Most web-based software solutions struggle to find a balance between security and usability. So does ShareFile. Our design, marketing, product and security teams often engage in a continuous and iterative process to find that sweet spot between security and usability, which is usually a moving target.
That said, how secure is “secure out of the box” anyway? Not always as secure as you’d like to think. Default security settings are usually focused on increasing active use and reducing the amount of time it takes a user to get up and going. Such settings are generally designed to keep security from interfering with a perfectly good customer experience. As a result, it is unlikely that all default security settings are always compatible with a privacy- or security-focused organization operating in a compliance-burdened environment.
Citrix ShareFile supports more than 25 unique customizable security settings, most within the administrative user interface. Here are 5 of them that you likely did not know you can control yourself.
1. Remote Lock Account
— Have an employee no longer employed with the company? Lock his or her account on a device to prevent the employee from accessing the ShareFile data there. The data remains on the device unless you remote wipe the account from the device.
2. Remote Wipe and Revoke Device
— Left a mobile device such as a smartphone or tablet in a vehicle, train or plane? Gotcha covered. Remotely wipe a user’s account from a device to remove the ShareFile data from it the next time the device connects to the account. And revoke the device just to be sure.
3. Multifactor Authentication (MFA)
— Set up a multifactor (or strong) authentication process that requires both the password and a secondary authentication, such as Google Authenticator or SMS text message, to access the account. ShareFile supports various two-factor and two-step authentication methods including forms and token-based authentication as well as SMS, voice and backup codes.
4. Single Sign-On
— Take full advantage of having a strong access removal process tied to directory access and integrate ShareFile into it. ShareFile supports Security Assertion Markup Language (SAML) 2.0 for single sign-on and integrates with most SAML-compatible identity management solutions.
5. Mobile Application PIN Lock or Password
— Don’t trust the mobile device PIN indicated by the grease pattern on a phone or tablet screen to secure your data? Require a PIN or password to access files. Files downloaded after the PIN or password is configured are encrypted by the application on the device. Administrative users can require PIN lock or password.
These are just a handful of technical security measures that ShareFile makes available to end users and administrators to customize their ShareFile accounts and protect their data. Spend a little time to explore additional settings and configure your account according to your security and privacy preferences. And don’t settle for the defaults!
Do you use any of these settings or others on ShareFile? Why? Feel free to comment below or let us know on Twitter @ShareFile.