Shared Folders or SharePoint: What’s best for me?
by Chris Tsouris
You’ve been using shared folders for years. They are easy, simple and can even save you time by having no administrative or maintenance costs. So what’s wrong with using shared folders?
Essentially, there is nothing wrong with shared folders. Windows file sharing has been around since Windows for Workgroups 3.1, released in October 1992. It came with SMB file sharing support.
But do you really know how file sharing works?
The Server Message Block Protocol (SMB protocol) allows client applications to read and write on a computer network. Using SMB, an application can access files at a remote server as well as other resources including printers. Here is where things can get dicey.
Enter Ransomware
As you may know, one of the biggest data security threats, CryptoLocker is a malicious application that encrypts files and makes them unusable unless an unlock key is paid for. CryptoLocker will encrypt local and SMB connected file shares that the user has access to.
A while back, an organization we talked to was hit by CryptoLocker and was unprepared. The ransomware infected one of their client machines. The user disregarded the warning screen which contained a 30-day timer counting down. Their IT department, staff of one, was unaware of the situation. Principally this was because their endpoint protection was ineffective, not up to date and un-monitored. Managed Services anyone?
As is customary in organizations using file shares, a large shared drive was mapped to the client machines on start up. In this case, the share consisted of terabytes of content. Cryptolocker infected the shared drive from the infected user’s machine over the network using SMB. Complaints from other users ultimately led to the identification and disconnection of the infected PC. However, the ransomware timer had by then expired! Ransom could no longer be paid and files could not be decrypted.
“But we have backup”
That is great (you should have backup!), but here is how that can backfire with file sharing…
Backups of the shared drive existed and a data recovery was initiated. It was quickly determined that backups of the files that were older than the initial infection date were fine. However, backups since the infection occurred had been backing up encrypted files. That left the most recent content, which included nearly all working files for the last 30 days unusable. A very sad state of affairs. This is an extreme, but probably not isolated case.
So, what does this have to do with SharePoint?
Well, SharePoint does not rely on SMB file shares. Content stored in SharePoint cannot be accessed by malware via SMB like the content stored on a network drive. That’s one layer of defense.
So, let’s say that an undetected, infected file is loaded to SharePoint. SharePoint can be configured with anti-malware to detect infected content upon creation or modification. There’s a second layer of defense.
Beyond that, say that by some manner the encrypted file got into SharePoint. It would be isolated. The ransomware does not have a connection to SharePoint like it would on an SMB file share therefore it cannot iterate a directory and encrypt more files.
Additionally, SharePoint allows for versioning of content. So at the very least, the latest good version of the encrypted file can be restored. Not all is lost!
Should SharePoint Replace File Servers & my file sharing?
There are pros and cons to this question and the answer can be, it depends.
Files that are very large, archival or largely unchanging are not the best candidates for SharePoint. SharePoint is not a good file storage solution for all those scenarios.
On the other hand, file storage is not the same thing as file collaboration. Shared drives that are used for document collaboration are being replaced with SharePoint. SharePoint provides a better collaborative environment because of the built-in features, such as check out, check in, versioning, publishing, approval flow and rich enterprise search.
—
Chris Tsouris is the president of Strategic Computing, a Denver based Microsoft Partner founded in 1993.
If you would like to learn more about file sharing, Microsoft SharePoint or Strategic Computing, please contact us!