Egnyte’s centralized administration and secure content framework integrate data governance, control and compliance into each stage of the content life cycle. It facilitates end-to-end file server security across all of the locations where your users access data, and for the mission-critical files that your company manages.
We use a combination of technologies and practices to maximize file server security.
Egnyte’s secure file server gives IT teams a single access point to monitor and control stored files. Your files are protected by full audit capabilities and comprehensive data protection for content at rest and in transit.
Built-in controls like password strength and rotation with two-factor authentication help secure users’ accounts. IT teams can customize account expiration dates and manage external users for enhanced safety.
We utilize 256-bit AES file encryption to enhance file security. Egnyte Enterprise Key Management provides complete control of encryption keys and allows you to set access restrictions based on the user’s device type.
Every data transfer session is secured through the TLS protocol and 256-bit encryption.
Egnyte uses secure data centers around the world to provide fast access to your data while constantly replicating for geographic redundancy.
Egnyte scans all uploaded data for known malware and monitors files and behavior for evidence of malware and ransomware attacks to shut them down quickly. In the event of corrupted files, Egnyte offers Snapshot Recovery to quickly and easily restore entire file systems going back up to 4 weeks.
Egnyte’s ISO/IEC 27001-certified information security management system complies with GDPR protocols and facilitates data sovereignty.
The user management system is the first line of defense in Egnyte’s file server security arsenal. It handles all activities related to providing users with authenticated access, establishing permissions, and resetting or decommissioning access. Single Sign-On, Lightweight Directory Access Protocol (LDAP), Multi-factor Authentication (MFA), and Microsoft’s Active Directory (AD) can be selected and configured to match your organization’s security model.
Permissions based on groups and roles scale to large numbers of users, which increases your efficiency and saves time. No more checklists for replication across systems every time you add or delete a user. You can add users to groups, ensuring permissions are seamlessly assigned. New roles can be administered centrally and instantaneously rolled out to the user population.
With Egnyte, protecting your data from unauthorized access is a high priority. You can immediately be notified of a potential malicious log-in, by using a lockdown or by removing a particular user’s access. Egnyte can also provide the data for root cause analysis, should further research be required.
We have built our secure file system based on compliance and licensing requirements. Our platform simplifies audit reporting while helping you meet your regulatory requirements.
File encryption is the cornerstone of file security. Egnyte manages this at two levels – when files are in transit and at rest.
In today’s globalized world and hybrid working environment, users access files from anywhere and on any device. However, doing so can expose them to the risk of file interception during transit. HTTPS protocols create a secure transmission channel for your data. Egnyte uses AES 256-bit encryption to maintain data integrity during transfers. The same standard applies while sharing files with customers, vendors, and associates outside of your network.
We provide the highest levels of file server security by implementing AES 256-bit encryption on files at rest in our data centers. Even if someone gained access to a file, it would be impossible to read without the encryption key.
We store all encryption keys in a secure key vault. It is only accessible through Egnyte’s proprietary software. Customers can also manage their own encryption keys using third-party software or their on-premises setup. Integration is readily available for Microsoft Azure Key Vault and Amazon AWS CloudHSM.
With anytime, anywhere, anyhow access via desktops, laptops, tablets, mobile devices and web browsers, you require top-of-the-line device control capabilities for unbeatable file server security. At Egnyte, we use the following controls to maintain data security:
Administrators can set mandatory passcode locks for mobile devices and tablets. Employees must enter the code to access the app or if their phone has been idle. You can opt for controls and settings that empower you to delete all locally stored files after a certain number of incorrect attempts.
Our file security controls enable you to disallow local downloads of files that contain highly sensitive data. A high-level setting lets you decide whether users can download files on their mobile devices. Additionally, local copies can be deleted periodically to keep data safe.
Administrators have a centralized view of all end-user mobile, desktop and laptop devices through a web UI. Regardless of OS (Windows, Mac, iOS, Android), they can pick a device to initiate a quick erase of all Egnyte files, helping to prevent unauthorized access.
We host all servers on redundant Local Area Networks (LAN). They are equipped with redundant electrical supplies to protect against unforeseen outages, for round-the-clock access to your data.
Our data servers are only accessible through your application. Egnyte employees do not have access to your data and cannot remotely administer any tasks. A few administrators conduct hardware inspection and maintenance activities, only after they complete stringent background checks and security training.
Every organization and every team have unique collaboration processes. Financial and legal teams likely have multiple touchpoints with customers and vendors. Others may share highly sensitive information with a limited user base within the organization. Regardless of your needs, Egnyte’s centralized file server security enables you to share information and content however you see fit.
Individual users and groups can be granted view, edit or owner access at a granular level. You can set permissions across all connected repositories to prevent incorrect sharing of potentially sensitive information. For example, you can:
Organizations often struggle to share content securely with suppliers, partners and customers. Our secure file server and file encryption capabilities facilitate end-to-end security. For instance, you can:
Strong governance serves as the bedrock on which you can build sustainable file server security and comply with data privacy mandates. Centralized management and end-to-end visibility allow administrators to effectively design IT Security programs, identify and plug loopholes and mitigate risks.
Egnyte has built security processes into each phase of the content life cycle.
Securing your sensitive data starts with first identifying it as such. The AI-based Classification Engine can help you scan scores of documents and identify sensitive data like credit card numbers, US Social Security Numbers, addresses, etc. using pre-built templates. Whether you have unique requirements for your business or are looking to follow requirements that are laid down by regulations like HIPAA, FINRA, etc., Egnyte makes it easy to keep an up-to-date repository of your data set.
Organizations can create Content Safeguards that decide how their information is shared, who has access to it, how much access they have, when they have access until, and more. Dashboards can show a list of unsecured shared information and highlight any risks to file security.
Egnyte empowers you to disable compromised accounts, detect potential ransomware, force password resets, disallow links on sensitive content, delete unused accounts or groups, and more.
Unusual activity linked to potential insider threats, malicious actions or risks to file security are immediately flagged, and alerts go out to identified administrators. Organizations can identify any such problems in the ‘Issues’ tab, including, but not limited to, compromised accounts, sensitive content, suspected ransomware, public links and more.
Audit reports offer a 360-degree view of all actions related to users’ access (login/logout/password resets, etc.), file activities (uploads, downloads, links, etc.), permission changes (addition/revocation), and more. Centralized control makes it easy for organizations to meet regulatory requirements, especially in highly audited industries like healthcare and finance. Businesses can generate ad-hoc reports based on their specialized needs.
Many businesses must delete certain content periodically to meet contractual obligations. Others need certain content to be held for several years or more to fulfill legal obligations. Hence, file server security also involves strong practices and controls associated with the archival and deletion of content. You can set retention periods on files, after which they get sent for archival. Deleted files are sent to Trash folders with restricted Admin-Only access.
A: Definitely. We have 500+ built-in patterns to identify sensitive and regulated content. In case of litigation, you can place legal holds on a specified user’s content.
A: Yes. North Korea is already part of the US State Department’s export control list. So, Egnyte automatically restricts access to data from that nation. However, you can also edit the list to add locations that are based on your own business needs.
A: Yes. Administrators can set policies to allow file-level control. You can set a file to the ‘No Sharing’ option, which means that even a link to that file would not be available. If you require Preview Links, the system can make that available. You can set controls to ensure nobody downloads, copies or prints the content on the link.
A: Egnyte allows four permission levels at file and folder levels:
Owner - Rename, Read, Write, Delete, and Manage Permissions
A: Yes, the waterfall model automatically assigns parent folder permissions to existing sub-folders and any newly created folders. The administrator can then set unique permissions on the new folder. In case of a conflict, narrower permissions take precedence.