Trusted Sharing from SharePoint Online

e-Share Blog

e-Share’s Trusted Sharing for SharePoint application allows users to initiate their external file sharing and content collaboration from within SharePoint Online. This greatly improves the productivity of users who are accustom to managing and curating their shared files and folders within SharePoint, eliminating the need for them to switch to the e-Share Web Portal to perform their Trusted Sharing.

Digital Transformation at the Micro Level

Organizations are increasingly looking to optimize their business processes and use digital technologies to transform their business to achieve better outcomes for clients, employees and shareholders. With the e-Share Trusted Sharing for SharePoint application, this transformation can extend down to the external file sharing and data rooms that users routinely use to collaborate with supplier, partners and customers.

Leverage SharePoint for Shared File Storage and Sharing UX

The Trusted Sharing for SharePoint application allows users to create a Trusted Share from within SharePoint, using SharePoint’s familiar menu and a streamlined UX. And as is always the case, your shared files are only stored within SharePoint. e-Share never stores your shared files.

As with Trusted Shares created via the e-Share Web Portal, the shared files are made available to recipients, both inside and outside of your organizations, via a branded UX with access and usage rights determined by the selected sharing policy. These sharing policies are defined by your organization and can include a wide range of controls…e.g. view, edit, co-author, download, watermark, expiration, share with others, and authentication.

Once you select OK, a notification is sent to the recipients of your Trusted Share and you are given an opportunity to manage your Trusted Share via the e-Share Web Portal. Whether your Trusted Share is created using our Trusted Sharing for SharePoint application or via the e-Share Web Portal, management of your Trusted Shares is performed through the e-Share Web Portal.

How do I get the Trusted Sharing for SharePoint application?

The application will soon be available from the Microsoft AppSource and Azure Marketplace stores, for easy installation by your O365 administrator. Till then, please contact your e-Share Account Executive and Customer Success team to obtain the install package and instructions.

Visit the e-Share web site for details on use cases, success stories and product features and to request a demo.

Three reasons data centric security finally enables collaboration

Three reasons data centric security finally enables collaboration

We recently had the pleasure of sponsoring and attending the Innovate Cybersecurity summit in early October and wow what a refreshing event. It was our first opportunity to really be face to face with the industry in a long time and the show provided a great platform to enable productive in person discussions. The reverse expo was a big hit!

In addition to being reminded how important in person contact is to build new relationships, Innovate reminded us that data centric security continues to be front and center in the CISO organization. Some organizations have successfully adopted a data centric security strategy, while others have barely started. If you are still unsure of what data centric security means, check out this blog post from the show where Michael Howden, Director of Security Services at Novacoast, does a great job summarizing it in more detail. 

What has changed with data centric security?

The concept of data centric security is not new. “Data is the new perimeter” has been a reality for more than a decade. What has changed is the accessibility of solutions that can accelerate a data centric security workflow while still enabling cloud-based collaboration. While CISO organizations embark on these data centric strategies, the question remains, will the business accept it or push back? Let’s face it, as the business has pushed for a digital strategy that enables cloud-based collaboration, security is often viewed as the roadblock to making this a reality. However, we believe (and have seen firsthand) that with a modern approach to data centric security, the business will embrace the controls instead of push back. 

Three reasons data centric security finally enables collaboration

1) Links reduce complexity

As organizations started to adopt cloud file sharing, they immediately changed when data needed to be controlled. Before people shared files with links in a central cloud, they would share with methods, such as email attachments, where security had to focus on trying to control the file at the time of sharing. This meant data centric security forced organizations to deploy complex policies to address endless scenarios that often led to false positives or encryption that nobody could use, ultimately leading to knowledge worker frustration. With links, you don’t need to control the file, you only need to control access to the file. This fundamental shift allows security to deploy more context aware policies that don’t lead to false positives and keep knowledge workers sharing in a cloud-based collaboration experience.

2) Labeling is a question of when, not if

Gone are the days that organizations need to convince themselves that data must be classified. It is now generally accepted that labeling is foundational to a data centric strategy. How an organization labels data will vary across a spectrum of 100% manual to 100% automated. Arguments can be made on both ends of the spectrum about what approach is better, but the recommended strategy really comes down to regulations, maturity, and organization size. Irrespective of approach, with labeling, users do not need to be part of the policy decision, they need to ensure the label of the file is correct. For the average knowledge worker, this is a much less daunting task then forcing users to determine whether the file needs to be encrypted or is even allowed to be shared with an external party. Instead, with labeling, knowledge workers just need to understand the sensitivity of the file. Yes, with an overly complex taxonomy this can be difficult, so we recommend keeping your taxonomy simple and to something that doesn’t require hours of training.

3) Modern data centric security solutions are born from the cloud

Knowledge workers want to collaborate from the cloud. They have been telling us this since the dawn of Shadow IT back around 2010. The good news is that modern data centric security solutions have been listening and now enable cloud-based workflows from the cloud. This architecture shift for the data security industry is critical not just to support your collaboration workflows of today, but the future of collaboration in your organization. The cloud drives innovation at a compounding rate and data security must be able to keep up. Knowledge workers do not want to be forced into workflows that take them away from the advantages of cloud collaboration (e.g. co-authoring) and cloud-based data centric security supports that mandate, well at least we do 😊

The last two decades have produced constant battles between knowledge workers and security. A lot of this friction has been created because, as an industry, security had failed to keep up with the pace of digital transformation. We believe that the next decade will be different. Harmony can exist between knowledge workers and IT through safe and frictionless collaboration with data centric security at the heart of it. 

Top 5 Reasons External File Sharing is Difficult and What To Do About It

Sharing files with external parties is fraught with a mix of uncertainty, risk and complexity, for both the individual and the organization. This is especially so when the files to be shared:

  • contain regulated data,
  • are many in number and/or size,
  • require modification by the external party,
  • are created within and shared from internal collaboration systems (e.g., Teams), or
  • are sent to clients, for whom you want the best possible experience.

Under these circumstances users are struggling, IT is burdened and/or information security intervenes. But this does not have to be. There are steps you can take to improve the productivity of your file sharing and content collaboration with external parties, while not compromising on data security.

Here are the Top 5 issues we see users and organizations confronting, and the steps they’ve taken to eliminate them.

1.  Users have to get IT involved to move large/bulk files

With email being a non-option for most (more on this later), users turn to IT for help, often by opening a ticket with the unhappy expectation of a several days turnaround while IT sets up an SFTP folder/account, creates a SharePoint site, or takes some other action.

The alternative is to provide a self-service file sharing capability, preferably one that allows the user to share files without the need to copy files into a new environment. For example, if the user’s files are already in OneDrive, SharePoint or Teams, allow them to share files from these locations. If there are missing security controls for you to allow this, consider providing these controls via e-Share.

2.  Users have too many tools to choose from

This embarrassment of riches leaves users confused, IT struggling to maintain overlapping capabilities, and security burdened with maintaining multiple DLP policies.

The solution is to adopt a single platform for external file sharing that allows users to share files using the tools and workflows they are already familiar with. For organizations that have deployed O365, this is Teams, SharePoint Online, OneDrive, Outlook and Office Apps. The common platform allows the organization to define a uniform set of sharing policies, no matter how files are shared. It also creates a single audit log for compliance reporting, risk assessment and investigations. e-Share can be that single platform, leveraging the strengths of O365 and providing the controls, branding and ease-of-use features that organizations require.

3.  Your O365-equipped organization does not allow file sharing via Teams, SharePoint and/or OneDrive.

Your users want to share files using the applications and workflows they are already using, but you are forcing them to seek other tools and, in most all cases, copy the shared files into those tools, manage file updates and changes between two copies and master yet-another application for file sharing.

The solution of course is to allow your users to stay within Teams, Outlook and Office Apps, and for your files to stay within SharePoint Online and OneDrive…all while securely sharing files externally. This is precisely what e-Share allows.

4.  It is difficult to manage file versions and often impossible to co-author documents

By forcing your users to store and share files outside of O365 you are preventing them from benefitting from the modern collaboration it makes possible. For example, they are left exchanging multiple copies of contract, hoping that redlines are not conflicting and using ‘merge and compare’ to avoid a catastrophe. That’s the stuff of the last decade, not this one.

The best way to avoid version confusion and truly co-author documents is to provide recipients a link to shared files, not the file itself. This modern collaboration capability is easy with e-Share, which natively integrates with Office Online and uses OneDrive and SharePoint Online to store all shared files.

5.  Email is surprisingly unpredictable and inflexible

Past experience prompts many questions when sharing files as an email attachment. Is the file size too large? Will a secure mail system unexpectedly kick in and create a bad experience for my customer? Will I run afoul of a compliance policy? Can I reliably recall an email sent to the wrong person? At the root of these questions is the organization’s inflexible approach to email, especially in the presence of regulated data. Email works, until it doesn’t.

Taking the mystery out of email can be achieved through well communicated security policies, DLP rules that offer more than allow or deny as outcomes, and a modern approach to secure email that provides a great recipient user experience. e-Share can help you realize the latter two, with the ability independently protect the body and attachments of an email and optionally replace all email attachments with links.

Taken together, the steps outlined here allow organizations to take the pain away from their external file sharing, enabling users to more easily, confidently and securely share files and collaborate with external parties to drive better business outcomes.

Extend Your File Sharing and Content Collaboration to Include 3rd Parties

e-Share Blog

The individuals you share files with outside of your organization are seldom the only ones who require access in order to meet the business need for sharing the file in the first place.

For example:

  • a supplier to whom you’ve sent and RFP may need to pull in a product manager in order to respond,
  • a private wealth client with whom you’ve shared a statement may want their accountant to have access to the same file for tax purposes, and
  • an R&D partner to whom you’ve sent a Joint Venture agreement will almost certainly need their legal counsel to review the contract.

When the need to re-share files arises, you and the outside party have options, but all come with significant drawbacks.

The recipient of a shared file could download the file (assuming you allow this) and pass this onto the other party. But if online editing and co-authoring of the document was your intent, the other party can’t participate.

The recipient could reach out to you and ask you to send the file to the other party or add them to the list of persons authorized to access the shared file, but this is a hassle for both of you and will take some time to coordinate.

But why not allow the recipient of a shared file to assign their rights to access the file to a 3rd party?

e-Share - Invite

With e-Share this can be easily done, either on a policy-basis or a case-by-case basis. And you can optionally require the data owner’s approval for this re-sharing. Better still, you can require this approval:

  • never…all re-sharing is automatically approved,
  • in all cases…all re-sharing must be approved, or
  • only when the additional recipient is not within the same organization as the original recipient.

There are many advantages to allowing 3rd parties to participate in a collaboration.

  • it’s productive for all involved,
  • it encourages more file sharing via links (versus email attachment), and
  • it reduces the need for downloads, eliminating data duplication and versioning issues and improving data protection.

Schedule a demo with us to learn more.

Visit the e-Share web site for details on use cases, success stories and product features.

Sharing & Collaboration in the Age of Epidemics

e-Share Blog

We live in interesting times. As the large enterprise struggles through digital transformation in the Age of AI, it now has to grapple with operating in the Age of Epidemics.

“we see a world that is more connected than ever by international travel, but that has also succumbed to growing isolationism and xenophobia. We see a time when scientific research and the demand for news, the spread of misinformation and the spread of a virus, all happen at a relentless, blistering pace.”

Photo - people using mobile phones

Every organization has curbed business travel and has staff working from home – but they can’t drop the ball with business partners and customers.

Leadership teams that weren’t prepared for this shift found themselves dealing with team mis–alignment, incoherent communication, unexpected expenses, missed revenue – even unhappy consumers. And here’s a reality check: depending on how your company’s journey to the cloud has progressed, you may have few or no external sharing and collaboration options

Trying to use cloud file storage to share files with folks outside your company like auditors, consultants, regulators, partners – even customers – is unfortunately a non-starter for most organizations. The world is dangerous. Bad actors are constantly imitating OneDrive, GDrive, Box and Dropbox for nefarious purposes – like phishing. The reality is that the built-in sharing options are not designed for external users. Their use of their own domain (e.g. box.com and sharepoint.com) for links (among other issues) makes them hard to verify. So they’re usually blocked by large or regulated recipient organizations. [More…]

The good news is, you can add e-Share to your existing O365 or GSuite installation and make sharing quick and easy for all employees! Our enterprise grade platform includes:

  • Out-of-box Integration with Microsoft O365, Teams, OneDrive, SharePoint, Azure Blob storage and more
  • Operation under your company’s domain, SSL certificate, logo, colors and legal terms – so recipients know it’s safe to share and collaborate
  • Full support for SSO, auto-provisioning, with no hardware or storage required
  • Powerful sharing features including requiring recipients to login with OpenID, without requiring software download or plug-ins
  • Web based portal allows completely self-service administration 

Find out why some of the most demanding large, regulated enterprises including leading Asset Managers, Health Insurers, Global Manufacturers and Retailers depend on e-Share!

 Schedule a demo with us to see and learn more.

Replace Your Fax with Share-With-Me Links

e-Share Blog
Photo

Believe it or not, many businesses still use fax machines. For security reasons. For compliance purposes. Because it works… simply put, the fax has three huge advantages over email:

  • It’s relatively secure, being on a private network
  • The odds of mis-addressing (sending to the wrong number) are relatively small
  • The delivered content is relatively hard to distribute without a copying machine (at least), and the main exposure is relatively small vs a digital copy

Today, e-Share released a full-on replacement for the fax machine: the Share-With-Me Link.

Put the link on your website, in your email signature, or on your business card… anywhere people who might want to share with you will see it!

Email

Anyone who needs to send you content securely can click or enter the link. They’ll have to briefly register…

e-Share - register

From there, they’ll receive a fully branded invitation, sent from your domain, to a virtual data room created on-the-fly so they can share files with you securely and compliantly!

e-Share - Virtual Data Room

Now the sharer can instantly, securely upload files to you with a single click.

They need only web browser – no plug-ins or software downloads of any kind are required. All transmission is as secure and compliant as a fax machine:

  • Protected in-motion with military grade encryption via your own sub-domain and SSL certificate
  • Incorrect or broken URLs don’t expose the content
  • Persisted only to your organization’s cloud file storage (OneDrive, Google Drive, Dropbox, Box, all via SSO with auto-provisioning) – so it isn’t available to anyone else in your company until you share it

But wait, there’s more!

The ShareWithMe link even includes essential features of enterprise-grade fax machines – like notifications. You’ll be notified automatically by email whenever someone shares with you:

e-Share - notification

The data room automatically enforces a range of sharing and authentication options. These are configured by your organizational administrator. A typical configuration is simply to allow files to be created & uploaded.

e-Share Users: Start Replacing TODAY!

Your Share With Me link is available from the client web portal, under the identity window:

e-Share - Identity window

Just click on the red copy icon, paste it into your email signature and you’re good to go. (Any questions? Contact customer service.)

For more information about this feature and how you can use it to replace your remaining fax machines, please register for a demo.

Be The Bridge, Not The Blocker With Link Sharing Protocols

e-Share Blog

A reflection from July 4th. When we are on vacation we make it our mission to get the most out of the time we spend away – with families, friends, even hobbies. Back at work, we are re-invigorated and attack the pile of work that inevitably awaits…

This is, as an excellent blog post noted last week, a time that brings “a certain amount of risk”.

Perhaps you have an email from a colleague linking to an article and asking you to take a look.

“If we were entirely rational beings, we’d compute the exact expected outcome of taking each risk in turn. It’d be an exhausting life, and one in which we wouldn’t get much done.”

Laptop typing Photo

So we don’t compute risk every second. This email is from a colleague. They clicked it first, right?

Do you click the link, or not? The reality is that there are two approaches in IT to dealing with this situation. The first is to block the link and protect the user. The second is to provide some sort of method for ad hoc sharing that requires a series of approvals, provisioning of hardware and/or software and/or accounts, and then getting the person on the receiving end to do the same.

So, what if the user trades in information for your company? For example – if they are in sales. They may need a favor from the colleague in the future. A tip. An introduction. A bit of information.

What if they have to read this article to complete their mission? The answer is that if IT offers nothing but prevention, they will turn to some other method. They’ll try to send it via GMail. Or Dropbox. Or SomeRandomWebSiteThatDoesSharing.com. This may be problematic.

The good news is that there is a far better way to support this user: deploy e-Share!

Here’s why:

e-Share diagram

1. e-Share’s cloud platform is fully integrated with O365. Your administration and security teams can use our self service platform to set policies that govern sharing. When the user needs to share with an unknown domain they can send an email and it and/or the attachments are automatically secured. Power users can choose from a range of fine-grained options that go way beyond read-only.

2. e-Share operates on your sub-domain, with your SSL certificate, and via single-sign on. Your employees will never see our URL or logo.

e-Share - Smart URL

3. You can train your users to look at URL domains. That’s a much simpler proposition than trying to explain phishing in all it’s glory.

Even if they make a mistake, with e-Share, the worst case scenario is a view-only share which they can immediately recall. Further, if they realize something was shared with the wrong person they can instantly terminate the link. (Even if they don’t, the link expires automatically after a few days.)

Learn about how leading companies use e-Share to drive cross-company collaboration and please, schedule a demo to see how it can help your company.

Zero Trust About Where You Store Content

e-Share Blog

A tough data breach this week. A sharing service ended up “sending its users shared files to the wrong people“.

The root cause could easily be a software issue, a breach in an underlying system (like a database), or some sort of hack – malware, causing clients to exfiltrate data, or perhaps an intruder doing the same.

This is why large and regulated enterprises block many third-party services. Simply put, it’s hard to know how good their internal security is – or how good the security of the provider they purchase it from is – or how carefully they screen their employees, how thoroughly they retire old hardware, or how much insurance they really have.

And it takes a lot of time, knowledge and effort to verify anything. The average security review costs more than $10,000 and many cost an order of magnitude or more. Why not just ask a simple question:

Where do you store my company’s data, and how do maintain our control over it?

The e-Share platform was designed from the zero trust perspective to resist this type of issue by storing as little customer data as possible.

Login with Microsoft

More specifically:

  • e-Share can be configured to store no passwords, requiring login via OpenID. Employees login with their corporate account and are automatically provisioned for services per organizational policies.
     
  • All shared content and conversations are stored in your organization’s cloud file storage system – OneDrive, GoogleDrive, Dropbox or Box.
     
  • Using O365 or GSuite online, our integrations access the global address list, and all email is subject to existing organizational compliance and security processes, from 2FA to virus and malware scanning and domain/recipient blocking.

e-Share is proud to protect the data of companies with a lot of sensitive data the business requirement to share it.

Storage providers

Register for a demo anytime to learn how you can deploy e-Share and enable Secure External Collaboration for your company!

The Mission Takes Priority

e-Share Blog

Sharing and collaborating with external parties is an essential business activity.

How else would you drive value via strategic outsourcing and/or the network effect? If you want your auditor to make sense of your financial reports, they’ll need to see them, at least. The problem is legacy sharing solutions don’t support external collaboration effectively. They likely require on-premises hardware and/or installation of software or plug-ins by recipients.

Those things are either not possible, or take forever.

Current cloud alternatives are either blocked or configured to disable guest access and anonymous sharing in most large or regulated enterprises – simply because they lack the fine-grained controls required for compliance.

At best, these platforms securely deliver a copy. Let’s hope you sent it to the right person.

The lack of tools for external collaboration can lead to trouble in the form of non-complaint sharing. As this excellent ComputerWeekly article “Despite failings, exec appetite for secure collaboration growing” points out:

“Top business decision makers are more reckless than ever with company data, but the appetite for secure collaboration tools is growing!”

Why would they make career limiting moves to share data? The answer is that the mission takes priority! But it’s not necessary. The survey quoted in the article makes it clear that collaboration tools are here to stay:

92% of respondents agreeing that collaboration tools are the best communication solutions to offer employees for work communication

But:

83% said it would be useful to be able to extend a company’s secure communication infrastructure to business partners and customers

Because, as noted, they don’t cover it today. They’re optimized for internal sharing.

Teams disabled

e-Share’s Trusted Sharing is fully integrated with the collaboration tools the enterprise already uses – like O365, MS Teams and GSuite. It’s 100% enterprise class, operating under your company’s sub-domain, with your certificates, brand logo and colors. Sharing notifications will be delivered, and not quarantined, as a result. Employees access the service via SSO with automatic provisioning, and your admins are in total control with centralized, policy-based controls plus searchable audit trail and on-demand reporting and analytics.

e-Share - Policy feature

Register for a demo to see how your company can enable sharing as a strategic weapon and put a stop to risky, shadow-collaboration efforts. Or read about how a huge financial services firm moved from “no cloud” to “cloud first” using e-Share…

Zones of Risk

e-Share Blog

Let’s imagine you had a fine-grained set of sharing controls at your fingertips.

How would you decide which features to use for a given recipient? At e-Share, we advocate thinking in zones or buckets of risk. You can use colors, numbers or descriptions to separate recipient needs, concerns, benefits – and potential issues. We recommend a zero-trust approach, wherein each zone has only the access required, with the risks associated with the upside of sharing fully managed.

For example, a regulated company might build a zone map like this:

From there, the trick is to work with IT security, legal and business managers to validate the design, and identify the best tools to use. Start with the highest value or highest risk zones.

For example, you likely already have a “green” zone in which internal employees are allowed to share copies. So too may “blue” zone contractors, under a BAA or other agreement, be permitted to share sensitive information so long as it is not in bulk, and ensuring it is encrypted if persisted.

Take a different approach for bulk transfers, and for collaboration where enriching the shared information and/or uploading a response is required. Most auditor collaborations, for example, put both parties at risk of breach… if you allow them only to read or edit documents online, without saving copies, you don’t need to worry about them as much…

For sharing in the yellow and red zones, ensure you control the data by denying download (including copy/paste) and ensure full traceability by automatically watermarking the document with the recipient’s username and IP address:

e-Share - View only watermark

From here you can assign $ amounts to risk – then weight the use cases by savings (or risk) and quickly identify the path forward.

If you’d like to discuss any of these steps, or see how our solution solves the problem from within tools your users already probably have, please contact e-Share anytime.