The following are questions and answers regarding mxHero's Fusion file linking technology.
- Why should I send attachments as secure cloud storage file links?
- I can already add shared file links to my email with O365, Box, etc.
- Once the file is downloaded from the link, the file is unprotected
- With O365 I can automate the upload of attachments with MS Flow
- I have a DLP (Proofpoint, Mimecast, Barracuda, etc.)
- I have DRM (Azure RMS, Vera, etc.) to protect my files
- I have an Antivirus
- Aren't links in email dangerous?
- What happens if an email with a file link gets forwarded?
- What if my recipient refuses to accept a file link?
- What happens with my data?
- What happens if I don’t want to use the service anymore?
Why should I send attachments as secure cloud storage file links?
- control how files are delivered even after email is sent
- ensure that only the right recipients have access to files
- send larger files than email attachments
- ensure encrypted delivery of content
- reduce data sprawl caused by email attachments by 90% (1/10th)
None of the above points are available with standard email attachments.
I can already add shared file links to my email with O365, Box, etc.
Yes, every cloud storage allows you to copy & paste a file link but mxHero:
- Saves you time and effort when sending files: you attach files normally, and file links are created and added to your email automatically, whether sending from desktop, mobile, Windows, Mac, etc. No more copy & paste.
- Saves you time and effort when receiving files: attachments sent to you are automatically saved to your cloud storage before you receive them - impossible with standard cloud storage tools.
- Organizes your files: MxHero automatically files attachments saved to your cloud into a folder structure of choice. E.g. all attachments saved in per recipient folders.
- Versions your files: Attachments sent and received are automatically versioned so you are assured to be always working on the latest copy.
- Makes security easy: the security of the link is set correctly for each recipient and content of the attachment (very time-consuming to do manually without mxHero)
- e.g., an email with a sensitive file is sent to an external recipient and copied (cc’d) to an internal recipient. MxHero can set the file link to the external recipient to auto-expire in 7 days and be read-only (no download). Whereas, the internal recipient receives a link that can only be opened by someone within the organization, but without expiration and available for download.
In other words:
Yes, every cloud storage allows you to copy & paste a file link but with mxHero, there is no change to how emails with files are sent. Files are automatically saved and organized in your cloud storage. File links are automatically placed in the email. File links get the correct security settings for each recipient.
Once the file is downloaded from the link, the file is unprotected
Yes, but the share link is still far superior to a normal attachment because, unlike email attachments, a link can ensure you only deliver to the right person and prevents data theft. More specifically, a link:
- can ensure that only the recipient can access the attachment by requiring authentication
- meets compliance requirements because it guarantees files are delivered over encrypted connections
- can be “deactivated” at any time by the user - even after delivery of the email
- can be set to auto-expire, ensuring that access to files don’t persist indefinitely and be exposed to system breaches and accidental sharing
- can be set to “preview only” preventing download
- does not copy the file, unlike standard attachments that duplicate for every recipient (To, Cc, Bcc) even if the recipient never accesses the file. (see Article: mxHero reduces email attachment data sprawl by 90%)
With O365 I can automate the upload of attachments with MS Flow
MS Flow is very different and far more limited than mxHero.
- MS Flow only saves a copy of attachments to a single ‘Attachments’ folder
- mxHero intelligently files to multiple folders for easier content management
- End-user needs to set up MS Flow
- mxHero requires no end-user involvement
- MS Flow doesn’t remove the attachment from the email
- mxHero can remove the attachment for far greater security
- MS Flow doesn’t add secure cloud storage links to the email
- MS Flow doesn’t work outside of MS Outlook (no native mobile support)
I have a DLP (Proofpoint, Mimecast, Barracuda, etc.)
mxHero is typically installed and integrated with DLP (data loss prevention) solutions to augment their protection.
mxHero augments traditional DLP solutions by continuing to protect data after DLP action ensuring that the distribution of data is under organizational control even after delivery inside or outside the organization.
For example, an email with a sensitive attachment is sent externally. The DLP solution inspects the email and its attachment and determines that it can be delivered. The email is delivered to the recipient who soon after suffers a breach. Fortunately, the email attachment was converted by mxHero prior to delivery into a secure cloud storage link requiring authentication. The hacker does not gain access to the document.
I have DRM (Azure RMS, Vera, etc.) to protect my files
DRM solutions are an old technology (1983) still rarely seen today because DRM solutions typically require both the sender and the recipient to have supporting software on their device. mxHERO protects files in the customer's own cloud storage and provides links that anyone can access (if they have sufficient access privileges) without the need for additional software.
As an example, Microsoft's DRM solution, Azure RMS, lists its requirements here.
I have an Antivirus
mxHero does not substitute an antivirus. However, mxHero does reduce Virus/Phishing/Ransomware attacks by nearly 90% by ensuring safe preview of attachments:
- minimizes device (mobile, laptop, etc.) contact with malicious content
- allows safe, pre-inspection of malicious content by users
- permits additional cloud storage AV scanning
Aren't links in email dangerous?
Not links to your own cloud storage. It is safer to convert email attachments to cloud storage links for a number of reasons. You can read more about that in part 1 of this article.
What happens if an email with a file link gets forwarded?
When a recipient forwards an email that has a file link, the recipient of the forwarded email may or may not have access to the linked file. It all depends on the security of the original link. For example:
Bob and Mary are in the same company. Bob sends an email with an attachment to Mary. MxHero converts the attachment to a file link and sets the security of that link to be accessible only to people within the company. Mary receives the link and accesses the file. Mary then forwards the email to an external recipient, Mark. Mark receives the forwarded email with the link, but because Mark is not inside the company, he can not access the linked file.
Mary sends an email with an attachment to an external supplier, John. Mary's organization has configured mxHero to deliver attachments externally as open links that expire after seven days. John receives Mary's email and can access the file link without authenticating himself. John forwards Mary's email to another external partner. John's supplier can also access the link without authenticating. However, within seven days, the link in every copy of Mary's email will expire.
What if my recipient refuses to accept a file link?
In some situations, you need to deliver standard email attachments. Situations include systems and services that process email attachments or partner organizations that follow outdated security guidelines. To accommodate, MxHero allows you to create exceptions informing the system to deliver attachments "as is" (without replacing them with file links) to specified email addresses or domains. For example, mxHero can be configured to not replace attachments with file links for emails sent to the domain "acme.com" or only the email address "email@example.com".
What happens with my data?
MxHero acts as a router and retains no data - your information is stored on your cloud storage. To be able to process email content, mxHero creates a temporary copy of messages that match configuration criteria (e.g., an email with an attachment). The copy is loaded to memory or temporary encrypted (AES256) storage. When processing is concluded, the file is deleted and an extra step is taken to overwrite the file's blocks with zeroes. On average, mxHero processes an email in around three seconds.
What happens if I don’t want to use the service anymore?
MxHero saves all your content to your cloud storage. Deactivating mxHero only means that mxHero will no longer be saving your email content to your cloud storage. Cloud storage links previously placed in your emails by mxHero will continue to function for as long as you maintain your cloud storage service.