It amazes me how many people think email is a great way to send sensitive documents across the Internet. Besides the fact it isn’t safe since email is not encrypted, the fact is most mail servers are limited in the size of attachments that you can send. If an architect has an enormous AutoCad file that the builder needs it just won’t make it through email. Or when a doctor needs to exchange patient X-ray data with a secondary hospital. Or when an IT team needs to move a virtual server VHD across a DMZ. There are lots of scenarios where you need a better way.
So what is a good way to share files, so you can be sure your colleagues, peers and clients can access large sensitive files securely? Everyone has their favorite cloud solutions, like SkyDrive, Dropbox, Citrix ShareFile or Box.net. Each one of these solutions has benefits and drawbacks, mostly around custodial control over the data while at rest, and the permission based system to access the information when it is stored in the Cloud. They work really well, and are relatively inexpensive. Sometimes free. But you still aren’t in control of the data.
We recently had a customer come to us needing even greater control. They wanted a solution that they could control on servers they manage, but through commercial software designed for sharing files on the Internet. And they wanted an identity proof through AuthAnvil Two Factor Auth before they could access the information. The simpler, the better.
They had been using LiquidFiles for some time, but knew the solution did not support AuthAnvil, or any kind of two-factor authentication. This is a hardened SELinux virtual appliance that has a custom web interface that allows you to share files from your DMZ, assigning access privileges on a per user basis, temporarily or permanently. The also support public access as necessary. All protected with traditional passwords. The client needed a stronger solution and didn’t want to manage client passwords, and asked Scorpion Software to work with LiquidFiles to find a solution.
Our recommendation to LiquidFiles was to consider implementing SAML, and pointed them to our Developer Center for further resources. And they did just that. In less than two weeks they implemented, tested, and released an update that supports single sign-on (SSO). This allows them the ability to expand support to any authentication vendor that uses the industry standards of SAML, and allows our mutual client to implement LiquidFiles with AuthAnvil. Since AuthAnvil Single Sign On (which works with SAML) uses AuthAnvil Two Factor Auth for strong two-factor authentication, our client was able to get the added benefit of the identity assurance proof that they need when allowing their clients and partners access to sensitive files without having to know or remember another password that could be shared, stolen or guessed.
Kudos to the team at LiquidFiles for turning around this implementation so quickly. We have published an implementation guide that explains how easy it is to configure AuthAnvil Single Sign On to work with LiquidFiles. So if you need to share sensitive files across the Internet and want to stay in control of the data, consider looking at the use of LiquidFiles with AuthAnvil.
Enjoy.
Comments