In today’s world of mobility, everyone wants to stay productive all the time - and hence file sync & share solutions have become very popular. With increased workforce mobility, the need for accessing corporate data from any device (both company-managed and employee-owned) and from anywhere (within and beyond the corporate network) has become priority for businesses.
Banks, Financial services and Insurance (BFSI) companies are not isolated from these end-user demands. But for them, things are very different - these organizations are required by regulations to use and manage sensitive data using the highest security standards. Data leakage can be extremely costly and can lead to legal actions, penalties and loss of reputation – and, in many cases, even complete closure of business. It is important that they provide an enterprise-grade file sync & share (EFSS) to their employees. Otherwise, in absence of such a facility the employees may turn to consumer file sharing services (like Dropbox) that lack end-to-end security, data governance, controls and visibility.
Though Box launched Box for Financial Services early this year by introducing Retention Management, Watermarking and Enterprise Key Management, it has failed to create a splash in the market.
In our blog post titled Comparing Box and Vaultize – Leading Enterprise File Sync & Share, we covered the competitive advantages of Vaultize over Box. In this post, we are covering 5 reasons why BFSI companies choose Vaultize over Box:
- Public Cloud Solution
Box offers only a public cloud solution. Most of the BFSI customers are not comfortable with public cloud as they predominantly deploy on-premise to keep everything completely in their control. This scenario will persist, not only in BFSI but all highly regulated industries. Vaultize provides industry’s widest set of deployment options that include purpose-built appliance series and private-cloud/on-premise – in addition to public-cloud (hosted on AWS and MSP data centers).
- Enterprise Digital Rights Management
Enterprise digital rights management (eDRM aka information rights management) is an important part of file security in highly regulated and security-focused industries that allows enterprise IT and document owners to control the access to documents shared with outside party to ensure that only authorized recipients can consume them.
Box has been primarily designed for content management and workforce collaboration within the organization, and not for external file sharing. Hence it does not provide security controls like enterprise rights management– limiting its capabilities to handle use cases of external sharing, which is very prominent in BFSI vertical.
Vaultize follows an innovative (US patent-pending) approach to digital rights management called Micro-containerization, which is independent of file formats and agnostic to applications and vendors. With Vaultize’s Enterprise Rights Management, the access rights travel along with the data ensuring that corporate IT and document owner have full control and tracking on access and use (like edit, copy/paste, print etc.) of data even when it goes to third-parties. Additionally, IT can create security fence around corporate data such that it is accessible or usable only from certain IPs and/or geographical locations.
- Integration with existing DLP and Anti-virus
Integration of file sharing and DRM with content-aware data classification is core to a successful file security implementation in BFSI as it ensures that the information that requires highest security is locked down automatically, while information that does not need securing is not touched.
Box integrates only with a public cloud DLP service and cannot integrate with an existing or in-house DLP or anti-virus.
Whereas, Vaultize seamlessly integrates with DLP solutions (offered by DLP vendors like Symantec, McAfee and Websense) and anti-virus solutions that are deployed on-premise.
- Integration with Existing Investment in Infrastructure
Box requires all the content to be stored and managed from their public cloud. It is impractical (and impossible in many cases) for companies, who have already invested millions of dollars in Enterprise Content Management (ECM) solutions, to duplicate all the content to Box.
On the other hand, Vaultize leverages investment in existing ECMs and enhances their capabilities by providing facilities like VPN-free anywhere access to the repositories, sync & share content from on-premise repositories like file server and NAS, without any duplication – and hence complementing the existing infrastructure.
- Data Sovereignty
Concerns over cloud data sovereignty makes adoption of Box a challenge in many geographies like Europe. Enterprises are worried about privacy of sensitive information, regulatory compliance and implications of data disclosure laws.
Hence to comply with local data residency/data sovereignty laws enterprises can’t risk implementing Box without investing in additional encryption or tokenization solutions – increasing the cost and compromising on the flexibility.
To help customers comply with these laws, Box recently announced Enterprise Key Management (EKM), touting it as being able to "break the last barrier in cloud adoption". But unfortunately, in reality, Box EKM is just not enough. Even they themselves mention in their blog post, albeit in passing, that there were better alternatives like client-side encryption, but they didn't choose any of them because that would mean curtailing Box's productivity functions. If there are better alternatives to data security, that simply makes Box EKM a compromise. And security cannot be based on a compromise.
Vaultize has tackled these issues with client-side encryption using its US patented technology called Vault KNOX that enables end-to-end security. This technology allows Vaultize to do client-side at-source encryption along with client-side de-duplication and group-based collaboration. So, customers get all the benefits of client-side encryption without loosing any of the benefits of global de-duplication or collaboration. This achieves high security with high efficiency and high productivity. Vaultize allows customers to own and manage keys through its Data Privacy Option (DPO), which enables compliance with data residency, data sovereignty or data privacy regulations, and completely removes the risk of customer data being given out to authorities.
Vaultize is helping its enterprise customers - including Fortune 500 and leaders in security-conscious/regulated verticals like BFSI, Healthcare, Pharma, Manufacturing, Government and Media - protect and secure sensitive content. It provides them facilities like enterprise file sharing, FTP replacement, Virtual Data Room, Outlook Plugin, Mobile Collaboration, VPN-free anywhere access to enterprise content management (ECM) together with enterprise controls including enterprise rights management, mobile content management, endpoint backup, endpoint encryption with remote wiping, IP/geo fencing and multi-dimensional access rights.