written by Simon

Important unstructured data concerning accounting, product development, and marketing are stored in file servers in organizations. Users share the data using shared folders on file servers. File server security is crucial because organizations could lose intellectual property and be damaged in terms of business continuity and reputation if the data is lost or leaked from a file server due to disaster, error, or external attack.

The following should be done to secure file servers: 1) keep file servers in a secure place to prevent theft, 2) separate file servers from the Internet to prevent cyber-attack, 3) encrypt file servers using Bit Locker to prevent data leakage in case of theft or loss, 4) keep Windows file server software updated to maintain up-to-date security patches, 5) install anti-virus software to prevent malware, 6) control access and privileges of users, 7) regularly back up file servers, 8) whitelist applications in a file server to prevent ransomware, and 9) audit the file logs of users.

However, existing file server security solutions have mostly concentrated on preventing attacks from the outside and lack focus on preventing insider threats to file servers.

Theoretically, we can audit files a user copies or transfers outside the server through logs provided by the Windows file server; however, in reality, if the options are set to create logs, tons of logs can be created. Accordingly, it is very hard to figure out which log is useful, and log data management can be another bothersome job, which is why many expensive third-party file server audit software applications for sorting, managing, and monitoring logs are needed.

We can manage users’ permission as ‘read only,’ ‘write,’ ‘modify,’ etc. However, we cannot prevent a user from copying a file to the outside, even by assigning the ‘read only’ permission to a user. As a user’s permission provided by Windows, ‘read only,’ only makes it impossible to modify the original file with the same file name. If we rename it, we can modify and copy it as well. However, when it comes to file servers, as an important collaborative workspace in organizations, more features relating to insider threat prevention are needed for more than permission management. It should be possible to prevent users from copying, printing, screen-capturing, and network-transferring files, even when they can edit the files.

Secudrive File Server prevents users from copying, printing, screen-capturing, and network-transferring a file in a shared folder of a file server, even when users can edit the file. Moreover, it makes it possible to filter and sort when and where a user can create, modify, copy, transfer, and delete a file, making it very useful for auditing as well as real-time monitoring. Secudrive File Server can keep file servers secure as a collaborative workspace from insider threats and can be considered the final step in file server security.