Why total security requires complete control

Matte

January 15, 2014

Security is a hugely important issue in the online file sharing industry. After all, if you’re asking people to trust you to store, transfer or otherwise use their private files, they need to know that you can keep it safe.

Security in public cloud

Every file sharing provider firmly touts its security credentials. We certainly do at Hightail. Since our inception in 2004, we’ve poured time, money and attention into our security infrastructure to ensure that when you see a phrase like “128-bit SSL encryption in transit and 256-bit AES encryption at rest” on our website, it actually means something.

But such infrastructure—designed to protect against sophisticated, malicious hackers—is only part of the security solution. It’s like how people worry about shark attacks when you’re more likely to be killed by a vending machine (“Just when you thought it was safe to get a bottle of water.”) People fret about anonymous hackers stealing their data when the real danger is much more personal.

For most businesses, the reality is that confidential information is more likely to be leaked by someone inside the organization who either abuses their access (e.g. Edward Snowden) or inadvertently shares data they weren’t supposed to.

Traditionally, sharing a file with someone meant giving up control over the information it contains. Once the recipient had your file, anything could happen. Of course, we tend to work with people we trust (unless you’re a chemistry teacher turned meth kingpin). But you still ran the risk of an accidental leak. Have you ever been added to a long email thread and scrolled down to find one of the early messages contained information you really ought not to have seen? What if that turned out to be the link to a sensitive file you shared with one person?

This friendly fire type of confidentiality breach is probably the biggest problem with most consumer-oriented file sharing services today. They may be difficult to hack but they are hardly foolproof for those who have access to your files.

At Hightail, we’re not just about securing your data with all-encompassing encryption technology, we also want to help you control it at a personal level—from who exactly can access a file and how long it’s available, to confirming that your file got to the right person and whether they can edit it.

We have a number of existing features that enable you to share your work with confidence:

  • Verify Recipient Identity requires the person to whom you send a file to sign in to Hightail using a confirmed email address. Even if the file link is forwarded to another person, they cannot download the file without your permission.
  • Password Protection requires the recipient to enter a password you set. Naturally, you should share this secret code with them separately—otherwise it’s like etching your PIN onto the front of your debit card.
  • File Expiration lets you set a date or number of downloads, after which the file is no longer available. All the utility of a Mission Impossible style self-destructing message, none of the post-explosion cleanup.
  • Folder Permissions lets you decide whether a person with whom you have shared a folder can make changes to the content or can only view the files.

Each of these features is easy to apply whenever you send a file or share a folder on Hightail, giving you real protection and peace of mind.

We’re also expanding our leadership around superior file control with new features like the ability to turn off downloads entirely, so your recipient will only be able to view the file on Hightail and not retain their own copy.

Control is not just about erecting barriers around your work; it also benefits you by providing insight. The ability to track your files makes you more knowledgeable, as it lets you know who has accessed, viewed and downloaded your files and when they did it. This is useful in ensuring only the right people have seen your work, while also enlightening your relationship with the file and its viewers.

Security in terms of data encryption will continue to be a big deal for Hightail and the rest of the file sharing industry and rightly so. But control is an element that people are increasingly interested in, as something that actually has an immediate relevance to their everyday working lives. It’s something we’ll continue to focus on at Hightail so we can keep ensuring that your valuable information is safe, whether from malicious hackers in a dimly lit basement or absent-minded Archibald at the desk round the corner.

Follow Matte Scheinker on Twitter