home security. Sure, there are risks in any situation, but I prefer having my belongings and risk in an environment I can completely control. If I want to add Fort Knox level security measures to make it difficult for an intruder to get in, there’s nothing stopping me from doing that, it’s my home after all. Given the many conversations had and overheard at this year’s RSA Conference, I’m not alone in my thinking. It’s astonishing how many people seemed more comfortable with the idea of their digital data staying on premise, not in the cloud. When they learn that GoAnywhere can give them the ability to send, collaborate, secure and automate data transfers on premise, it’s like watching kids at a candy store. Those conversations are what makes attending these conferences so worthwhile, there is so much you can learn.

My RSA 2015 #SecSelfieOverall, the conference was a great experience, especially for a first timer. I chatted with several people who had wonderful things to say about the sessions, networking and things that they learned and the various speakers who presented. While it might be information overload to some extent with such a big crowd and so many sessions, speakers and vendors, I thought it was a friendly,energetic and informative atmosphere. I met a ton of great people, got to chat with some customers and really learned a lot about how people can/do use our software and which features truly make their work easier. One thing is for sure, we are definitely looking forward to returning next year to the RSA Conference.

Truly Secure On-Premise Document Management for HR

Posted by on Tuesday, 24 March, 2015

Document Management for HRHR departments receive, generate, and accumulate substantial volumes of documents such as job postings, employment applications, resumes, reference checks, testing data, personnel files wage and hour records, payroll records, and disciplinary files.

GoDrive by GoAnywhere™ is a secure file storage and collaboration solution that’s ideally suited to the unique document management requirements of today’s Human Resources departments.  GoDrive is an on-premise Enterprise File Sync and Sharing (EFSS) alternative to vulnerable cloud-based document storage services.

DS5.11 Exchange of Sensitive Data:

Exchange sensitive transaction data only over a trusted path or medium with controls to provide authenticity of content, proof of submission, proof of receipt, and non-repudiation of origin.

Even though files are stored using on-site or hosted systems, all data is encrypted in transit and at rest for true file integrity. When single documents or entire folders are shared with individuals or groups, only those authorized users can view the documents.

In compliance with Sarbanes-Oxley requirement DS5.11, GoDrive creates a trusted path to exchange sensitive transaction data.  Detailed audit logs track all activity, including who accessed which documents and from what location.  Email notifications can be generated when an individual downloads or uploads a file, providing a receipt confirming each interaction.

GoDrive supports a distributed workplace, making it efficient to disseminate informational and regulatory documents to in-office and remote employees.  Shared groups might include individual departments or a management team that spans the entire organization. Vendors and contractors can be authorized to access designated documents, and it’s an efficient way to accommodate requests by regulatory bodies.  You can also streamline the distribution of documents to job candidates and new hires.

File shares can be expired quickly and easily at any time due to termination, changes in vendor relations or at the completion of a disclosure commitment.  Permission settings on each file share let you define view-only, download, upload and delete rights.  Best of all, version control enables any document in GoDrive to be restored to a previous version and deleted files can be easily recovered without assistance from an IT Specialist.

GoDrive is robust yet cost-effective, flexible in scale to accommodate unlimited storage and is one of the only multi-platform on-premise EFSS solutions.  Talk to your IT administrator about the surprisingly inexpensive security advantages of GoDrive. Download a FREE full feature trial for evaluation on your own on-site or hosted systems.

Risky Cloud-based File Sharing Has Met Its Match in GoDrive EFSS

Posted by on Tuesday, 10 March, 2015

So you’ve decided 2015 is the year to finally end your organization’s use of high risk cloud-based file sharing services.  Maybe it came from a directive by senior management to reduce the exposure of sensitive company documents, or maybe you’ve accepted that policy enforcement is simply unmanageable.

Chances are, your requirements include greater control over user access, end-to-end encryption, disk quotas and the ability to wipe files on lost or stolen devices.  At the same time, you recognize that ease of use is paramount or employees will resist giving up their familiar apps.

One Way to Reduce RiskGoDrive by GoAnywhereTM might be one way to do just that.  More than a Dropbox alternative, GoDrive is a cloud storage replacement that delivers peace of mind.

For IT Professionals, GoDrive is the on-premise Enterprise File Sync and Sharing (EFSS) solution that gives you the centralized control you need.  Detailed audit logs provide senior management the assurance of knowing who’s accessing what files, when and from which device.

End-users will appreciate the intuitive drag-and-drop interface, and advanced file monitoring features are sure to impress.  Desktop sync creates a Windows drive that automatically updates documents for collaboration with both local and remote team members.

It’s the new network security initiative that makes perfect sense for everyone who needs a better way to share files. Try it yourself today with a FREE trial download to test on your own on-site or hosted system.

4 Benefits of On-premise Enterprise File Sync and Sharing

Posted by on Tuesday, 3 March, 2015

Benefits of on-premise EFSSToo many organizations have underestimated the value of mission-critical business documents.  Some employees may take great risks with sensitive or proprietary information and hope that nothing bad happens.

Today, there’s a new way for your entire organization to easily store documents and enjoy secure collaboration with GoDrive by GoAnywhereTM.  What makes GoDrive unique is the underlying technology, which provides powerful security and access management to make sure your data is safe.

Let’s look at the four biggest benefits of the GoDrive Enterprise File Sync and Sharing (EFSS) solution:

  1. Better Protection. Cloud-based file sharing services are limited in their ability to protect your sensitive business documents. As high profile service providers, they are under increased threat of attack by hackers, as seen in recent headlines regarding security concerns and data breaches. In contrast, GoDrive allows you to store your sensitive documents on your server of choice, providing you with local security and management of those documents.
  2. Efficiency and Control. Sending email attachments can be problematic due to file size restrictions or their vulnerability to interception during transmission. The GoDrive EFSS central storage lets you share a document once and continue to make updates, all the while shared users are accessing the most current information.
  3. Convenience. The GoDrive EFSS solution eliminates the need for memory sticks to transport data and the risk associated with using them. Your files can be securely accessed anywhere, anytime with a secure Internet connection and browser.
  4. Easy Sharing. Network drives can be found in nearly every office for sharing files within your department.  However, it’s not so convenient if you want to share files between remote office locations or when working offsite.  EFSS enables you to connect and share simply and easily without boundaries.

GoDrive is built on the proven security features of GoAnywhere ServicesTM.  The intuitive interface is simple for employees and trading partners, and project leaders will appreciate the advanced activity monitoring and email notifications.

Talk to your IT administrator about the security advantages of GoDrive.  They can even download a FREE full feature trial for evaluation.

What GoAnywhere customers should know about Shellshock

Posted by on Friday, 26 September, 2014

On September 24th, vulnerability CVE-2014-6271 and CVE-2014-7169, also known as Shellshock or the Bash bug, was found in the widely-used Unix Bash shell. The vulnerability allows Bash to execute commands from environment variables unintentionally.

GoAnywhere Director, GoAnywhere Services, and GoAnywhere Gateway run on a JVM which is invoked from within a Bash shell.  While GoAnywhere is not directly affected by this bug, the GoAnywhere startup process utilizes the common JAVA_HOME and JRE_HOME environment variables during the initialization of the JVM.  It is thus possible that a compromised environment variable on a vulnerable Linux and Unix system could cause the startup and shutdown process of GoAnywhere to unintentionally execute other commands and programs.

Linoma Software recommends that our customers who deploy GoAnywhere to Linux and UNIX servers be aware of this security bug and apply the appropriate patches as they become available from your operating system vendor.