Dan Stone, Storage Made Easy: people are both the weakest link and the strongest line of defense
Work from home has become the new reality for businesses worldwide, offering a flexible and convenient model of operations. But how do you approach the topic of remote employment when so many workers have access, and thus responsibility, for your critical data? And can you ever feel completely sure that none of it gets into the wrong hands?
As more businesses adopt the work from home strategy, they face the dilemma of keeping and securing their private information properly. With thousands of employees having access to sensitive data, it’s crucial to find a reliable way of storing all this information in one place.
We reached out to Dan Stone, the COO at Storage Made Easy, to discuss the concept of secure file storage and why companies might be at risk if they opt for storing information locally.
How did Storage Made Easy originate?
Storage Made Easy’s journey was focused from the start on solving the core problem of ‘how does an enterprise secure and present data from different sources to its end users, whether that is on-premises data or on-cloud data. Initially, the File Fabric supported very few storage solutions, but today it supports over 60, including SMB and NFS file servers and solutions such as Nasuni, Microsoft Azure, Google Storage, Amazon S3, and many S3 compatible enterprise storage providers such as Cloudian and others.
The initial challenge when we first started was that no one was talking about multi-cloud and data federation. We were just a little ‘too early,’ and we had to stay the course until the market matured and the importance of these concepts became widely understood. That moment has arrived.
You take great pride in your File Fabric solution. Can you briefly explain how it works?
Briefly explained, The Enterprise File Fabric solves the problem of unifying enterprise storage data into a single, secure, collaborative namespace irrespective of whether company data is located on-premises, in a data center, or, as is increasingly the case, in the cloud. It provides hybrid workers a secure unified workspace for remote SMB file shares and Azure and S3 compatible storage assets.
Our mission is to provide intelligent policy-based enforcement and productivity enhancements across a company’s entire data estate satisfying three major imperatives:
How did the pandemic change organizations’ approach to cybersecurity? Were there any upgrades at SME as a result?
The pandemic affected companies of all industries. Firstly, there were the logistical challenges of embracing remote work. Our workforce was already widely distributed, so the impact on our internal operations was minimal.
Regarding our business, because our software provides secure access to enterprise data from any location with an internet connection, it is ideal for enterprises with many users working from home. The demands of supporting homeworkers have led to increased interest in and take-up of our solution. Recognizing the value we can deliver to our hybrid workforce customers, we have continued to strengthen the File Fabric’ data security and remote working functionality. The most recent example is our new product: SMBStream™, which provides secure, accelerated access to SMB Shares across the internet.
In your opinion, what type of industries are especially prone to cyberattacks? What do cybercriminals typically look for when choosing their next victim?
From the criminal’s perspective, victims are only useful if they can and will pay to regain control of their data. That means they must have operational dependencies on the data or hold large quantities of information that should not be made public. As we have seen over the past few years, companies in almost every industry meet those criteria, but public infrastructure and services providers and health care businesses stand out.
The other criterion for a productive attack (from the criminal’s perspective) is vulnerability. All other things being equal, organizations with lax information security practices are more likely to become victims because hackers are more likely to find a way to gain access to the company’s information assets.
You specialize in both object storage and file storage. However, these terms can be a bit confusing to the average user. Could you tell us more about the differences between the two?
File storage is what we are all used to. Think about the way your PCs or Macs have worked with files and folders for as long as you have been using them. Creating, renaming, moving, and deleting files and folders is effortless because file storage is designed to make those operations easy.
Object storage is a much newer form of storage designed to work at cloud scales. It is more rigid about how data can be stored and manipulated, and the notion of folders isn’t built-in. These characteristics complicate basic file operations, but the payback is that object storage has enormous capacity and is inexpensive at scale.
The differences between file storage and object storage create a sort of “impedance mismatch” between object storage and software that is designed to work with files and folders. That includes pretty much any program that an end-user would have on their desktop, for example, Microsoft Word or Excel, or AutoCAD. From its inception the File Fabric was designed to resolve that mismatch, making object storage work seamlessly with applications that expect files and folders. This approach extends the benefits of object storage all the way down to the end user’s desktop without requiring them to change their tools or their workflows. It is one of the main reasons for the File Fabric’s success.
With more companies switching to remote work, are there any security risks that might be overlooked in the process?
As always, people are both the weakest link and the strongest line of defense in cybersecurity. Companies should think about how work-from-home practices differ from the way work is done in the office environment. For example, employees working from home may be more vulnerable to social engineering attacks such as phishing or deceptive phone calls when their toolsets have changed or when the line between computing for work and personal computing has been blurred.
On the technical side, when users find that the work-from-home solutions provided by their employers are slow or unreliable, they may resort to storing data locally. This can present significant security challenges for the enterprise because its important data becomes dispersed across hundreds or thousands of end-user devices over which the organization has little or no control. For that reason, solutions such as the File Fabric that provide seamless access to enterprise data for users working from home without workflow changes are especially important for maintaining information security when the workforce is widely distributed.
Cyberattacks are currently on the rise, and yet, many take action only after an incident occurs. Why do you think people struggle to keep up with online security?
Cybersecurity requirements change quickly as technology changes and new attack vectors are discovered or invented. Keeping up is expensive and time-consuming. For example, JPMorgan Chase, the large American bank, spends 600 million dollars a year on cybersecurity. Most enterprises can’t afford the investment needed to provide end-to-end cybersecurity effectively across the information lifecycle themselves. That is why they leverage the focus and expertise of technology vendors that specialize in security solutions. Of course, having software that incorporates strong security capabilities doesn’t by itself guarantee that the enterprise will be secure, but starting from secure building blocks greatly increases the odds of success.
Which security solutions do you see taking the stage in 2022?
One trend that is already clear and will accelerate in the coming months is the shift from long-lasting passwords to more secure authentication mechanisms such as timed, one-time passwords and biometric factors. Another emerging trend is the application of artificial intelligence techniques, primarily machine learning, to threat detection and assessment.
Would you like to share what’s next for Storage Made Easy?
Storage Made Easy is fortunate to have an engaged and vocal customer base. Much of our product development is based on the requirements and wishes that our customers convey to us through both formal and informal channels. Their input has consistently validated our belief that information security is a paramount concern, and we will continue to emphasize cybersecurity considerations in both our choice of new features and in how we maintain and enhance the functionality that the File Fabric already provides.
Beyond that, our customers are telling us that managing large media assets is important to them, as are a cost-effective use of storage assets and a frictionless remote working experience. We are preparing to introduce important changes in all of these areas.