Axway Secure File Sharing

Top 10 Best Practices for Secure File Sharing

Empower employees, mitigate risk and regain control of your data

Read these ten tips to discover how

you can reduce risk and empower
productivity by ensuring that files
are shared securely both internally
and externally (including file sharing
across mobile devices).

Todays organizations must enable secure file sharing for employees, customers, partners
and colleagues in order to protect data assets and ensure regulatory compliance. But if
IT implements tools that are difficult to use, or security measures are too stringent, savvy
employees may circumvent them and turn to consumer-grade file sharing services, move
can undermine your overall security stance. The risks and cumulative costs of lost data,
productivity and customer confidence, as well as civil and criminal fines for exposing private
data, can be enormous, so ignoring the issue is simply not an option.

1. Know what your employees are really doing

By working around established systems, using unsecured methods, or turning to consumergrade cloud-based file sharing tools to get their jobs done, even the most well-intentioned
employees may be putting shared data and your organization at risk. Ask yourself: Do
your employees have the tools they need to easily and securely share files and collaborate
with colleagues and clients? If so, are they using them consistently? Its your job to find out.

2. Segregate data to ensure control and compliance

Wide availability and ease-of-use have made consumer-grade file sharing services
increasingly popular. But these services often co-mingle tenant data, which makes them
inappropriate for highly regulated industries (such as healthcare and financial services)
where co-mingling runs contrary to audit and compliance directives. Instead, you should
segregate your data using on-premise, private cloud and/or dedicated storage solutions to
support secure collaboration, ensure control and compliance, and streamline audits.

3. Hold your own keys to encryption

Providers of consumer-based file sharing tools can actually decrypt your data and share
encryption keys across tenants in the cloud. To ensure true security and file fidelity,

w w w. a x way. c o m

Axway Secure File Sharing

data must be encrypted in transit and at rest. Moreover, you must hold your own keys to
protect confidential information and intellectual property and ensure compliance with
increasingly stringent industry and government regulations ensuring third parties cannot
access your data. Look for secure file sharing solutions that deliver robust encryption and
allow you to hold the keys to encryption.

4. Recognize that compliance is a process not a product

While some tools claim to be HIPAA, HITECH or PCI compliant, there is no one piece of
software, cloud-based or otherwise, that can ensure regulatory compliance on its own.
Depending on your industry, your organization must establish and enforce policies to protect
the safety and privacy of intellectual property, health records or financial data. To ensure
compliance, choose secure file sharing tools with embedded Data Loss Prevention (DLP)
policy engines that provide full content inspection and policy enforcement on all files shared
across your enterprise or agency.

5. Extend virus detection and malware scanning

With the threat of viruses and other forms of malicious email activity on the rise, its easy
to focus on scanning email message to detect and address potential threats. However, its
vital that all files being shared or entering your network be fully scanned, including files
shared via mobile devices. For superior defense, look for tools that scan, detect, quarantine
and disinfect potentially damaging files and all enterprise file traffic at the Internet gateway,
in order to protect your network, customers and partners from receiving infected files.

6. Administrator controls are a must

When it comes to secure file sharing, control is key. To promote and enforce secure file
sharing across the enterprise, it should be easy for administrators to monitor usage,
oversee multiple appliances or virtual environments, adjust storage, export data for custom
reporting, track file shares and apply different policies to different departments.

7. Seek out an open Application Programming Interface (API)

Search for and select secure collaboration tools that seamlessly plug-and-play with your
existing architecture and established applications. Open APIs without browser or operating
system dependencies provide the flexibility to add new levels of integration and security
as your organizational needs evolve, without making additional changes to your enterprise
systems, applications, protocols or end-use workflows. For example, if a financial agency

w w w. a x way. c o m

Axway Secure File Sharing

loan officer has difficulty sharing a file using a new tool that is external to their familiar
loan origination tool, they may turn to a consumer-grade file-sharing tool. Integrating the
commercial grade file-sharing tool into the loan origination application greatly increases
adoption and reduces risks associated with unapproved tools.

8. Streamline new user on-boarding

To ensure adoption of your secure file sharing tools, on-boarding of new users should be
as seamless as possible. That means looking for tools that are integrated with corporate
directories, such as Active Directory, and enabling simple self-enrollment of external users,
with administrators retaining granular control.

9. High Availability is essential

To keep pace with todays fast-based business environments, High Availability (HA) is
essential. Whether on-premise or in the cloud, be sure that the solutions you choose have
no single point of failure, and leverage a multi-node architecture to enable application-based
HA, for seamless functionality in the event of a system failure.

10. Ensure ease of use

The secure file sharing solution you select should be easy for end users to understand
and adopt. Never compromise the user experience for security. Instead, look for a balance
of high security measures and a simple, inviting interface to keep end users satisfied and
using the tools consistently to accomplish their day to day tasks.

For more information, visit www.axway.com

Copyright Axway 2014. All rights reser ved.

w w w. a x way. c o m

BRIEF_SECURE_FILE_SHARING_AXW_EN_090814