Channel technologies, Networking, Small business

Cloud File Sync and Sharing: Encryption Security Options Explained


Within the very crowded market for cloud-based file sync and sharing services, the encryption buzz s growing louder. Some upstarts say they now offer better or more intuitive security than base consumer offerings like Box and Dropbox. Plus, executives representing channel-centric offerings like Autotask File Sync and Sharing and eFolder Anchor have some strong opinions about proper security for VARs, MSPs and their SMB customers.

Among the latest chatter: Message encryption service Keybase has launched a private beta of a new file sharing system that lets you upload files to the cloud and automatically encrypt as well as sign them with your PGP key, notes The Next Web.

It sounds promising but it isn't the same as traditional file sync and sharing. As The Next Web puts it, "You’ll need a PGP key to secure your identity and there’s no option to sync files continuously from your desktop or mobile devices. That means it’s more suited to people who need a way to securely share files rather than those who simply want to free up space on their gadgets."

Meanwhile, Box has launched Box KeySafe -- an encryption offering for SMB customers that don't want to deal with the company's more complex Enterprise Key Management option. The enterprise approach requires a tricky encryption key management system on Amazon Web Services. Box KeySafe eliminates that complexity for SMBs, Box claims. And yes, rival Dropbox has some encryption know-how as well.

Also of note: Numerous encryption and security solutions now support file sync and sharing services. Names to know include BoxCrytor, Cloud Fogger, nCrypted Cloud, Sookasa and Viivo.

Channel Partner Options

Amid all those options, I still recommend that VARs and MSPs seek out pure channel alternatives. I'm not in a position to "endorse" specific platforms since I haven't done any hands-on comparison testing. But here's my general feeling: While Box and Dropbox have partner programs, their focus on the SMB channel sometimes wanders. In stark contrast, options like Autotask File Sync and Sharing and eFolder Anchor are channel-obsessed.

I certainly think we'll see a file sync and sharing market shakeout. There are simply too many options for partners and customers to consider. But the risks of an implosion are relatively low for partners that work with Autotask and eFolder. Both companies are profitable and in growth mode.

Autotask, eFolder Weigh In

When Keybase announced its end-to-end encryption offering last week, I reached out to Autotask and eFolder, seeking a better understanding of their respective encryption strategies. Their responses:

Autotask’s Pat Burns
Pat Burns

From Pat Burns, VP of product management:

“Currently Autotask Workplace does not provide end-to-end encryption. End-to-end encryption is more appropriately classified as Enterprise Key Management rather than an FSS solution. The Keybase service that you refer to is a very limited and isolated tool that addresses a very specific need; delivering an encrypted file end-to-end.  Autotask is focused on meeting much broader file sync and share business needs for our customers. Our service is SOC2 audited, HIPAA compliant, and supports encryption both in transit and at rest to guard against unwanted breaches of sensitive information. Services that are end-to-end encrypted are strictly focused on specific use cases and will severely limit the functionality of file sharing solutions. For example, with end-to-end encryption, organizations are no longer able to share public links to content, collaborate online, perform web editing, and mobile rendering of files.  The entire essence of file sync, share, and collaboration is lost.”

And from Pierre Tapia, VP of product, eFolder:

“eFolder's encryption strategy is designed to support businesses with the strictest compliance and security requirements. With Anchor (HIPAA compliant file sync and share), we ensure all data is encrypted in transit and at rest on the server using military-grade 256-bit AES encryption and SSL (specifically the safe TLS protocols). For an additional layer of security, Anchor can enforce two-factor authentication across all endpoints (desktop, web, mobile, and integrations) to prevent data breaches. This is on top of features like password complexity enforcement, password expiry policies, Active Directory integration, and remote data wipes.”

And there you have it. Plenty of options. And lots of security considerations. If I overlooked a channel-obsessed file sync and sharing solution please let me know.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.