Well over 200,000,000 people across 250,000-plus organizations use Microsoft SharePoint. That's a lot of data and a lot of files. SharePoint is arguably the most common document library software in use today. It holds an array of document types – many of which are based upon Microsoft applications such as Office docs.
The move to the cloud dramatically boosted SharePoint usage. There are now well over 1,000,000 organizations using Microsoft Office 365 (now called Microsoft 365) worldwide, and it is closing in on over 300 million end-users. A good portion of these companies and end-users store their documents in SharePoint.
Check this 2-minute video and see MOVEit managed file transfer in action.
And these files don't just sit in SharePoint, but get moved around all over the place – to your company's partners, customers and all sorts of organizations. That's where security and compliance problems begin – if lots of these files move to lots of places, that can be sheer chaos. Which file went where and to whom, and was it sent safely? Was it encrypted in transit and at rest? Is there a way to track that the file was sent and received – and to know all this was done properly?
Meanwhile, experts find that 58.4% of critical data is in Office documents, and many of these files are held in SharePoint. These documents, containing confidential and compliance-regulated information, are too often transferred from SharePoint outside of your organization without any semblance of proper security.
Insecure, unmanaged SharePoint file transfers can be like the Wild, Wild West, opening your business up to potential data leakage, breaches and expensive and messy compliance violations. So, what can be done to manage and secure file transfers within your SharePoint environment?
The Big, Fat Enterprise SharePoint File Transfer Problem
Thousands of SharePoint customers fall under compliance regulations, and these enterprises represent a who's who of the world's largest corporations. The Association for Information and Image Management (AIIM) finds that up to 80% of Fortune 500 companies rely on SharePoint as their main communications, Intranet and collaboration platform.
Smart enterprises, especially larger companies that fall under compliance regulations, have turned to secure ways to transfer files – largely through Managed File Transfer (MFT) software such as MOVEit from Progress. This technology can be set up to transfer ALL the files that need to be sent securely. The idea is to do away with end-users deciding how to transfer files and often running afoul of compliance regulations – or even worse, having that data compromised – and instead have them use MFT for all file transfers. Once the system is in place to transfer all confidential information, workflow and automation can make file transfers either a snap of the fingers, or done even without any human intervention at all.
If your organization has confidential files that need to be sent, protection is not just nice to have – it is clearly a must. The good news is that the solution you adopt to handle these file transfers can also encompass SharePoint documents, drastically increasing your data loss prevention, stopping data breaches and keeping you in check with all major compliance regulations.
If you have not already adopted Managed File Transfer, SharePoint is a great place to start. Once those files are protected in transit and at rest, whether from on-premises or online versions of SharePoint, you can apply that same security to confidential files from other sources.
Step One - Face the Problem Head-On
The first step in dealing with file transfer safety is understanding that there is a problem and acknowledging that transferring SharePoint files willy-nilly is a disaster waiting to happen – if it hasn't happened already. What regulations does your company fall under? What type of confidential information does your company have in-house, what applications does it reside in, where are these files and how are they being transferred today? Without clear policies and established technical solutions to secure these file transfers – it is time to consider a new approach.
Step Two - Discover the Extent of the Problem
Next, analyze what files you're sending and what people are involved in these practices. How many of these files contain confidential information such as personally identifiable information (PII), health information and other data you don't want cybercriminals to see? You may have guidelines for how employees send these files around, or have even implemented solutions you think are secure such as FTP-based file transfers – but neither of these approaches give you the full protection your organization needs.
Step Three - Conduct a Full Investigation
Once you have a general idea of where your confidential data is and how it is being passed around, it is time to dig deep and do a full-on on-prem and cloud file analysis. The idea here is that you can't protect confidential files that you don't know exist. This is a broad process, but isn't it better for you to discover that confidential information is being mishandled than for the regulators to come knocking at your door?
Step Four - Think About Secure File Transfer
Chances are these three steps have convinced you that your organization needs a better way to transfer confidential files. Now it is time to think about secure file transfer, often known as Managed File Transfer (MFT). This approach eliminates all the worry over file transfer security, whether it be with customers, users, partners or related IT systems. These files are secured both in transit and at rest, and are fully tracked so you can document that they were sent and received – and that the entire process was secure.
Step Five - Think About Automated File Transfer
Even medium-sized companies transfer hundreds of files every day, which equals hundreds of opportunities for cyber criminals to steal your information. Having a file transfer solution doesn’t mean that these hundreds of files will all be sent in that fully protected way. That needed security can be addressed through automation which ensures consistency and eliminates the possibility of human error. When there are common file transfers, like ones between your company and a partner, a workflow can be created so that those files are sent automatically with protections in place. Files that are not sent as a regular process can still be sent in an ad hoc manner, and since they are sent through the MFT – are done in a thoroughly secure way.
The MOVEit Automation solution lets customers easily build automated file transfer workflows to upload or download documents and files both into and from SharePoint on-prem and online document libraries, and do so without any scripting.
Step Six - Think About Trackable and Auditable File Transfer
When compliance auditors come calling, they want to see how confidential files have been handled. Aside from that, you'll feel safer knowing what happened with each and every file transfer. Fortunately, MOVEit includes a Tamper-Evident Audit Trail. This keeps an audit trail of all file transfers and each administrative action. The logs themselves are protected, as each entry is cryptographically chained, so any log-tampering attempts are made evident. You can even schedule tamper checks which can be run both automatically and manually.
Step Seven - Consider MOVEit from Progress to Solve Your SharePoint File Transfer Woes
MOVEit Managed File Transfer can access files in online and on-prem SharePoint locations. Any file held in any SharePoint location can be part of a MOVEit workflow. Not only can the file be sent automatically, but it maintains complete auditability, trackability and full security – all without PowerShell scripting.
For full details on all of these features, check out the release notes for MOVEit Transfer and MOVEit Automation, or visit our What’s New page. You can also try it yourself for free, or join us for a live webinar to see it in action.
Conclusion - Customer-Driven Development
SharePoint integration, like many great product ideas, was a feature created in response to customer requests – and came from the Progress Idea portal for customer enhancement requests. In fact, most of the ideas behind new versions of MOVEit come directly from MOVEit users. Progress is dedicated to continually improving MOVEit to serve the secure managed file transfer needs of our customers.
Learn More About Managed File Transfer and Sharepoint
Get more details on MOVEit and SharePoint by reading Connecting to SharePoint Online in MOVEit Automation, or our blog Fast and Flexible SharePoint Workflows with MOVEit.
Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.