Archive for the ‘Security’ Category

FileCloud Recognized in List for “Top 10 Content Security Providers 2022”

FileCloud was recently named in the GRC Outlook’s listing of Top 10 Content Security Providers for 2022. This list, compiled by a panel of experts, assessed solutions that protect client-side environments using content security strategies.

Securing Content in 2023

Ransomware and cyberattacks are becoming more sophisticated, prevalent, and expensive. An IBM report on data breaches revealed that a data breach in the United States costs, on average, $9.44 million. (Data breaches globally are lower, with an average cost of $4.35 million.)[1]

Having a layered defense in place, like firewalls, antivirus scanning, end-to-end encryption, and two-factor authentication, help reduce the attack surface of an environment. However, creating a comprehensive content security policy takes resources, time, and expertise to implement, which can serve as barriers to small businesses or enterprises with complex infrastructure.

Furthermore, there are many solutions on the market, ranging from singular plug-in style solutions to comprehensive platforms that provide an all-in-one experience.

Picking the solution that meets your business needs is a challenge, especially when trying to balance against budget, ease of use, vital functionalities, and future needs in line with business growth.

GRC Outlook Magazine is here to help clients do just that – evaluate all the options throughout the market to identify the best solutions serving governance, risk, and compliance (GRC).

What is GRC Outlook Magazine?

GRC Outlook Magazine evaluates emerging trends, frameworks, tools, and systems that address compliance and security requirements across industries. The magazine serves as a resource for CIOs and CISOs, with experts making up the editorial team, including industry veterans, editors, and cybersecurity specialists.

The Top 10 Content Security Providers for 2022 list focuses on solutions that secure client-side infrastructure using innovative technology that adequately responds to emerging cyber threats and trends. FileCloud is delighted to be recognized as a comprehensive solution that supports clients and end users in establishing and maintaining a robust content security framework.

You can read the full issue from GRC Outlook Magazine!


GRC Outlook Magazine Issue Cover


Why FileCloud?

FileCloud’s mission is to build a hyper-secure content collaboration and processes platform that customers love to use. The FileCloud solution aims to give IT admins fine-tuned controls over the environments they’re tasked with maintaining, while also providing a flexible and easy-to-use platform for end-users. Functional use is married seamlessly with cutting-edge security tools and systems.

As a comprehensive solution, FileCloud provides an array of choices so you can deploy FileCloud in the manner that best meets your needs. Choose between cloud, hybrid, or on-premises environments, with additional configurations to meet government regulations. Run FileCloud on a FIPS-enabled environment, opt for maximum security with 256-bit AES encryption, or deploy in GovCloud for a compliant, cloud-enabled solution.

Selecting your deployment model is only the beginning. FileCloud incorporates powerful security features, so you maintain control over your data without sacrificing user experience. Features include:

  • AES 128- or 256-bit encryption for data at rest
  • SSL/TLS encryption for data in transit
  • Comprehensive, unchangeable audit logs
  • Built-in and custom reports
  • Two-factor authentication
  • Role-Based Access Controls (RBAC)
  • Security policies
  • Endpoint protection
  • Granular file and folder permissions
  • Antivirus scanning and ransomware protection
  • Single-Sign On (SSO) and SIEM integration
  • Compliance support (HIPAA, GDPR, ITAR)
  • Zero Trust File SharingSM

Zero Trust File SharingSM

Zero Trust has become a hot topic when it comes to cybersecurity trends for 2023. We wrote a blog post about it, discussing how Zero Trust is being emphasized as the leading strategy to address cybersecurity concerns.

FileCloud understands how important a Zero Trust approach will be when it comes to securing sensitive data. That’s why we developed and recently launched our newest feature: Zero Trust File SharingSM.

End users can create and share Zero Trust files and folders, expanding on FileCloud’s hyper-secure collaboration potential. This new feature enables seamless coordination between internal and external teams. Clients, stakeholders, vendors, and partners benefit from easy access, while employees maintain control over data within a Zero Trust framework.

Zero Trust File SharingSM functions via FileCloud Zip file support to provide perimeterless security for data in transit in three easy steps:

  1. Create a Zip file
  2. Add password-protection
  3. Upload the necessary data

Users can then update, view, and even share Zip files with collaborators, much like any other file or folder in FileCloud. The Zero Trust password is never stored in FileCloud, ensuring that data is protected in case of a breach.

Shared Zip files can be set with read-only or read-write permissions. Users with read-only access can preview or download files. Users with read-write access can preview and download files, as well as add or delete files.

Interested in exploring FileCloud? Sign up for a free trial or schedule a demo!


Article written by Katie Gerhardt, Junior Product Marketing Manager




Zero Trust will be the Leading Strategy for Cybersecurity and Risk Management in 2023

DoD and Forrester emphasize role of Zero Trust as cybersecurity strategy

Strengthening Vulnerable Cyber Infrastructure

Zero Trust has entered the cybersecurity fray as a leading solution to mitigate and reduce vulnerabilities. This strategy is relevant for IT infrastructure all over the world: a recent Radware report establishes that over 99.5% of global organizations deploy applications in the public cloud[1].

However, public and multi-cloud environments pose significant risks when it comes to data leaks and breaches. The same report states that “69% of organizations can trace data breaches or data exposures to inconsistent application security configurations across the different public cloud platforms.”

Both the public and the private sector have already witnessed how expensive these breaches can be, in terms of lost productivity, reputational damage, IT repair/mitigation, and ransom costs.

Sophisticated Cyberattacks

Incidents like WannaCry in 2017 showed just how strong an impact cyberattacks can have, with computers in over 150 countries affected[2] and an estimated cost of $4 billion globally. The ransomware spread across industries as well, including healthcare, education, manufacturing, financial services, and telecommunications.

Costs associated with cybercrime have only increased in the years following, with larger entities targeted. Research collected by Ivanti showed that ransomware has increased by 446% since 2019[3]. In 2022 alone, major organizations like the Red Cross[4], Toyota[5], Twitter[6], and CashApp[7] have reported breaches, with records in the tens of millions affected. The Irish Data Protection Commission recently fined Meta[8] for GDPR violations to the tune of €265 million for exposing PII of over 533 million users.

Threat of Pipedream

In April 2022, the Department of Energy, the Cybersecurity and Infrastructure Security Agency (CISA), the NSA, and the FBI issued an advisory for a malware toolkit dubbed Pipedream[9], “the most versatile tool ever made to target critical infrastructure, like power grids and oil refineries.” This toolkit was designed to target and cripple industrial control systems in critical infrastructure sectors.

Dragos, an industrial cybersecurity firm that helped analyze Pipedream, affirmed at Forrester’s 2022 Security and Risk conference[10] that cyber-attacks are increasingly being carried out by nation-states, targeting critical infrastructure sectors, including chemical, manufacturing, and energy plants.

Thankfully Pipedream was evaded by proactive cybersecurity measures and patches before it could be maliciously deployed. However, this is one example of how cybercrime will be used by nation-states, with the trend likely to increase as cyberattack strategies are improved. By carrying out remote attacks, nation-states can potentially debilitate and undermine another country’s ability to react and defend, all while denying responsibility.

It’s a new phase of warfare that isn’t all that new – countries have always used shadow entities to handle less than savory missions; software has simply become the most recent tool of choice.

Modern Problems Require Modern Solutions: The Dawn of Zero Trust

In their keynote address at the Forrester Security & Risk Conference, Renee Murphy and Allie Mellen cited internal reports that revealed “business continuity is the number one priority for cybersecurity teams over the next 12 months.”[11] The overlap between business continuity and cybersecurity is trust. Yet it’s not enough for businesses to have a robust cybersecurity strategy; they must also have consumer trust.

7 Levers of Trust: Accountability, Consistency, Competency, Dependability, Empathy, Integrity, Transparency

Ironically, the way we build consumer trust is by establishing a policy of not trusting anyone, otherwise known as Zero Trust. This framework is highlighted as the leading strategy to ensure business continuity by preserving consumer trust and effectively responding to evolving threats. It accounts for the evolving and fluid nature of the network edge, otherwise defined as the point of connection between a device or local network and the internet.

Connections between devices, applications, and cloud, on-prem, and hybrid networks are only increasing, which makes this network edge vulnerable. Organizations must also factor in remote work connections, hybrid cloud networks, and increased risk of cyberattacks or malware exposure. These connections and risk factors make securing the network edge ever more difficult for system admins.

How Does Zero Trust Work?

Zero Trust is a system of “least privilege” where users only have access to the data they absolutely need. This permission must be actively enabled or allowed, and the default status is to deny access. This ensures no unauthorized access to sensitive or confidential information.

A Zero Trust framework operates on a principle of continuous identity verification and least privilege access. In effect: anyone accessing the network must be authenticated (not just once, but consistently) and they will only have access to the data they absolutely need (to contain the damage in the event of a breach).

One of the major benefits of Zero Trust is that it provides protection against possible data leaks and breaches, including those stemming from insider threats. Joseph Blankenship, Research Director at Forrester, stated that “26% of data breaches are caused by insider incidents, most of which are malicious”[12].

Forrester Analysis of Zero Trust

Over the next three years, Forrester analysts anticipate that the weakest points of IT security will remain individuals, with a need for identity-focused protection (“identity as a perimeter”)[13].

As part of the Forrester panel on insider risk, Dr. Caputo emphasized that adversaries are looking for targets inside organizations struggling with psychological-financial strain: “it’s not how much debt someone has, but how that debt makes them feel.”

This is where the full concept of Zero Trust shines, not just as a technology solution but as a cultural mindset. By using a model of least privilege and repeated verification, granting data access can become a more granular process. Stronger, built-in controls and protections help make processes around using data and collaborating with teams more secure, without compromising productivity.

Department of Defense Embraces Zero Trust

The U.S. government has been hinting at their investment in an updated cybersecurity strategy across various departments for several years:

  • 2018 – CISA formed as a branch in the Department of Homeland Security to focus on the government’s official cybersecurity posture.
  • 2020 – Cybersecurity Maturity Model Certification (CMMC) program launched by the DoD.
  • 2021 – an Executive Order was issued, mandating investment and restructuring of federal information security systems.

The Executive Order explicitly included references to Zero Trust framework as part of the updated cybersecurity solution. CISA advisories have also urged government and private sector organizations to begin developing Zero Trust security strategies.

Most recently, the Department of Defense released their Zero Trust Strategy and Roadmap for implementation by FY 2027. This roadmap includes base level and advanced Zero Trust targets across seven pillars: user, device, application & workload, data, network & environment, automation & orchestration, and visibility & analytics.

7 Pillars of Zero Trust by US DoD

Other government departments will follow suit to create comprehensive security for the entire network surface, along with global and local governments and the private sector.

This adoption cascade will create a more resilient, responsive cybersecurity network across industries, sealing dangerous loopholes and preventing data leaks that could possibly lead to catastrophic data breaches. Zero Trust is the framework that provides both a technological and cultural goal post for the coming years.


Article written by Katie Gerhardt, Jr. Product Marketing Manager



[1] Radware. “Application Security In A Multi-Cloud World.” Retrieved 29 Nov 2022 from

[2] Kaspersky. “What is WannaCry Ransomware?” Retrieved 29 Nov 2022 from

[3] Louis Columbus. VentureBeat. 20 Oct 2022. “Ransomware vulnerabilities soar as attackers look for easy targets.” Retrieved 30 Nov 2022 from

[4] International Committee of the Red Cross, 24 June 2022. Retrieved 29 Nov 2022 from

[5] James Coker. InfoSecurity Group. “Toyota Reveals Data Leak of 300,000 Customers.” Retrieved 29 Nov 2022 from

[6] Twitter. 5 Aug 2022. “An incident impacting some accounts and private information on Twitter.” Retrieved 29 Nov 2022 from

[7] Trend Micro. 7 Apr 2022. “Cash App Suffers Data Breach Affecting 8.2M Customers.” Retrieved 29 Nov 2022 from

[8] Sumeet Wadhwani. Spiceworks. 29 Nov 2022. “Meta Fined $275M for Failing to Protect the Data of 533M Facebook Users.” Retrieved 29 Nov 2022 from

[9] Andy Greenberg. WIRED. 13 Apr 2022. “Feds Uncover a ‘Swiss Army Knife’ for Hacking Industrial Control Systems.” Retrieved 29 Nov 2022 from

[10] Robert Lee. Forrester Security & Risk Conference. 8 Nov 2022. Keynote Address: “ICS Threats: From Pipe Dream to PIPEDREAM.

[11] Renee Murphy and Allie Mellen. Forrester Security & Risk Conference. 8 Nov 2022. Keynote Address: “Securing the Future: Geopolitical Risk will Redefine Security Strategies for the Next Decade.”

[12] Joseph Blankenship (Forrester), Alla Valente (Forrester), Dr. Deanna D. Caputo (MITRE), Ryan Boyer (CISA). Forrester Security & Risk Conference. 9 Nov 2022. Keynote Panel Discussion: “Insider Risk Reduction Requires Two Parts Culture, One Part Security.”

[13] Laura Koetzle. Forrester Security & Risk Conference. 9 Nov 2022. Keynote Panel Discussion: “Take a Zero Trust Approach to Threat Prevention, Detection, and Response.”

Air-Gapped Networks and FileCloud Secure Sensitive Data

For companies, organizations, and governments that require absolute security for data, air-gapped networks seem like an obvious choice. This is especially true with the rising rates of cyberattacks, which are becoming ever more costly (think billions of dollars globally) between lost profits over frozen assets and ransoms paid.

This is where an air-gapped network comes into play. Simply put, you can store your data on an internal network that is physically separated from other networks (air is between the servers and other network hardware). There are also no wireless connections to other networks (especially the internet).

An air-gapped network is a compelling solution for organizations handling confidential or sensitive information, like health data, bank records, or defense supply chain schematics.

With this physical separation, your data should stay safe in your isolated network “island.”


Well, no actually. Let’s dig into what an air-gapped network actually is – then we can understand the challenges that come with using them to secure data in our modern, ultra-connected network landscape.

What is an Air-Gapped Network?

An air-gapped network is a security measure that isolates and limits computer systems from accessing other networks, including unsecured networks such public internet or local area networks. These air-gapped networks are used for systems that require high security to limit breaches and data leakage.

As mentioned above, the traditional air-gapped network is one that physically separates servers from other day-to-day network infrastructure. These servers are usually themselves housed off-site, in a data center or server farm, behind locked doors and gates. This effectively isolates data storage, so that it is safe and secure on this designated “island.”

Often, these air-gapped networks are used for backups, but they can also be used as primary working spaces for groups that handle confidential, classified, or extremely sensitive information.

This data doesn’t exist just for the sake of itself though – people need to leverage data to achieve projects, deliver insights, and provide services. So how do you balance the need to access data with the need to secure it? The more access points you provide, the easier it is to leverage data, which is what you want. At the same time, the more access points, the more vulnerabilities.

The problem is that to use data stored in a traditional, air-gapped network, people must physically connect or even quite literally travel to your “island.” They also can’t leave your island to work on other resources or bring in other data, unless they physically import it. In this case, the import mechanism is likely a dongle or USB drive.

You’re already seeing the problem, aren’t you?

Not only do traditional air-gapped networks create significant access barriers, they also leave the door open for human error or exploitation.

An Air-Gapped Network that Protects and Connects: a Paradox?

The advent of technology has created more modern deployments of an air-gapped network. For example, air-gapping can be achieved within the same network if devices or hardware are physically disconnected. That still invites the issue of people needing to physically access the isolated hardware to view existing data or import new data.

There are also logical air-gapped networks, in which software tools such as role-based access controls and encryption are used to create protected zones within a network. This solution is based on the concept that when bad actors break through (not if), they will not be able to make sense of the data or use it against the original owners.

Maintaining control over data is the name of the game. Physical air-gapped networks are no longer the winning solution though. As with most other avenues in the IT world, we have learned that a combination of hardware and software can help create layers of security. In fact, the industry standard has heavily tilted toward software solutions, thanks to the impact of cloud technology.

The problem now is figuring out the right software solution that can either fit into an air-gapped network strategy or that can support one.

Solution #1 – Create Your Own Software Solution

If a company or organization has a whole team of IT specialists, they can create a unique solution from the ground up that meets their exact needs and specifications. That could work for a while.

The downside? It will be incredibly expensive though and likely difficult to handle as software ages. The IT team either has to proactively improve and expand core functionalities or outsource. However, legacy software tends not to play nice with external tools or feature integrations. Over time, this makes the software less useful. The “ease of access” erodes.

So, all that effort down the drain, and at the rate of technological development, that timeline could be as little as three years.

Solution #2 – Opt for an Integrated Cloud Solution

You could go with a cloud technology solution, which would handle all the maintenance and upgrading for you. A commercial solution would also have the resources to actively create new functionalities and expand integration potential. Ease of access and maintenance: check.

The convenience and storage fees though will eat up an increasing percentage of your budget. A business could go bankrupt trying to scale operations within a cloud solution, especially if they handle a lot of data.

Not to mention, many of these cloud providers can’t provide air-gapped networks, even logical air-gapped networks, because they own the data you store. If it’s in the public cloud, that data is beyond your control. For optimal security and data control, the cloud just isn’t an option.

FileCloud: An Air-Gapped Network Solution that is “Just Right”

FileCloud is the solution you’re looking for. It combines the best of both worlds as an on-premises, self-hosted solution that can be deployed within an air-gapped network while ensuring ease of access for authorized users.

Read our white paper to learn more about air-gapped networks and how to supercharge your hyper-secure access with FileCloud!

We’ve got pro-con lists, we’ve got diagrams, we’ve got technical breakdowns for different scenarios – it’s all here in the white paper.

Download our White Paper to learn how FileCloud works with Air-Gapped Networks.

Air-Gapped Networks with FileCloud - Diagram

If you need more convincing though, here are some of the amazing things you can do in FileCloud. These features can help optimize how you use your data, all while maintaining (and even strengthening) security.

Identity Authentication

The hyper-secure platform provides identity authentication settings such as two-factor authentication, active directory and LDAP integration, Single Sign-on (SSO), and SIEM support.


Even if someone tries to steal data, it doesn’t mean they can view or even use what they’ve taken. 256-bit AES encryption secures data at rest and TLS/SLL protocols encrypt data in transit. You can also run FileCloud in FIPS mode, which uses FIPS-level encryption on a FIPS-enabled operating system, for extra security and compliance with regulations.

Granular Permissions

Granular file and folder permissions ensure only authorized users can access certain data. Sharing can also be tightly controlled, through public or private sharing, password-protection, and expiry dates.

Controlled Sharing

Sharing can be carefully monitored by Admins through Data Leak Prevention (DLP) rules that can override any attempted shares with unauthorized users or alert the admin. Maintain control over data even after sharing with FileCloud’s Digital Rights Management feature.

Admin Powers

Admins can also create Admin-users or modify user permissions with role-based access controls (RBAC). This ensures department heads or directors can manage their teams and data access, even as the Admin maintains global controls and protections.

Remote Device Management

This global control extends to connected devices and user accounts. Upon suspicious activity, Admins can block users from access and even remotely wipe devices. No more worrying about that USB you left in the airport or a phone that went missing after being left out on a desk.

Reports & Logs

Admins have maximum visibility over user and file activity through the admin dashboard, where they can run reports, even create custom logs. All activity is captured in comprehensive audit logs that can be exported for internal review or external audit. This feature makes compliance assessments a breeze.

Key Integrations

FileCloud can even be integrated with common tools you already use, like Microsoft Word, Excel, PowerPoint, Teams and Outlook, OnlyOffice, Google Docs, Salesforce, Symantec, and ArcSight.

Check out the full FileCloud tour or sign up for a demo!


Article written by Katie Gerhardt, Jr. Product Marketing Manager


Back in Action – FileCloud Sponsoring International Trade Shows

After a long delay stemming from the COVID-19 pandemic, FileCloud is delighted to be sponsoring several trade shows in October.

We love showcasing FileCloud through client demos and webinars, but we’re even more excited to demo FileCloud in person! We’re also looking forward to meeting prospects, customers, and partners.

FileCloud is sponsoring two trade shows: GITEX Global and it-sa Expo&Congress.

GITEX Global: October 10-14, 2022 | Dubai, UAE

GITEX is a major conference for technology and innovation across business, society, economy, and culture. It has been branded as the world’s largest meetup for the developer and coding community to push the boundaries on what’s possible for technology.

Major exhibits and debuts will be taking place, addressing topics like artificial intelligence, cloud computing, cryptocurrency, 6G wireless connectivity, quantum computing, and startup innovations.

The GITEX mainstage is also where to find the metaverse debut, which will include a hands-on, live introduction to X-VERSE. This virtual reality ecosystem offers a spectrum of integrated solutions to suit over 20 business models.

The metaverse isn’t just for business either – GITEX will also be showcasing music and art shows as well as a virtual fashion show. Industry and tech leaders from Artisant, H&M, METAV.RS, Sensorium, Hololux GmbH, and Digital Twin Consortium will also be speaking.

GITEX is reporting that over 4,500 exhibitors, 800 startups, and 1,000 speakers will present, with 100,000 attendees, cumulatively representing over 170 different countries.

This specialized gathering gives industry leaders like FileCloud the opportunity to showcase products and collaborate on ideas, while building and strengthening important relationships.

You can find the FileCloud team at Booth #H6A-11.


it-sa Expo&Congress: October 25-27, 2022 | Nuremburg, Germany

it-sa Expo&Congress is Europe’s all-in-one exhibition, conference, and trade fair for IT security. Industry leaders, security providers, and managers come together to unveil new products, collaborate on ideas, and showcase services

This trade fair opens up discussion related to cloud and mobile security, data and network security, and critical infrastructure security. Over 600 companies will be represented, with novel solutions across consulting, services, hardware, and software.

Attendees can visit the open forums, which will host over 350 expert lectures presented by over 90 companies, organizations, and associations, on practical security knowledge. These lectures are a great way to glean information on trends and industry insights.

Meanwhile, the it-sa Congress will be hosting longer programs addressing specialized topics:

  • Trends in IT Security
  • Learnings from Incident Response: What matters in cybersecurity today?
  • Expert roundtable: cyber insurance versus IT security risk
  • External Attack Surface & Risk Management
  • Automated Services – Advantage through Technology & Automation
  • New ISO/IEC 27001 requirements: 93 times to rethink?
  • The truth about the (in)security of ID verification
  • Digital Identities: Smart, user-friendly and secure nonetheless?
  • And many more!

The it-sa conference is also a great place to discover promising startups. The ATHENE Startup Award UP22@it-sa was run as a live community poll through September 22. This award is granted to the best cybersecurity startup in Germany, Austria, and Switzerland – the winner will be announced at the conference!

You can find the FileCloud team at Nürnberg Messe, Booth# 7A-125.


Why is FileCloud Sponsoring?

FileCloud’s mission is to build a hyper-secure content collaboration and

processes platform that customers love to use. We are constantly looking for new ways to improve the platform and respond to developing needs across industries.

The increasing sophistication of cyber threats has reinforced the need for data privacy and security, even as networks become ever more connected. To increase data security and privacy, we want to make data harder to access.

However, if data is harder to access, it’s harder to put that data to work. This means delays, inefficiencies, and lost value (across productivity, market resilience, and/or profit).

Yet businesses and organizations around the world have been pressed to find a solution to this problem. This pressure comes not only from consumer advocacy and cyber threat damages but also from the advent of major regulations like GDPR. Regulations like GDPR recognize the rights of citizens to data privacy and sovereignty; organizations that do not comply face steep penalties.

The FileCloud Solution

Companies like FileCloud are finding unique solutions to this equation between security and access. The FileCloud platform emphases ease-of-use and access for authorized users. It provides admins and users the tools they need to share data and collaborate, all within FileCloud’s hyper-secure environment.

FileCloud can even support compliance requirements! The Compliance Center offers configurations for ITAR, GDPR, and HIPAA, which connects these complex requirements to features and settings within FileCloud. It’s an easy map for admins to ensure their FileCloud environment is compliant.

Of course, there are a lot more regulations beyond those three. That’s why FileCloud has a library of compliance support documents and white papers, covering regulations like NIST, FINRA, CMMC, SEC, GxP, CJIS, FDA Title 21, and more.

FileCloud University provides on-demand user and admin training, so you can leverage the full power of your FileCloud environment to secure your data. If you need more customized help, FileCloud also offers best-in-class support with our Professional Services that can help you configure your environment.

These are just some of the solutions FileCloud offers as an enterprise-grade content collaboration platform. Trade shows emphasizing security and innovation (like it-sa and GITEX) bring together a robust array of innovators, developers, and tech leaders. It’s an excellent opportunity for FileCloud to connect with our community, show off what FileCloud can bring to the table (or in this case, the booth!), and find inspiration for new directions.

Will we see you there?

Are you attending either of these events? If so, let us know and stop by our booths! We’d love to chat with our fellow community members on security, compliance, collaboration, and how FileCloud can answer these needs across industries.

GITEX Contact:     |     it-sa Contact:

We’re also handing out some commemorative (and useful!) gifts that can make your travel a little easier: take your pick from baseball caps, key rings, luggage tags, and mints!

Lastly, FileCloud is running a raffle at both events! Don’t forget to submit your information for the chance to take home a great prize. The winner will receive a Remarkable 2: the smart writing tablet that helps transcribe and organize your notes. It’s one more way FileCloud aims to make your work more efficient, accessible, and secure.


Written by Katie Gerhardt, Jr. Product Marketing Manager


Create an SSL Certificate in 5 Easy Steps

SSL certificates are a routine security recommendation when it comes to hosting data on a server. Specifically, SSL certificates enable end-to-end encryption for web servers when it comes to data transfers with HTTP protocol. This security is typically displayed by changing a URL from http to https. An icon such as a padlock may also be used to visually indicate that the site or server is secure.

FileCloud is a content collaboration solution that can either be self-hosted on private infrastructure or hosted by us. For self-hosted instances, FileCloud recommends installing and maintaining an active SSL certificate. This is a significant measure you can take to provide greater security for your data.

This blog post will cover how to purchase, configure, and verify an SSL from a trusted third-party provider in five easy steps.

Step 1: Generate the CSR for the SSL Certificate

A CSR or certificate signing request is generated on the server where the SSL certificate will be installed.  The CSR is created by the Certificate Authority and contains the following information:

  • Legal name of the business or organization
  • Domain name
  • Identification for the person or unit responsible for managing the certificate
  • Geographic location (city, state, and country)
  • Email address

For these step-by-step instructions, we are using the domain name for demonstrative purposes.

To generate a CSR, run the below command in the windows CMD or Linux Shell:

  openssl req -new -newkey rsa:4096 -nodes -keyout example.key -out example.csr

Enter the required information to generate the CSR for the SSL:

  • Country Name (2 letter code): [AU]
  • State or Province Name (full name): [Some-State]
  • Locality Name (e.g., city, county): []
  • Organization Name (e.g., company): [Internet Widgits Pty Ltd]
  • Organizational Unit Name (e.g., section, division, department): []
  • Common Name (e.g., server FQDN or YOUR name): []

If you are generating a CSR for a wildcard certificate, then the common name should be *

Step 2: Purchase an SSL Certificate from the Desired Vendor

In this tutorial, we are purchasing a wildcard COMODO SSL from You can apply the same steps to any SSL vendor.

Log in to the platform of your selected vendor, then purchase the SSL.

Step 3: Configure and Verify the SSL

Click on “Configure SSL” and submit the CSR generated earlier.

Click on “Continue.”

After this step, you will see the information from the CSR and verify that the CSR mentioned is correct.

Choose an SSL approval method with one of the two methods:

  1. Add CNAME in the DNS record of the domain that requires an SSL
  2. Email approval

In this case, we are choosing email approval and the web server should be Apache.

Enter the admin email and confirm the admin email by re-entering it again as in the screenshot below:

Step 4: Complete Verification

If you chose email verification instead of DNS verification, you will be redirected to the SSL provider site to enter the confirmation email address.

Once you have completed the verification steps with the SSL vendor, you will receive an email confirmation for the SSL. This email serves as the verification and confirms the domain is under your control. There will be a link for the verification in the email; click the link and enter the verification code in the directed space.

Step 5: Download the SSL Certificate

After verification is complete, download the SSL certificate from the SSL vendor. Alternatively, an email may be sent to the admin email address with SSL certificates attached.


Once the SSL has been downloaded, install the SSL certificates on your FileCloud server by following our documentation, depending on your operating system: Windows | Linux. You can also check out this blog post, which provides a specific step-by-step example of how to configure and install a wildcard “Lets Encrypt” SSL Certificate with Ubuntu 20.04 LTS on a multi-tenant site.

With an SSL certificate in place, you can rest assured knowing your data in transit is encrypted, which creates another layer of protection for your important files and processes.


Article written by Nandakumar Chitra Suresh, Technical Support Lead | Edited by Katie Gerhardt, Junior Product Marketing Manager


Connect Your SFTP to FileCloud

What is SFTP?

SFTP stands for Secure File Transfer Protocol; it is a secured version of the File Transfer Protocol or FTP, which is itself part of the Secure Shell or SSH Protocol. As their names imply, these protocols are used to easily transfer data and access permissions over an SSH data stream.

As vulnerabilities were discovered and access points exploited, SFTP was developed from FTP protocols, ensuring the availability of a secure connection that can be encrypted to transfer files within and between local and remote systems. Files can be transferred using WinSCP and SFTP clients.

FileCloud is a fine-tuned, enterprise-grade file sharing, sync, and storage solution. Admins and users can leverage granular sharing permissions and user/group policies to protect their data and efficiently collaborate on files.

Considering the existing file sharing solutions within FileCloud and the hyper-secure features that are built into the platform, SFTP/SCP protocols are not directly supported by the FileCloud platform.

However, for clients and consumers who wish to use SFTP with FileCloud, the Solution Experts team has prepared instructions on how to access and leverage SFTP resources using a Linux-based FileCloud on-prem server.

Step 1: Set Up the Connection

Host Name (IP address): The Full Domain Qualified Name or IP address of the SFTP server you are going to connect to.

Username: used to access the SFTP resources

Password: used to access the SFTP resources

The user used for mounting the SFTP resource must have Read/Write permission to the resource.

Step 2: Verify Your Information

It is important to verify the details of your software so that you can choose the appropriate installation. Install the relevant SFTP client for your operating system. Windows, Mac, and Linux users can use the following solutions or another of their choice.

Connect to the SFTP server using the client and your collected credentials. The example below is using the WinSCP solution:

Press the “Login” button:

If your login process is successful, switch to the Linux server where FileCloud is installed.

Step 3: Prepare the Server

Ensure that the following packages are installed on your server. All operations are performed as root user.


[root@server01 ~]# yum install -y fuse-sshfs sshpass


[root@server02 ~]# apt install -y sshfs sshpass

Step 4: Prepare the Folder Structure

Create a folder: /NetworkShares


[root@server02 ~]# mkdir /NetworkShares

Then create a folder for the SFTP mount point:


[root@server02 ~]# mkdir /NetworkShares/sftp

Check the folder owner for the newly created folders to ensure they are owned by the Apache running user.


[root@server01 ~]# chown apache /NetworkShares -R


[root@server02 ~]# chown www-data /NetworkShares -R

Step 5: Perform a Manual Mount

Acquire the Apache UID:


[root@server01 ~]# id apache

uid=48(apache) gid=48(apache) groups=48(apache)


[root@s02 ~]# id www-data
uid=33(www-data) gid=33(www-data) groups=33(www-data)

Establish the manual test mount:


[root@s01 ~]# sshfs -o allow_other,idmap=user,uid=48  testsftp@  /NetworkShares/sftp/

Enter the password for testsftp@

The UID value here should be the UID of the apache/www-data user, though this depends on the Linux distribution.

Ensure the mount has been established:


[root@s01 /]# mount |grep sftp

The output should be similar to this result:

testsftp@ on /NetworkShares/sftp type fuse.sshfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other)

Check if resources are accessible:


[root@s01 /]# ls -al /NetworkShares/sftp

The file listing should be presented as seen below. All file owners should be Apache or www-data user (depending on the Linux distribution).

Step 6: Set Up Automatic SFTP Resource Mount After Server Reboot

Create a file containing a secret SFTP user password:


[root@s01 /]# echo ‘You_Super_Secret_Password’ > /root/sftp.pass

Create the /etc/fstab entry:

sshfs#user@sftp_server:/ NetworkSharessftp fuse ssh_command=sshpass\040-f\040/root/sftp.pass\040ssh,_netdev,rw,allow_other,reconnect,user,kernel_cache,auto_cache,uid=48,allow_other 0 0

The UID value here should match the UID of the Apache/www-data user, depending on the Linux distribution. (This should be one line in the fstab file, though it may be wrapped due to terminal settings.)

Perform a test command:


[root@s01 /]# mount -a



[root@s01 /]# mount |grep sftp

On the output, you should see your mounted SFTP resource.

Step 7: Expose the Resource in FileCloud

Login to the FileCloud admin panel.

Go to the “Network Folders” option and click the “Add” button.

Choose “Local Area Network”, then “Next.”

Enter the name of the Network Folder and click “Next.”

Select “Normal mount” and click “Next.”

Enter the path to the mounted SFTP resource (/NetworkShares/sftp) and click “Next.” The path is case-sensitive!

Select “Use assigned permissions” then “Create share.”

Assign a user or group to this share, and click “Finish.”

The shared path will be displayed in the list. You can always manage permissions by clicking on the edit icon:

When users assigned to this share path log in to their FileCloud, they will be able to see and access the Network Folder.


FileCloud is a powerful, hyper-secure content collaboration platform (CCP) with a wide range of features, integrations, and customization options. FileCloud’s mission revolves around creating software that customers love to use, which means supporting the tools and protocols customers prefer, including SFTP.

With these step-by-step instructions, you can integrate your FileCloud environment with your SFTP shares, so you can collaborate with internal and external teams. Use your established folders, permissions, and processes while discovering how FileCloud can support your security, governance, and collaboration goals.


Article written by Marek Frueauff (Solutions Architect) and Katie Gerhardt (Junior Product Marketing Manager)


Continuously Improving FileCloud – 21.3.6 Release

FileCloud’s Commitment

FileCloud’s mission is “to build a hyper-secure content collaboration and processes platform that customers love to use.”

Part of making software that customers love is investing in quality assessment and continuous improvement. It’s a cohesive and collaborative process, roping in engineering, QA, sales, marketing, and leadership teams.

We also depend on our clients and users, who provide amazing feedback not only on opportunities for improvement but also desired features and functionalities.

These elements of the software journey are captured in our stated values:

  • Be Customer Centric – Without our customers, FileCloud wouldn’t exist. That’s why they’re always our top priority.
  • Get Work Done – We achieve great results through our resourcefulness, hard work, and drive for perfection.
  • Innovate with Global Mindset – We have a vibrant mix of cultures and ideas that constantly encourage growth and innovation.

Release Details

There are a few exciting developments in the pipeline for our upcoming 22.1 release, including highly requested functionalities.

In the meantime, FileCloud has been putting in a lot of work behind the scenes to harden security and functionality across the server, Sync and Drive clients, and ServerSync.

The 21.3.6 release in July included many improvements for the FileCloud server, including streamlining recycle bin deletion, optimizing processing by cutting out feedback loops, removing visibility on password entries, and ensuring the functionality of user workflows.

The Sync and Drive apps have also been improved. Issues with login and password processes in FileCloud Sync were resolved, and the centralized configuration option for selective sync was reinforced. In the Drive app, the file locking function was optimized.

You can review all the improvements we’ve made by visiting the 21.3.6 Release Notes.



Enable FIPS Encryption in FileCloud

enable FIPS in FileCloud

FileCloud officially supports FIPS mode with CentOS 7.x version. This post explains how to enable FIPS encryption in your FileCloud installation.

Important Note – 

Please make sure you have the FIPS component enabled in your FileCloud license. If you do not have the component, please contact our sales team at for further help in adding the component to your license.

Step 1: Enable Dracut Modules

To enable FIPS encryption, you must first enable Dracut modules in CentOS; this can be installed by running the below commands:

yum install dracut-fips
yum install dracut-fips-aesni
dracut -v -f

It should yield the following results:

FIPS certification - enable dracut modules in CentOS

Step 2: Add the FIPS flag to the Grub Configuration

Once the Dracut module is configured, the next step is to add the FIPS flag to the grub configuration. To make the necessary changes, modify this file /etc/default/grub by adding fips=1 to GRUB_CMDLINE_LINUX.

GRUB_CMDLINE_LINUX=”crashkernel=auto rhgb quiet fips=1″

GRUB_CMDLINE_LINUX=”crashkernel=auto rhgb quiet fips=1 boot=UUID=34c96d6b-a43c-fec3-a2a6-e6593c977550″ #if /boot is on a different partition use blkid of the boot partition 

Step 3: Regenerate the Grub Configuration

After modifying the grub configuration, we will need to regenerate the grub configuration using the below command:

grub2-mkconfig -o /etc/grub2.cfg

If prelinking is installed in the server, you must first disable prelinking by modifying this file – /etc/sysconfig/prelink – and setting PRELINKING=no

Step 4: Reboot the Server

After the above changes are made, reboot the server and check this file – cat /proc/sys/crypto/fips_enabled – to ensure FIPS is enabled.

[root@cnfc ~]# cat /proc/sys/cryto/fips_enabled

Step 5: Install FileCloud

The next step is to install FileCloud.

yum install wget
wget && bash

Install FileCloud with the above script and configure the components required depending on your use case. Once completed, your FileCloud server will run under the FIPS mode.

Alternative Options

You can also download and install a FIPS-enabled OpenSSL.
NOTE: This is only needed if safelogic modules are required. Once FIPS mode is enabled, CentOS installs FIPS-enabled packages by default.

yum install unzip
unzip -q -d /root/fipsopenssl
rpm -Uvh –nodeps /root/fipsopenssl/*.rpm

We also recommend enabling strong ciphers and TLS 1.2/TLS 1.3 in your Apache SSL configuration:

#SSLProtocol all -SSLv2 -SSLv3
SSLProtocol -all +TLSv1.2 +TLSv1.3
#SSLCipherSuite HIGH:!aNULL:!MD5


For greater security and governance over your data, FileCloud supports FIPS encryption. With this step-by-step process, you can now enable FIPS on your own FileCloud installation (provided it is available with your license.) For additional support or clarification, please get in touch with our support team at


Article written by Nandakumar Chitra Suresh



The Security Risks of File Sharing & Cloud Storage (with a solution!)

What is File Sharing and Cloud Storage?

File sharing and cloud storage is a way of storing and sharing files online that many companies and organizations are using. Some organizations have migrated entirely to the cloud. However, there still seems to be some confusion as to what the cloud actually is.

Essentially, the cloud is a digital space online where companies can store data, instead of on a company hard drive.

Why Are So Many Companies Using the Cloud?

Many companies and organizations are turning to the cloud because it is easier to use. In effect, all files and data are stored online and can be accessed by any device with an internet connect. In addition, in a world where huge numbers of people are working remotely and in different offices, cloud storage and sharing allows users to share files easily between themselves and clients.

What Are the Data Security Risks of File Sharing and Cloud Storage?

The cloud sounds great, right? And it can be, but there are risks involved in storing and sharing files via the cloud, which can lead to data leaks, loss of time, and even financial penalties. There are many reasons that companies use cloud technology, but some of those exact reasons can pose security risks if you’re not using a hyper-secure cloud storage and sharing system.

Cloud Storage Safety

Those risks include:

Employees Using Their Own Devices/Non-Secured Devices

One of the benefits of storing files in the cloud means that users can access those files anywhere they have an internet connection—on any device. However, this can also be a security risk. Employees using company computers is one thing, but policies like BYOD (bring your own device) often result in employees using personal laptop or cell phone. Security is often not up-to-date on these devices, and if they’re hacked, lost, or stolen, that could lead to a data breach for your company. It’s best to look for a system that has a robust device management dashboard, along with the option for admins to remove devices from the system at any point.

One Size Fits All Sharing

Sharing permissions are a vital part of using cloud tech. After all, you don’t want just anyone having access to your data, right? If you pick a system that doesn’t offer advanced sharing permissions and simply sends all shares publicly, you could be in trouble. You’ll want to look for a cloud storage and sharing system that has advanced and customizable sharing permissions.

Unrestricted Sharing

Data leak prevention (or DLP) is a necessary part of any cloud system that stores and shares data. Essentially, DLP stops leaks before they happen (whether from malicious or accidental user error). A system without DLP in place can cost you time and money, especially where compliance regulations are in place. Look for Smart DLP that is flexible and rule driven, with admins having complete control.

No Centralized Fail-Safe for Document Retention

Retention policies are a way of managing data, like having restrictions on data being deleted in the case of HIPAA, or restrictions on files being deleted in case of a lawsuit. These regulations are increasingly needed in a world where compliance regulations are being added and updated yearly. Regulations like GDPR, ITAR, and HIPAA have strict requirements for data security, safety, and storage. A cloud system without a top-notch retention policy system likely won’t comply with expanding regulations and could lead to a huge loss of money, and even the ability to operate. Finding a cloud storage system that also has robust retention polices is vital.

Lack of Audit Logs

Audit logs are the best way to know who is using your system when, and how. This can help keep data secure and compliant, but many cloud systems, especially consumer-grade solutions, won’t have these audit logs available. Ideally, you want the ability to have a complete audit of the whole system with easily-downloadable logs for audit and regulatory overview.

How FileCloud’s Hyper-Secure System Helps Companies Avoid Risks

FileCloud is a hyper-secure cloud storage and file sharing system that was created to help companies avoid risk, keep data secure and compliant, while making files easy to share.

It has all the necessary features we talked about above, in addition to other amazing tools like workflow automation, a compliance center, and advanced security.

To learn more about FileCloud, take our quick tour here.

Cloud Computing for Banks

Cloud Computing Tailored for Banks

We are living during times when adoption of technological solutions is skyrocketing. Emergency situations, such as living and working during the COVID pandemic, require increasing the efficiency of systems to enable remote work on a much larger scale. Migration to the cloud, as part of the overall adoption of tech in various industries, is a global trend that is getting stronger every year.

Banks are also taking part in this trend. For banks, the cloud yields not only tangible financial benefits, but also an opportunity for technological development and practical use of opportunities offered by the market in the form of blockchain technology, artificial intelligence, or chatbots. Thanks to the availability of cloud solutions, banks are able to adapt to trends that can be observed in the booming fintech area. Thanks to the virtually unlimited possibilities of building partner ecosystems and extending the portfolio of services provided, banks have become more flexible and respond better to market needs.

The Cloud in the Banking Sector

In 2018, Accenture conducted a global survey of retail banking in terms of the implementation and use of cloud services.

The report was prepared based on surveys from directors of 35 banks – European, American, African, and Asian. The vast majority of representatives of the banking sector admitted that there is no developed strategy for cloud applications. Nearly half of the respondents confirmed that such a strategy is to be prepared within the next year. 31% of the respondents had a strategy for cloud adoption already. This shows that the market opportunity for the banking sector is only starting to grow.

A minority of banks could boast a mature strategy for implementing cloud solutions. This was indicated by 1/4 of the respondents. In the vast majority of cases though, these strategies were still at an early stage of development. 40% of bankers admitted that basic practices had been agreed upon and appropriate tools had started to be implemented.

Challenges and Benefits – a Local Perspective from Poland

Accenture, in cooperation with the Polish Bank Association, conducted a survey among the largest banks on the Polish market. (The full report in Polish can be accessed here.) These banks were familiar with the subject of the cloud, but enterprises are still at a relatively early stage of cloud advancement and face many challenges.

For banks, the biggest unknowns are issues related to regulations that banks have to comply with, as well as the lack of appropriate experience in processes related to the implementation of cloud solutions. There seems to be no standard, go-to approach when migrating banks to the cloud. Banks indicate unclear or incomplete legal provisions, as well as regulations that do not facilitate or even limit the implementation of the cloud.

Another problem that banks face is the little to no experience possessed by their IT teams in implementing advanced solutions. Rebuilding or migrating applications to run in the cloud – (i.e., big data set migrations) requires significant effort. Adjusting to the cloud transition as part of investment cycles in the IT department for a given company can also pose certain challenges.

With the advent of cloud technology in the banking sector, risk and security management are becoming another important element of cloud implementation strategy. In this area, the analysis of large data sets (in terms of risk identification and fraud detection) becomes extremely crucial. Sharing sensitive data also falls under regulatory compliance, which poses a significant burden if done manually.

The entire banking sector today faces the challenge of processing, analytical support, and monetization of huge data resources. Such datasets can be inferred upon to discover patterns of customer engagement among other operations. Thanks to technologies available in the cloud, what in “analog” mode would take several days is possible to achieve in a few minutes.

The available advanced analytical functions enable the analysis of structured and unstructured data and can provide a specific inference engine/subsystem from many vendors – be it AI cognitive services or natural language processing.

When used only for the duration of data processing, these inference engines reduce the need for very expensive and complex analytical solutions in banks, limited to systems processing extracts from data processed in the cloud. This leads to transparent cost models because it enables fast and efficient provisioning of services. The implementation of IT infrastructure and services is faster, the application development cycle is shortened, and, most importantly, it allows for the introduction of new, more innovative products and services to the market based on a proven vendor.

Cloud Banking and Security – Facts and Myths

Cloud Tech Myths vs Reality

In practice, the cloud for customers turns out to be a safer solution, while taking away the pain of setting up everything by the organization. Companies using this type of solution are only a part of the entire ecosystem, which also includes many other enterprises. Thus, a potential attack on a specific company or data collection is difficult.

Implementing Cloud Technology for a Bank

Many banks are still using cloud solutions opportunistically, mainly to improve or supplement their current systems and services. Primarily, this is due to the fear of launching a major change program that will impact virtually every element of the bank’s organization, thus incurring large expenditures on transformation projects and generating the associated risk of failure.

One of the relatively simplest methods is to purchase SaaS packages from vendors. The choice of such services is so large that banks are free to choose a product tailored to their needs. The migration process is relatively simple, focusing mainly on data migration and integration with the bank’s other systems. The process of cloud implementation in a bank may also require the migration of existing systems.

This can be done by moving applications to the target cloud platform, without major changes in their configuration. In this process, it is possible to use traditional migration methods, just as is done during data center migration. Of course, applications can also be customized and updated to be platform-compatible and cloud-ready (standardizing operating systems to versions supported by the cloud operator).

Private and Public Cloud Pros and Cons

The most difficult method, but with the most potential benefits, is migration using PaaS technologies. This method consists of adapting the application architecture to the cloud-native model, which enables the use of advanced cloud services, e.g. automation, scaling, containers, serverless functions, API mechanisms, and others. Regardless of the choice of cloud migration method, the goal is common – gain a business advantage through the use of modern technologies.

Such an implementation model is convenient for banks because it grants them the freedom to choose which resources are used. This is possible thanks to the implementation of Cloud  Content Management Platforms in banks, integrating private public resources, and in the case of integration with more than one public provider, the implementation of a multi-cloud strategy. Additionally, this model allows for easier management of regulatory requirements, such as user anonymization or data requests.


Major companies and cloud providers are committing more and more resources to streamline, develop, and create new services. As demand continues to grow, enterprises are recognizing new trends, significant opportunities, and economic benefits. By migrating to the cloud, they are replacing traditional IT usage models in an as-a-service direction.

The ongoing changes are also affecting the banking sector, though the integration of cloud technology is on the more conservative side. This is due to the characteristics of this heavily regulated sector, to which the highest security standards have always been applied. The new reality for the banking sector becomes not only a challenge but also an exciting opportunity to benefit banks in many different ways.


Article written by Piotr Slupski