SharePlus + SharePoint: The Secure Dropbox Replacement

Jason Beres [Infragi / Thursday, July 19, 2012

DropBox is in the news again, with major questions around the security of the application.  I wanted to re-post this blog that I published originally for the SharePoint Conference in Australia in March.

SharePlus - The Trusted, Secure & Native Mobile Client for SharePoint

Working with enterprise customers who have massive investments in secure SharePoint infrastructure, I've been involved in meetings where the security issues around cloud-based document sharing applications like Dropbox or even Live Mesh come up. Corporate data is all about security, and pretty much every corporate IT department has data security at the top of their minds - all of the time. Which is where the easy access to applications like Dropbox on mobile devices can wreak havoc on an existing security infrastructure – anyone with Internet access can install Dropbox, copy files to it, and in turn sync with any of their personal computers and mobiles devices that live outside of the corporate firewall. Next thing you know, they are sharing a folder with a customer because the email system doesn't allow large files as attachments, so in turn, not only are files in an unsecure cloud storage that corporate IT has no controls over (and most of the times no knowledge of its use), but the unknowing end user has involved customers with this potential security gap.

A seemingly easy route to avoid this potential security headache is to give your users a secure, familiar and easy to use mobile solution to access corporate data: SharePoint Personal folders + Infragistics SharePlus. It's super-simple to add a SharePoint documents library as a shared folder in Windows Explorer allowing easy drag & drop of files, and it's even easier to securely access and synchronizes SharePoint sites with SharePlus.

So the argument for using SharePoint as a Dropbox replacement is hardly an argument – your corporate data is already secure on SharePoint, so why not make that secure access ubiquitous across corporate and personal devices? You might say "well, that sounds easy, but even with SharePlus, documents can be synced and stored locally with an iPad, so my content is still in the open". That is partially true, however, with SharePlus under the control of corporate IT, you have multiple security options:

  • Windows & Forms Based Authentication 
  • Microsoft ISA Server & Forefront Authentication 
  • Client Certificate Authentication, HTTPS SSL Self Signed Certificates 
  • Hardware based encryption of locally stored SharePoint files 
  • Centralized configuration management – including top level and sub-level site access 
  • Passcode lock at application level – with reset option after multiple attempts 
  • Multi-factor authentication with challenge / response questions like 'where were you born' 
  • Integration with 3rd party security and encryption tools 
  • Most SharePoint infrastructure is behind a firewall as well, so even better is that SharePlus access to documents needs to happen via a secure VPN tunnel in a firewall configuration 

 

I am not implying that a silver-bullet security solution exists, but there are plenty of options, which also happen to integrate nicely with your current IT infrastructure – no need to build secondary infrastructure to enable secure access to corporate documents. There will be IT folks that say there is a silver-bullet: don't allow mobile device access to corporate data. Unfortunately, this argument will never win. Tablets and phones are everywhere; every executive has an iPad2 and is waiting for his new iPad3. You can't stop the move to mobility and tablets. It's the future and it's happening now. Eventually the issues of secure access to documents on mobile devices will have to be addressed by every security czar in every corporation.

SharePlus + SharePoint solution is a solution that works for you.

Read this post for a complete technical whitepaper on how SharePlus handles security and how you can ensure your data is protected.