Top 5 Reasons External File Sharing is Difficult and What To Do About It

Sharing files with external parties is fraught with a mix of uncertainty, risk and complexity, for both the individual and the organization. This is especially so when the files to be shared:

  • contain regulated data,
  • are many in number and/or size,
  • require modification by the external party,
  • are created within and shared from internal collaboration systems (e.g., Teams), or
  • are sent to clients, for whom you want the best possible experience.

Under these circumstances users are struggling, IT is burdened and/or information security intervenes. But this does not have to be. There are steps you can take to improve the productivity of your file sharing and content collaboration with external parties, while not compromising on data security.

Here are the Top 5 issues we see users and organizations confronting, and the steps they’ve taken to eliminate them.

1.  Users have to get IT involved to move large/bulk files

With email being a non-option for most (more on this later), users turn to IT for help, often by opening a ticket with the unhappy expectation of a several days turnaround while IT sets up an SFTP folder/account, creates a SharePoint site, or takes some other action.

The alternative is to provide a self-service file sharing capability, preferably one that allows the user to share files without the need to copy files into a new environment. For example, if the user’s files are already in OneDrive, SharePoint or Teams, allow them to share files from these locations. If there are missing security controls for you to allow this, consider providing these controls via e-Share.

2.  Users have too many tools to choose from

This embarrassment of riches leaves users confused, IT struggling to maintain overlapping capabilities, and security burdened with maintaining multiple DLP policies.

The solution is to adopt a single platform for external file sharing that allows users to share files using the tools and workflows they are already familiar with. For organizations that have deployed O365, this is Teams, SharePoint Online, OneDrive, Outlook and Office Apps. The common platform allows the organization to define a uniform set of sharing policies, no matter how files are shared. It also creates a single audit log for compliance reporting, risk assessment and investigations. e-Share can be that single platform, leveraging the strengths of O365 and providing the controls, branding and ease-of-use features that organizations require.

3.  Your O365-equipped organization does not allow file sharing via Teams, SharePoint and/or OneDrive.

Your users want to share files using the applications and workflows they are already using, but you are forcing them to seek other tools and, in most all cases, copy the shared files into those tools, manage file updates and changes between two copies and master yet-another application for file sharing.

The solution of course is to allow your users to stay within Teams, Outlook and Office Apps, and for your files to stay within SharePoint Online and OneDrive…all while securely sharing files externally. This is precisely what e-Share allows.

4.  It is difficult to manage file versions and often impossible to co-author documents

By forcing your users to store and share files outside of O365 you are preventing them from benefitting from the modern collaboration it makes possible. For example, they are left exchanging multiple copies of contract, hoping that redlines are not conflicting and using ‘merge and compare’ to avoid a catastrophe. That’s the stuff of the last decade, not this one.

The best way to avoid version confusion and truly co-author documents is to provide recipients a link to shared files, not the file itself. This modern collaboration capability is easy with e-Share, which natively integrates with Office Online and uses OneDrive and SharePoint Online to store all shared files.

5.  Email is surprisingly unpredictable and inflexible

Past experience prompts many questions when sharing files as an email attachment. Is the file size too large? Will a secure mail system unexpectedly kick in and create a bad experience for my customer? Will I run afoul of a compliance policy? Can I reliably recall an email sent to the wrong person? At the root of these questions is the organization’s inflexible approach to email, especially in the presence of regulated data. Email works, until it doesn’t.

Taking the mystery out of email can be achieved through well communicated security policies, DLP rules that offer more than allow or deny as outcomes, and a modern approach to secure email that provides a great recipient user experience. e-Share can help you realize the latter two, with the ability independently protect the body and attachments of an email and optionally replace all email attachments with links.

Taken together, the steps outlined here allow organizations to take the pain away from their external file sharing, enabling users to more easily, confidently and securely share files and collaborate with external parties to drive better business outcomes.

Initiating Your External File Sharing & Content Collaboration from Within Microsoft Office Apps

e-Share Blog

e-Share’s Add-in for Microsoft Office allows users to initiate their external file sharing and collaboration from within the apps they use to create most of their shared content…Word, Excel and PowerPoint. This improves productivity by eliminating the task and app switching that would otherwise be required to share newly created content.

Digital Transformation at the Micro Level

Organizations are increasingly looking to optimize their business processes and use digital technologies to transform their business to achieve better outcomes for clients, employees and shareholders. With the e-Share Add-in for Microsoft Office Apps, this transformation can extend down to the individual user and document level, to the time and place that content is created within Microsoft Office and the business need to share new content emerges.

Sharing at the Time & Place of Content Creation

The add-in allows users to create a “Trusted Share” from within Word, Excel and PowerPoint that contains the document being newly created. The Trusted Share is made available to recipients, both inside and outside of your organizations, with access and usage rights determined by the selected sharing policy.

e-Share - share policy

These policies are defined by your organization and can include a wide range of controls…e.g. view, edit, co-author, download, watermark, expiration, share with others, and authentication. Because Trusted Shares are a collaboration object, not merely a pointer to a shared file, recipients can optionally upload files into a Trusted Share…e.g. perhaps a counter proposal to a shared document.

Easy & Highly Collaborative File Sharing

As with all Trusted Shares created through the use of e-Share, the recipient receives a notification of the Trusted Share and, once accessed via the provided link, sees a fully branded file sharing and virtual data room portal. The entire experience is branded per the needs of e-Share’s clients…their logo, colors, and terms of use. Even the URL for the portal and all file links use a subdomain and associated certificate belonging to our client (i.e. files.your-company.com).

e-Share - share policy

This 100% white labeling capability promotes the brand of our client’s, instills trust, addresses recipient phishing concerns and prevents the link blocking common to file sharing directly from Box, Dropbox, Google Drive, OneDrive and SharePoint.

And with our optional Secure Conversations capability, the recipient can message the owner of the Trusted Share, perhaps acknowledging receipt or providing a requested approval.

The Trusted Share owner can see any replies from recipients within the Add-in and optionally reply. They can also open the Trusted Share associated with the shared document to change sharing options, expire the share, add/remove recipients, add additional documents, view any files uploaded by the recipient, and generally manage the Trusted Share.

e-Share - share policy

How do I get the add-in?

The Add-in for Microsoft Office is a user or organization installed extension to Microsoft applications that is available from the Microsoft Store. Once added to Word, Excel or PowerPoint, either in Office Online or Desktop app, it will be available across all instances of Word, Excel and PowerPoint, accessed from the toolbar ribbon.

e-Share - MS Office toolbar ribon

Share the Way You Work

e-Share’s Add-in for Office, coupled with the existing Add-in for Outlook and Bot for Teams, allows users to share files with external parties using whatever workflow they are most comfortable with. In all cases this sharing is performed using a common set of org-defined sharing policies that meet the collaboration needs of the business while assuring compliance with the organization’s data protection and governance policies.

A fuller description of the e-Share platform for external file sharing and content collaboration can be found on our site.

Schedule a demo with us to learn more.

Visit the e-Share web site for details on use cases, success stories and product features.

Extend Your File Sharing and Content Collaboration to Include 3rd Parties

e-Share Blog

The individuals you share files with outside of your organization are seldom the only ones who require access in order to meet the business need for sharing the file in the first place.

For example:

  • a supplier to whom you’ve sent and RFP may need to pull in a product manager in order to respond,
  • a private wealth client with whom you’ve shared a statement may want their accountant to have access to the same file for tax purposes, and
  • an R&D partner to whom you’ve sent a Joint Venture agreement will almost certainly need their legal counsel to review the contract.

When the need to re-share files arises, you and the outside party have options, but all come with significant drawbacks.

The recipient of a shared file could download the file (assuming you allow this) and pass this onto the other party. But if online editing and co-authoring of the document was your intent, the other party can’t participate.

The recipient could reach out to you and ask you to send the file to the other party or add them to the list of persons authorized to access the shared file, but this is a hassle for both of you and will take some time to coordinate.

But why not allow the recipient of a shared file to assign their rights to access the file to a 3rd party?

e-Share - Invite

With e-Share this can be easily done, either on a policy-basis or a case-by-case basis. And you can optionally require the data owner’s approval for this re-sharing. Better still, you can require this approval:

  • never…all re-sharing is automatically approved,
  • in all cases…all re-sharing must be approved, or
  • only when the additional recipient is not within the same organization as the original recipient.

There are many advantages to allowing 3rd parties to participate in a collaboration.

  • it’s productive for all involved,
  • it encourages more file sharing via links (versus email attachment), and
  • it reduces the need for downloads, eliminating data duplication and versioning issues and improving data protection.

Schedule a demo with us to learn more.

Visit the e-Share web site for details on use cases, success stories and product features.

Sharing & Collaboration in the Age of Epidemics

e-Share Blog

We live in interesting times. As the large enterprise struggles through digital transformation in the Age of AI, it now has to grapple with operating in the Age of Epidemics.

“we see a world that is more connected than ever by international travel, but that has also succumbed to growing isolationism and xenophobia. We see a time when scientific research and the demand for news, the spread of misinformation and the spread of a virus, all happen at a relentless, blistering pace.”

Photo - people using mobile phones

Every organization has curbed business travel and has staff working from home – but they can’t drop the ball with business partners and customers.

Leadership teams that weren’t prepared for this shift found themselves dealing with team mis–alignment, incoherent communication, unexpected expenses, missed revenue – even unhappy consumers. And here’s a reality check: depending on how your company’s journey to the cloud has progressed, you may have few or no external sharing and collaboration options

Trying to use cloud file storage to share files with folks outside your company like auditors, consultants, regulators, partners – even customers – is unfortunately a non-starter for most organizations. The world is dangerous. Bad actors are constantly imitating OneDrive, GDrive, Box and Dropbox for nefarious purposes – like phishing. The reality is that the built-in sharing options are not designed for external users. Their use of their own domain (e.g. box.com and sharepoint.com) for links (among other issues) makes them hard to verify. So they’re usually blocked by large or regulated recipient organizations. [More…]

The good news is, you can add e-Share to your existing O365 or GSuite installation and make sharing quick and easy for all employees! Our enterprise grade platform includes:

  • Out-of-box Integration with Microsoft O365, Teams, OneDrive, SharePoint, Azure Blob storage and more
  • Operation under your company’s domain, SSL certificate, logo, colors and legal terms – so recipients know it’s safe to share and collaborate
  • Full support for SSO, auto-provisioning, with no hardware or storage required
  • Powerful sharing features including requiring recipients to login with OpenID, without requiring software download or plug-ins
  • Web based portal allows completely self-service administration 

Find out why some of the most demanding large, regulated enterprises including leading Asset Managers, Health Insurers, Global Manufacturers and Retailers depend on e-Share!

 Schedule a demo with us to see and learn more.

Replace Your Fax with Share-With-Me Links

e-Share Blog
Photo

Believe it or not, many businesses still use fax machines. For security reasons. For compliance purposes. Because it works… simply put, the fax has three huge advantages over email:

  • It’s relatively secure, being on a private network
  • The odds of mis-addressing (sending to the wrong number) are relatively small
  • The delivered content is relatively hard to distribute without a copying machine (at least), and the main exposure is relatively small vs a digital copy

Today, e-Share released a full-on replacement for the fax machine: the Share-With-Me Link.

Put the link on your website, in your email signature, or on your business card… anywhere people who might want to share with you will see it!

Email

Anyone who needs to send you content securely can click or enter the link. They’ll have to briefly register…

e-Share - register

From there, they’ll receive a fully branded invitation, sent from your domain, to a virtual data room created on-the-fly so they can share files with you securely and compliantly!

e-Share - Virtual Data Room

Now the sharer can instantly, securely upload files to you with a single click.

They need only web browser – no plug-ins or software downloads of any kind are required. All transmission is as secure and compliant as a fax machine:

  • Protected in-motion with military grade encryption via your own sub-domain and SSL certificate
  • Incorrect or broken URLs don’t expose the content
  • Persisted only to your organization’s cloud file storage (OneDrive, Google Drive, Dropbox, Box, all via SSO with auto-provisioning) – so it isn’t available to anyone else in your company until you share it

But wait, there’s more!

The ShareWithMe link even includes essential features of enterprise-grade fax machines – like notifications. You’ll be notified automatically by email whenever someone shares with you:

e-Share - notification

The data room automatically enforces a range of sharing and authentication options. These are configured by your organizational administrator. A typical configuration is simply to allow files to be created & uploaded.

e-Share Users: Start Replacing TODAY!

Your Share With Me link is available from the client web portal, under the identity window:

e-Share - Identity window

Just click on the red copy icon, paste it into your email signature and you’re good to go. (Any questions? Contact customer service.)

For more information about this feature and how you can use it to replace your remaining fax machines, please register for a demo.

Be The Bridge, Not The Blocker With Link Sharing Protocols

e-Share Blog

A reflection from July 4th. When we are on vacation we make it our mission to get the most out of the time we spend away – with families, friends, even hobbies. Back at work, we are re-invigorated and attack the pile of work that inevitably awaits…

This is, as an excellent blog post noted last week, a time that brings “a certain amount of risk”.

Perhaps you have an email from a colleague linking to an article and asking you to take a look.

“If we were entirely rational beings, we’d compute the exact expected outcome of taking each risk in turn. It’d be an exhausting life, and one in which we wouldn’t get much done.”

Laptop typing Photo

So we don’t compute risk every second. This email is from a colleague. They clicked it first, right?

Do you click the link, or not? The reality is that there are two approaches in IT to dealing with this situation. The first is to block the link and protect the user. The second is to provide some sort of method for ad hoc sharing that requires a series of approvals, provisioning of hardware and/or software and/or accounts, and then getting the person on the receiving end to do the same.

So, what if the user trades in information for your company? For example – if they are in sales. They may need a favor from the colleague in the future. A tip. An introduction. A bit of information.

What if they have to read this article to complete their mission? The answer is that if IT offers nothing but prevention, they will turn to some other method. They’ll try to send it via GMail. Or Dropbox. Or SomeRandomWebSiteThatDoesSharing.com. This may be problematic.

The good news is that there is a far better way to support this user: deploy e-Share!

Here’s why:

e-Share diagram

1. e-Share’s cloud platform is fully integrated with O365. Your administration and security teams can use our self service platform to set policies that govern sharing. When the user needs to share with an unknown domain they can send an email and it and/or the attachments are automatically secured. Power users can choose from a range of fine-grained options that go way beyond read-only.

2. e-Share operates on your sub-domain, with your SSL certificate, and via single-sign on. Your employees will never see our URL or logo.

e-Share - Smart URL

3. You can train your users to look at URL domains. That’s a much simpler proposition than trying to explain phishing in all it’s glory.

Even if they make a mistake, with e-Share, the worst case scenario is a view-only share which they can immediately recall. Further, if they realize something was shared with the wrong person they can instantly terminate the link. (Even if they don’t, the link expires automatically after a few days.)

Learn about how leading companies use e-Share to drive cross-company collaboration and please, schedule a demo to see how it can help your company.

Zero Trust About Where You Store Content

e-Share Blog

A tough data breach this week. A sharing service ended up “sending its users shared files to the wrong people“.

The root cause could easily be a software issue, a breach in an underlying system (like a database), or some sort of hack – malware, causing clients to exfiltrate data, or perhaps an intruder doing the same.

This is why large and regulated enterprises block many third-party services. Simply put, it’s hard to know how good their internal security is – or how good the security of the provider they purchase it from is – or how carefully they screen their employees, how thoroughly they retire old hardware, or how much insurance they really have.

And it takes a lot of time, knowledge and effort to verify anything. The average security review costs more than $10,000 and many cost an order of magnitude or more. Why not just ask a simple question:

Where do you store my company’s data, and how do maintain our control over it?

The e-Share platform was designed from the zero trust perspective to resist this type of issue by storing as little customer data as possible.

Login with Microsoft

More specifically:

  • e-Share can be configured to store no passwords, requiring login via OpenID. Employees login with their corporate account and are automatically provisioned for services per organizational policies.
     
  • All shared content and conversations are stored in your organization’s cloud file storage system – OneDrive, GoogleDrive, Dropbox or Box.
     
  • Using O365 or GSuite online, our integrations access the global address list, and all email is subject to existing organizational compliance and security processes, from 2FA to virus and malware scanning and domain/recipient blocking.

e-Share is proud to protect the data of companies with a lot of sensitive data the business requirement to share it.

Storage providers

Register for a demo anytime to learn how you can deploy e-Share and enable Secure External Collaboration for your company!

The Mission Takes Priority

e-Share Blog

Sharing and collaborating with external parties is an essential business activity.

How else would you drive value via strategic outsourcing and/or the network effect? If you want your auditor to make sense of your financial reports, they’ll need to see them, at least. The problem is legacy sharing solutions don’t support external collaboration effectively. They likely require on-premises hardware and/or installation of software or plug-ins by recipients.

Those things are either not possible, or take forever.

Current cloud alternatives are either blocked or configured to disable guest access and anonymous sharing in most large or regulated enterprises – simply because they lack the fine-grained controls required for compliance.

At best, these platforms securely deliver a copy. Let’s hope you sent it to the right person.

The lack of tools for external collaboration can lead to trouble in the form of non-complaint sharing. As this excellent ComputerWeekly article “Despite failings, exec appetite for secure collaboration growing” points out:

“Top business decision makers are more reckless than ever with company data, but the appetite for secure collaboration tools is growing!”

Why would they make career limiting moves to share data? The answer is that the mission takes priority! But it’s not necessary. The survey quoted in the article makes it clear that collaboration tools are here to stay:

92% of respondents agreeing that collaboration tools are the best communication solutions to offer employees for work communication

But:

83% said it would be useful to be able to extend a company’s secure communication infrastructure to business partners and customers

Because, as noted, they don’t cover it today. They’re optimized for internal sharing.

Teams disabled

e-Share’s Trusted Sharing is fully integrated with the collaboration tools the enterprise already uses – like O365, MS Teams and GSuite. It’s 100% enterprise class, operating under your company’s sub-domain, with your certificates, brand logo and colors. Sharing notifications will be delivered, and not quarantined, as a result. Employees access the service via SSO with automatic provisioning, and your admins are in total control with centralized, policy-based controls plus searchable audit trail and on-demand reporting and analytics.

e-Share - Policy feature

Register for a demo to see how your company can enable sharing as a strategic weapon and put a stop to risky, shadow-collaboration efforts. Or read about how a huge financial services firm moved from “no cloud” to “cloud first” using e-Share…

Zones of Risk

e-Share Blog

Let’s imagine you had a fine-grained set of sharing controls at your fingertips.

How would you decide which features to use for a given recipient? At e-Share, we advocate thinking in zones or buckets of risk. You can use colors, numbers or descriptions to separate recipient needs, concerns, benefits – and potential issues. We recommend a zero-trust approach, wherein each zone has only the access required, with the risks associated with the upside of sharing fully managed.

For example, a regulated company might build a zone map like this:

From there, the trick is to work with IT security, legal and business managers to validate the design, and identify the best tools to use. Start with the highest value or highest risk zones.

For example, you likely already have a “green” zone in which internal employees are allowed to share copies. So too may “blue” zone contractors, under a BAA or other agreement, be permitted to share sensitive information so long as it is not in bulk, and ensuring it is encrypted if persisted.

Take a different approach for bulk transfers, and for collaboration where enriching the shared information and/or uploading a response is required. Most auditor collaborations, for example, put both parties at risk of breach… if you allow them only to read or edit documents online, without saving copies, you don’t need to worry about them as much…

For sharing in the yellow and red zones, ensure you control the data by denying download (including copy/paste) and ensure full traceability by automatically watermarking the document with the recipient’s username and IP address:

e-Share - View only watermark

From here you can assign $ amounts to risk – then weight the use cases by savings (or risk) and quickly identify the path forward.

If you’d like to discuss any of these steps, or see how our solution solves the problem from within tools your users already probably have, please contact e-Share anytime.