Business Continuity
As workers sync and share important company data, it’s important to protect against common risks, such as unauthorized access to data, malware, lost or stolen devices, or human error. With a 24/7 US-based Technical Support team, coupled with advanced security and point-in-time data recovery features, Canadian Cloud Sync ensures client data is safe and recoverable.
Preventing Data Theft
If a hacker or other malicious actor gains access to a user’s computer or mobile device, data and intellectual property could be put at risk. Canadian Cloud Sync mitigates against these risks through policy and configuration options.
Encryption
Canadian Cloud Sync is built from the ground up using best-in-class data protection and encryption methods. Data is protected using 256-bit AES (Advance Encryption Standard), both in transit and at rest.
Password Complexity Requirements
To protect against brute force and dictionary attacks, browsers are prevented from logging in for 30 minutes after five failed login attempts. Additionally, password-complexity requirements are enforced across the Canadian Cloud Sync system.
Policies
Using organization policies, Canadian Cloud Sync administrators can further protect synced data from unauthorized access. For example:
- The Force New Share Links to Require Login policy requires all share link recipients to log in with individual usernames and passwords.
- The Force Password Change After policy requires users to update passwords after a specified time period.
- The Require Two-Step Authentication policy requires all users to configure and use Two-Step Authentication on all clients, apps, and add-ins.
Data Retention and Recovery
Every organization, regardless of industry, must consider the security and retention of company data. Given the increased reliance on computers and digital content, the ability to recover files and folders that have been accidentally deleted has never been of greater importance.
Unlimited Trim, Purge, and Backup Retention
As an administrator, you can create data retention policies for each individual organization to determine how long revisions, synced data, and backups are stored in the system. By default, Canadian Cloud Sync gives you unlimited data retention, but you can optionally update these settings to determine how deleted files, folders, backups, and revisions are stored. You can even turn off end users' ability to purge data, giving you even more administrative control.
Revision Rollback
Utilize the Revision Rollback feature to restore infected files to their last, healthy revision. The Revision Rollback feature is particularly useful for restoring content after local data corruption or infection. The tool utilizes a file’s revision history and restores all currently-existing content in the root to a healthy revision at a specified point in time.
Alternatively, you can use the Snapshot feature to quickly recover data from the administrative web portal. The Snapshot feature can be utilized in a variety of use cases, as described in the Malware Protection and Recovery section below.
Malware Protection and Recovery
Ransomware is a type of malware that denies access to infected content, and demands that the user pay a ransom to remove the restriction. Canadian Cloud Sync helps affected users recover their synced data, and even prevents infected content from syncing to the cloud.
The Excluded Extensions Policy
If a user’s local machine is infected with ransomware, you can prevent the encrypted files from syncing to the cloud using policy settings. Using the Excluded Extensions policy, you can deny known ransomware extensions (for example, .locky, .thor, .zepto, and so forth) from syncing up to the cloud and across registered devices. Because ransomware is constantly evolving, you can remain in control by updating the Excluded Extensions policy on a regular basis.
The Activity Log
Using the Activity Log in the end user’s web portal, you can find the day and time content was changed. This information helps determine when the infection took place, and which files and folders were affected.
The Snapshot Feature
When you know the date and time of infection, you can recover using the Snapshot feature. The Snapshot feature allows administrators to easily copy a Team Share, backup, or a user’s personal data as it existed at a specific point in time, including content that was previously deleted, recreated, or changed. This feature even recovers the revision history of restored content, starting from the selected date.
Supporting Lost or Stolen Devices
The mobile workforce continues to expand, with more employees working from home or other remote locations. In addition, the bring-your-own-device (BYOD) trend means more users are relying on their personal smartphones or tablets to accomplish work-related tasks. While these devices are convenient, they are prone to additional risks, like being lost or stolen when in transit from one location to the next.
Remote Wipe
If an end user loses a computer or mobile device, administrators can unlink the compromised device from the user account, thereby protecting synced data from unauthorized access. This technique is called a Remote Wipe, and is especially useful in organizations that need to comply with certain rules and regulations, such as HIPAA.
Backups
The Backups feature ensures that important local data is always recoverable if a device is lost, stolen, or otherwise inaccessible. The Backups feature allows end users to create backups of folders that exist on their local machines. Alternatively, administrators can remotely create and restore from backups for end users.
Additional Best Practices
You might also consider implementing the following best practices to further protect your synced data.
- To minimize the effect of a ransomware attack, encourage users to turn on the Pause Sync feature as soon as they suspect a ransomware infection.
- Encourage users to utilize the Selective Sync feature so that only necessary files and folders sync down to their local machine.
- Utilize Team Share subscription rules when planning Team Shares for end users. If Team Share content does not need to be accessed from each device (for example, view-only video files), you can use subscription rules to help reduce storage and bandwidth requirements, and minimize external exposure to important company data.
- Audit through alerts and activity logs, reporting, and web access logs.
- Turn on the Privacy Mode feature, which allows you to successfully manage Canadian Cloud Sync for your customers without accessing or viewing potentially sensitive customer information.
- Integrate with Active Directory, allowing end users to seamlessly log in and access data using their known credentials.
- Configure the Deactivate API Tokens After policy to prevent unauthorized access to the system via the API.