Posted on: 20 Dec, 2017 Posted by: Chris
On May 25th 2018 the new General Data Protection Regulations will come into force in the United Kingdom and across Europe. These regulations are designed to protect data privacy and to reshape the way organisations across the region approach this tricky subject.
Foldr includes many useful features that can help to ensure that, come May of 2018, you are doing everything that you can to maintain the security of your data and the privacy of your users. Using Foldr to access your organisational data will secure, automate and allow for auditing of your file transfers to assist in meeting several key GDPR principles, specifically:
Read on to learn more about Foldr can help to provide secure, compliant access to your data…
It starts with us – the users
All of the security tools in the world will be rendered useless if we as users are using insecure passwords. Foldr uses your existing accounts for authentication and, with a small amount of extra configuration, can also tap in to your organisation’s password policies allowing users to change passwords regularly and requiring that they meet certain standards. If you’re not yet using password complexity and expiration policies then now would be a good time to start and Foldr can help to ensure that users can manage their passwords from all of their devices.
But passwords aren’t enough
A secure password can help to slow down a potential attacker but should they obtain that password there may be no stopping them. The use of Two Factor Authentication (2FA) means that even if a password is compromised the attacker will still be denied access unless they also have the second factor. In Foldr we offer 2FA “out of the box” through the TOTP algorithm. Free apps like Authy are used to provide the second factor. Even better, 2FA in Foldr is completely granular based on user, group and location. For example a college could require that all staff must use 2FA when working remotely but not when inside the trusted college network. There’s a great article about setting up 2FA in Foldr in our Knowledge Base
Have you seen my iPad?
Our mobile apps are great and provide feature-rich on-the-go access to all of your files and folders whether they are stored on-premise or in cloud services. You’ve set up 2FA and TouchID or FaceID so your device is as secure as you can make it. And then you lose it. Luckily this need not be a security headache. With Foldr’s use of device tokens a user or administrator can quickly revoke access for your lost phone. Unfortunately we can’t help with sourcing a replacement.
Location! Location! Location!
A question that we’re often asked is whether Foldr can be used to prevent users from “downloading” sensitive information whilst still providing access to it. We’ll be honest, the simple here is “no”. To present information we must first retrieve (download) it from somewhere and store it – even temporarily – somewhere else. Whilst we have some control in our native apps, in a web browser we have very little control over how downloaded files are cached and even less control over whether a user can copy or save those files. Not to mention that a quick “print screen” or snap with a camera or phone would render any of these protections mute anyway. But there are some things that Foldr can do to ensure that data is only available in appropriate locations. When an administrator adds a storage location to Foldr they can set highly granular permissions as to who can access, edit and share from it. These permissions can also have a network location applied to them which means that users can only access them when they are on a trusted network helping to prevent inadvertent data leaks. Administrators can find out more about location-based permissions here.
Who? What? When? Where?
It can be hard for administrators to gain an oversight of what their users are up to with their data. Foldr provides a wealth of information that organisations can use to track the activity of users and individual files. Want to know when a file was accessed, by whom, where from and on what device – no problem. Foldr logs everything so that it’s all there ready for when you need it.
Single Sign-On – one login to rule them all!
Foldr includes a powerful Single Sign-On (SSO) Identity Provider service. Using SSO you can provide secure access to all of your connected services (Office 365, G Suite, etc.) without the need for multiple passwords. And of course all of our other security features such as 2FA work too. All SSO activity is recorded so you get the same Who? What? When? Where? that we provide for file access. Coupled with our support for Active Directory Kerberos Foldr offers true SSO.
Secure from end-to-end
Foldr has always used HTTPS encryption for all communication between browsers, apps and the Foldr server. This helps to ensure that eavesdroppers are unable to access your details or data whilst in transit and also to reassure users that they are connecting to the correct server. Many organisations already have a valid certificate which they can easily install on their Foldr appliance. For organisations who do not have a certificate Foldr supports the amazing Let’s Encrypt service allowing automated installation and renewal of signed certificates completely free of charge. Instructions for configuring Let’s Encrypt can be found here.
That’s just a few of the ways that Foldr can help to make GDPR less of a headache for you and your organisation. If you have any questions or would like to know more then please get in touch