No one likes the idea of having their private information out in the open, even if one has nothing to hide. It is natural for us to feel protective of our secrets, both at home and at work, as we are never entirely sure when such knowledge can be used without our approval.
Inside a group of friends or colleagues, you can easily find yourself in possession of a secret you are expected to keep from some and share with others. Within a social group, this can become quite a headache. But can you imagine keeping tabs on secrets at scale? In a business environment?
While the necessity for a secure business is paramount, companies can easily find themselves before a choice between security and pragmatism. Constant security checks and ever-present encryption may be very secure, but often stand in the way of a quick and flexible working environment.
Well, what if there was a way to maintain a secure and auditable work environment without sacrificing productivity? Let us find out.
Step 1: Enter SecureAnyBox #
The first step is to acquire a technology that allows users to guarantee their identity as well as have a certainty in the identity of others.
The proverbial wolf-in-sheep’s clothing is, in the context of an institution, dressed as a person, whose behavior may not bring positive results. This may an outside hacker, a disgruntled employee or an inattentive IT administrator. It can be a colleague who is not as careful as they should be. In any case, so long as you can be certain of who is who in the real world, you can expect predictability in their behavior. In other words, you can expect them to work in a certain way, access specific information, work with similar tools daily etc.
In the real world, we determine the identity of people around us by their words and actions, by our familiarity with them etc. In the digital world, this is made simple by associating the identity of a user with a specific token.
A token may be physical (a key, an USB key…) or it can be ethereal, such as a password. Whoever is in possession of a password is, by definition, allowed to access to certain information. By the same logic, whoever has control over the passwords, controls that access.
In the traditional business IT world, the person with this power is the IT administrator. This arrangement however carries a heavy risk. Once the credentials (the identity) of an IT administrator are stolen, the thief has access not only to privileged information, but also to the power of granting access.
The antidote to this risk lies in a technology that distributes the power of access and audits that access.
The technology that allows you to do this is called SecureAnyBox.
Step 2: Operating within a secure framework #
In the modern business world, users are expected to access tens, hundreds or even thousands individual pieces of information and systems. In order to be secure, they should be who they are (be authenticated) and should use a specific token (password) for each instance. However, that becomes impractical very quickly. Remembering more than 5 passwords, especially passwords that follow a secure policy (such as a required number of symbols, unusual symbols, etc.), is unrealistic.
SecuraAnyBox deals with this issue by employing a two-step approach to granting access to information.
Firstly, the user gets authenticated by the traditional way of login and password (or token). The authentication process itself does not grant any access yet. Login and password can be leveraged from a user directory or be created by the would-be attacker.
Secondly, the authenticated user has their unique access code. The access code is not written anywhere. It is not stored on any server or system. The user has to provide it in order to authorize any protected activity – creation of a password to an individual system, decrypting or sharing a password etc. And of course, any use of the access code is noted in the audit log.
Together with the SecureAnyBox password manager function, this brings a huge step towards information security for a tiny cost.
The users themselves are required to remember only two items (authentication password and access code) in order to enter their secure work environment. Additionally, by enforcing a password policy, you can be sure that other users also have secure access codes, when you share your information with them.
These functions help you prevent and detect data loss in advance, without hampering the users’ ability to go about their daily business.
Step 3: Secure framework adjusts to you #
Now that you know how to work securely, can you also work practically?
So far, this article has focused on passwords and tokens as tools of achieving security, but how about data in the more usual form – folders and files?
With introduction of release 4.26 comes a new plugin from SecureAnyBox for Total Commander file manager. The plugin allows users not only to read, but to work with their files in a secured environment (a folder).
For example, a team of users within a company are expected to prepare a set of Microsoft Word documents that require input from each member. This sort of work benefits from security (only certain users are allowed access) and from versioning. Before each member starts writing, it can be decided whether input of the latest author should overwrite the previous versions of the document or whether a change should create a new version of the document. This can happen with each individual change, or the versions can be synthesized after an amount of time has passed. The versions can be named according to preset rules (such as numbering or user, date, domain format).
The Total Commander plugin brings another desired benefit, which is scalable upload. In the case of single user passwords, the simplest way is to enter them manually via a web browser. But when you want to secure entire libraries of information, be it passwords or files, manual input can be time consuming.
Now you can easily secure virtually unlimited number of files in your local or shared storage simply by connecting them to SecureAnyBox via Total Commander.
Just like with the passwords, working with files is a protected activity – therefore it is authorized and logged.
Implementing SecureAnyBox to your organization takes less than a day and has been over countless companies and institutions globally. To find out more about how to work securely and practically, please visit our website.