Secudrive File Server: A File Server Data Loss Prevention with Digital Rights Management
written by Simon
Most organizations have file servers: Even small ones usually have at least one file server. However, larger ones have multiple file servers for teams or task-forces. File servers are storing sensitive files such as customers’ privacy, proposals for bids, drawings for new product development, and, etc. multiple users such as employees, consultants, contractors, partners share the information. Therefore, it is imperative to establish and manage intricate and assured security system to prevent both accidental and intentional data leaks.
Secudrive File Server manages user rights by using Data Rights Management (DRM) technology to prevent data leakage from Windows file server. Even though a user has permission to access to a file server, Secudrive File Server makes it possible to prohibit the user from copying or transferring a file from the server to anywhere out of the server. It whitelists applications to use specific applications and not to use an unknown one on the file server so that it can protect file server data from a ransomware attack. It filters file activity logs by users so that it can enable an administrator to monitor user activities at a glance and to use them for post audit. It can be installed on an existing file server keeping existing Windows Active Directory(AD) environment so that existing shared folder, user, group, and permission can be utilized without any additional operation. Finally, it supports Microsoft Distributed File System(DFS) to manage remotely and collectively scattered multiple file servers in an organization.
Data loss prevention using DRM. Secudrive File Server can restrict user rights for copy, print, screen-capture, and network-transfer which cause data leakage from a file server. It can block all ways relating to copy such as ‘copy and paste,’ ‘save as,’ ‘clipboard copy’ as well as general ‘copy.’ Clipboard copy on a file server can be exceptionally allowed for productivity. Print can be prohibited, or only water-mark printing can be allowed for post audit. If screen-capture is blocked, not only ‘print screen’ as a basic function of Windows but also screen capture trial by using a third-party sniffing tool does not work. Finally, it can also prohibit network-transfer by using ‘copy to web’ which can copy to the public cloud like ‘OneDrive.’
Ransomware attack prevention using application whitelisting. Prohibiting user rights using DRM technology works only if a user uses specific applications which are supported by Secudrive File Server. Secudrive File Server offers supportive applications including computer-aided design(CAD) files as well as various Office files, and then an administrator can whitelist apps among the list. By doing so, other applications including ransomware except the whitelisted are blocked from being installed and run on the file server so that the file server can be protected from ransomware attacks. An administrator also whitelists domains, IPs, and ports for network-transfer, if he/she enables a user to save a file onto a groupware in the intranet.
User and file activity log monitoring. An administrator can monitor detailed file activity logs on when a user creates, modifies, deletes, copies, prints, screen-captures, and network-transfers a file as well as user activity logs on when and where a user accesses a file server. If file transfer out of the file server is allowed, the transferred file can be automatically backed up, and the log can be left for post audit.
Easy installation and operation while keeping existing system. Secudrive File Server can be added to the existing file server(s) keeping existing settings relating to information on users, folders, groups, and permissions. Secudrive File Server shows existing shared folders and enables an administrator to choose one among them and change it to ‘a secure shared folder’ on which DRM policy for users can work. Secudrive File Server also provides an easy user interface to add, modify, and delete a user, a folder, a group, and permission in an administrator’s console.
Compatible with enterprise environment. Secudrive File Server is compatible with AD environment so that existing AD environment can be maintained without any modification. It supports Windows Distributed File System to remotely and collectively manage scattered multiple file servers at a glance in large organizations.
Secudrive File Server could be an easy and efficient data loss prevention solution for a file server(s) with DRM technology so that it can make file server(s) a secure cooperative workspace for enterprises by protecting data from insider threats as well as outside attacks. Secudrive provides more detailed information and 30-day free trial of Secudrive File Server from its website.