• Replace sFTP with e-Share APIs

    The enterprise is partnering more broadly and deeply than ever before. But to obtain value from partnerships, data almost always needs to be exchanged - and on a regular basis, for ongoing collaboration. For the past decade this type of exchange has been enabled by IT and DevOps teams using ad-hoc cloud infrastructure and open source tools like PGP encryption FTP over SSH (AKA SFP).

     

    Recently CIOs and CISOs have become concerned with the proliferation of these "data exchange infrastructures"...

    Briefly:

    1. Data is extracted from a source application and copied to a network share.
    2. A script monitors the network share for new files, then encrypts them and copies them to an SFTP server in the DMZ.
    3. In the receiver's DMZ, a script monitors the SFTP server for new files, then copies them over.
    4. A script on the receiver's side monitors the SFTP server in the DMZ for new files, then downloads them to an internal network share.
    5. A script in the receiver's target application monitors the network share and loads new data files as they appear.

    What Could Go Wrong???

    This infrastructure is complex, with many servers and disparate processes that all have to work in synch while protecting valuable data. Here are the top issues customers report:

    • Duration of storage in the DMZ. Most SFTP servers don't expire or delete content - they just serve it for as long as they are up and running.
    • Copying files to the DMZ is risky. If the copy is automated and scripted, anything accidentally placed in the network share is rapidly replicated and exposed.
    • Encryption keys are exchanged manually. And very often via non-secure systems like email. 
    • Using direct key exchange means there is no way to revoke access to previously sent information. All content previously transferred remains accessible to the receiver.

    Most importantly, at scale, these types of hand-built systems become very hard to manage and non-compliant. As IT works to enable more and deeper partnerships through automated data exchange at what some have called the tipping point of cybercrime, it's critical to bring enterprise grade technology into this picture.

     

    The e-Share 100% cloud platform was designed from the beginning to provide sharing and collaboration services to the large or regulated enterprise. Using our REST APIs and/or CLI scripts, you can replace the sFTP servers in the DMZ and deliver large files through our platform, from network share to network share using your existing cloud file storage (OneDrive, Google Drive, Dropbox, Box).

    How It Works

    First, using our Client Web Portal, the DevOps team can authorize receivers to receive data. Those authorized are sent a secure mail message from your corporate domain - not a third party that may be blocked or quarantined - with details on how to connect to the service to establish data exchange.

     

    Next, replace SFTP with the e-Share service and CLI scripts. The resulting process is much simpler:

    Briefly:

    1. Data is extracted from the source application and copied to the network share.
    2. The e-Share Monitor & Upload CLI script watches the directory; when new files appear, they are transferred to your cloud storage, and shared through the e-Share service with one or more recipients. 
    3. On the receiver's side, the e-Share Monitor & Download CLI script monitors the network share; when new files appear, they are downloaded directly to the internal network share monitored by the target application.
    4. The receiver's target application sees the new files, and loads them automatically.
     
    Here's a screen shot of the CLI scripts in action:

    Game-Changing Modernization

    Replacing SFTP/DMZ with e-Share resolves a range of security and compliance risks, while reducing the complexity and cost of data exchange at scale. Some of the benefits our customers report include::
      • Improved security & reduced risk. No files are ever exposed in the DMZ
      • Exchange of keys is automated. And fully compliant.
      • All data is encrypted at-rest and in-motion. And this is enforced centrally.
      • Keys can be revoked at any time. Unless the file was already downloaded from the network share, it becomes instantly inaccessible to the receiver.
      • Sharing is governed by centrally defined policies. This includes automatic expiration, requiring additional layers of authentication (such as access codes) and much more
      • Large file support is out of the box
      • All actions are audited. Both sender and receiver can search, filter and export the audit logs
      • All exchange is done under your enterprise domain. No third parties or new domains need to be configured by IT or network administration, and all exchanges are 100% verifiable. 

      e-Share can be provisioned for your organization in a matter of days. Implement using CURL, CLI/Python or PowerShell (coming soon). Sample code and developer support are included.

       

       

    • To see how easy it is to replace sFTP with e-Share, please schedule a demo!

    ×
    This Privacy Policy provides our policies and procedures for collecting, using, and disclosing user information. Users can access the e-Share (also doing business as nCrypted Cloud LLC) software and service (the “Software and Service”) through our web site www.e-share.us (the “Site”), applications on devices, through APIs, and through third-parties. A “Device” is any computer used to access the e-Share Software and Service, including without limitation a desktop, laptop, mobile phone, tablet, or other consumer electronic device. This Privacy Policy governs your access of the e-Share Software and Service, regardless of how you access it, and by using our Software and Service you consent to the collection, transfer, processing, storage, disclosure and other uses described in this Privacy Policy. All of the different forms of data, content, and information described below are collectively referred to as “information”.
    
     
    
    The Information We Collect and Store
    
    We may collect and store the following information when running the e-Share Software and Service:
    
     
    
    Information You Provide to e-Share
    
    When you register an account, we collect some personal information, such as your name, and email address. You may also ask us to import your contacts by giving us access to your third-party services (for example, your email account). When you invite others to join e-Share by using our referral page, we send them a one-time email for that referral. You may also provide us with your contacts’ email addresses when sharing folders or files with them. We may also receive Personal Information (for example, your email address) through other users, for example if they have tried to share something with you or tried to refer e-Share to you.
    
     
    
    Automatically Collected Information
    
    We automatically receive certain types of information when you interact with our Web pages, services and communications. For example, it is standard for your Web browser to automatically send information to every Web site you visit, including ours. That information includes your computer’s IP address, access times, your browser type and language, and referring web site addresses. We may also collect information about the type of operating system you use, your account activity, and files and pages accessed or used by you.
    
     
    
    Log Data
    
    When you use the Software and Service, we automatically record information from your Device, its software, and your activity using the Software and Service. This may include the Device’s Internet Protocol (“IP”) address, browser type, the web page visited before you came to our website, information you search for on our website, locale preferences, identification numbers associated with your Devices, your mobile carrier, date and time stamps associated with transactions, system configuration information, metadata concerning your files, and other interactions with the Software and Service.
    
     
    
    Use of Personal Information
    
    In general, we use your personal information to process your requests or transactions, to provide you with information or services you request, to inform you about other information, events, promotions, products or services we think will be of interest to you, to facilitate your use of, and our administration and operation of, the web site and services and to otherwise serve you and our users. For example, we may use your personal information:
    
        to request feedback and to enable us to develop, customize and improve the Web site and our publications, products and services;
        to conduct marketing analysis, to send you surveys or newsletters, to contact you about services, products, activities, special events or offers from e-Share or our partners and for other marketing, informational, product development and promotional purposes;
        to send you a welcoming email and to contact you about your use of the web site and services;
        to respond to your emails, submissions, comments, requests or complaints;
        to perform after-sales services;
        to anticipate and resolve problems with our service;
        to respond to customer support inquiries, for assistance with our product and service development;
        and to inform you of updates to products and services from e-Share that better meet your needs;
        to store contacts you enter or upload into your contacts list for your private use and viewing;
        to send emails to users you invite (and contacts you invite to become users) to collaborate and access your files;
        to enable you to communicate, collaborate, and share files with users you designate;
        to contact you if you win a contest; and
        for other purposes about which we notify you.
    
     
    
    Service Providers, Business Partners and Others
    
    We may use certain trusted third party companies and individuals to help us provide, analyze, and improve the Software and Service (including but not limited to data storage, maintenance services, database management, web analytics, payment processing, and improvement of the Software and Service’s features). These third parties may have access to your information only for purposes of performing these tasks on our behalf and under obligations similar to those in this Privacy Policy.
    
     
    
    e-Share Community
    
    Our Software and Service offers publicly accessible community services such as forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Your posts may remain even after you cancel your account. For questions about your Personal Information on our Software and Service, please contact support@e-share.us. Our Site includes links to other web sites whose privacy practices may differ from those of e-Share. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any web site you visit.
    
     
    
    Changing or Deleting Your Information
    
    If you are a registered user, you may review, update, correct or delete the Personal Information provided in your registration or account profile by changing your “account settings.” If your personally identifiable information changes, or if you no longer desire our service, you may update or delete it by making the change on your account settings. In some cases we may retain copies of your information if required by law. For questions about your Personal Information on our Software and Service, please contact us support@e-share.us. We will respond to your inquiry within 30 days.
    
     
    
    Security
    
    We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website, you can contact us at support@e-share.us.
    
     
    
    International Users Outside of The EU
    
    This Website is controlled, operated, and administered by e-Share from its offices within the United States of America and this Policy is provided in accordance with and subject to applicable U.S. law. If you are based outside the United States and decide to access this Website or e-Share Software and Service from your location outside of the United States, you hereby consent to the transfer of your information to the United States, and its storage and use in accordance with this Policy.
    
     
    
    EU-US Privacy Shield Framework
    
    e-Share complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. e-Share has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit www.privacyshield.gov.
    
     
    
    Privacy Shield Independent Recourse Mechanism
    
    In compliance with the EU-US Privacy Shield Principles, e-Share commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact e-Share at: support@e-share.us. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, you can also submit your complaint to Privacy Trust, an independent third party. Visit https://www.privacytrust.com/drs/e-share to file a complaint. Finally, as a last resort and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
    
     
    
    Accountability For Onward Transfer
    
    e-Share is potentially liable when transferring your Account Data, referred to in this section as “Privacy Shield Data”, to a third party. e-Share will not share your Privacy Shield Data with third parties unless you have consented to the disclosure or in those situations where we are the data processor and have been instructed to do so by the data controller. e-Share may share your data with service providers solely for the purposes of rendering service to e-Share to facilitate the rendering of service to you. nCrypted Cloudwill ensure that third parties and service providers have adequate Privacy Shield Data protection measures in place through service agreements that adhere to the EU-US Privacy Shield principles or are based on the EU Standard Contractual Clauses.
    
     
    
    Enforcement And Liability
    
    e-Share is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) to ensure compliance with the EU-US Privacy Shield principles outlined in this Privacy Policy. Under certain limited conditions, you may have the possibility of invoking binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
    
     
    
    Disclosure
    
    Your personal Information may be disclosed as we believe to be necessary or appropriate in order to: (a) comply with a law, regulation or compulsory legal request; (b) respond to requests from public and government authorities; (c) protect our rights and property; (d) allow us to pursue available remedies or limit the damages that we may sustain.
    
     
    
    Contacting Us
    
    If you have any questions about this privacy policy, please contact us at support@ncryptedcloud.com.
    
     
    
    Changes to This Policy
    
    We may change this Policy from time to time. If we make any changes to this Policy, we will change the “last updated” date above. If there are material changes to this Policy, we will notify you more directly. We encourage you to check this Policy whenever you use our Web Sites and Services to understand how your personal information is used.