Why should I use SharePoint, when I have shared folders?
File Shares vs. SharePoint
“But file shares are so easy and simple and we save time by not having a system admin or potential maintenance costs from a solution like SharePoint!”
Essentially, there is nothing wrong with shared folders, however, we will discuss how SharePoint reduces the risks to your data storage. Windows file sharing has been around since Windows for Workgroups 3.1, released in October 1992. It came with SMB file sharing support.
How does it work?
The Server Message Block Protocol (SMB protocol) allows client applications to read and write on a computer network. Using SMB, an application can access files at a remote server as well as other resources including printers.
As you may know, one of the biggest data security threats, CryptoLocker is a malicious application that encrypts files and makes them unusable unless an unlock key is paid for. CryptoLocker will encrypt local and SMB connected file shares that the user has access to.
A while back, an organization we talked to was hit by CryptoLocker and was unprepared. The ransomware infected one of their client machines. The user disregarded the warning screen, with a 30-day timer counting down. Their IT department, staff of one, was unaware of the situation. Principally this was because, their endpoint protection was ineffective, not up to date and unmonitored. Managed Services anyone?
As is customary in organizations using file shares, a large shared drive was mapped to the client machines on start up. In this case, the share consisted of terabytes of content. Cryptolocker infected the shared drive from this user’s machine over the network using SMB. Complaints from other users ultimately led to the identification and disconnection of the infected PC. However, the ransomware timer had by then expired! Ransom could no longer be paid and files could not be decrypted.
We have backup
Backups of the shared drive existed and a data recovery was initiated. It was quickly determined that backups of the files that were older than the initial infection date were fine. However, backups since the infection occurred had been backing up encrypted files. That left the most recent content, which included nearly all working files, unusable. A very sad state of affairs. This is an extreme, but probably not isolated case.
So, what does this have to do with SharePoint?
Well, SharePoint does not rely on SMB file shares. Content stored in SharePoint cannot be accessed by malware via SMB like the content stored on a network drive. That’s one layer of defense.
So, let’s say that an undetected, infected file is loaded to SharePoint. SharePoint can be configured with anti-malware to detect infected content upon creation or modification. There’s a second layer of defense.
Beyond that, say that by some manner the encrypted file got into SharePoint. It would be isolated. The ransomware does not have a connection to SharePoint like it would on an SMB file share. It cannot iterate a directory and encrypt more files.
Additionally, SharePoint allows for versioning of content. So at the very least, the latest good version of the encrypted file can be restored. Not all is lost.
Should SharePoint Replace File Servers?
There are pros and cons to this question. The simple answer is probably no. Files that are very large, archival or largely unchanging are not the best candidates for SharePoint. SharePoint is not a good file storage solution for all those scenarios.
On the other hand, file storage is not the same thing as file collaboration. Shared drives that are used for document collaboration are being replaced with SharePoint. SharePoint provides a better collaborative environment because of the built-in features, such as check out, check in, versioning, publishing, approval flow and rich enterprise search.
Chris Tsouris is the president of Strategic Computing, a Denver based Microsoft Partner founded in 1993.