File-syncing is used in operating systems to perform effective backups. It is also used on dedicated platforms for file-sharing (such as Synchronize It!). Updated files are copied either in one direction for making back-ups, or in two directions for pro-active file-sharing or remote access working. The synchronization is accomplished by software which compares the characteristics of the two files by various combinations of date/size/content. If this comparison shows a difference, the files are updated depending on the criteria. In some systems this is scheduled and in others it is automatically performed. For file-shares, it is extraordinarily effective – though with several vulnerabilities. The most threatening of these are – as always – misuse and human error.
Consumer-grade versions of this are available in the form of cloud-sharing synching like BitTorrent which effectively make the end-points network shares. There has been a dramatic increase in the use of cloud-based file sync-and-share (FSS). This is because with system-based FSS, this takes up vast communication capacity in a network. These applications are used by millions to almost instantly share information in both personal and work-based settings. They are useful for workers who need to be mobile whilst still accessing data and can incorporate the use of portable devices.
In social, peer-to-peer (P2P) networks, devices or computers act as both a client and sever. In business where file-sharing is necessary, the efficient synchronizing of files is essential for data integrity. With the use of Virtual Private Networks (VPNs), it is possible to provide secure access to shared resources for authenticated users outside of the LAN (Local Area Network). The big worry for business is that staff are increasingly using personal FSS facilities to store company information on; this is obviously a cause for concern.
Sync-and-share plays a big part in social media. And social media has started to play a big part in crime. Reported fraud cases in the U.K rose by 89% on the last year. 70% of incidents of fraud are – or have elements of cyber crime. This can range from specific, banking-related I.T breaches, to a growing trend in the U.K of criminals obtaining social media status updates of potential victims to carry out burglaries; an estimated 78% of burglars use information from social platforms according to a report by Friedland .
File syncing (or more correctly in this case, folder-syncing) is also used in the task of creating a backup. This can be scheduled for a specific time, or in real time as alterations are made in the file. FreeFileSync is a popular open-source solution for synchronization.
Folder synchronization can be set up to make a mirror of a file in a master folder which then becomes passive and will wait for changes to be made in the file being worked on. If a master folder is not created, then on many systems this will default to enable a two-way sync (this is a security issue to bear in mind when altering a system for syncing).
There are three ways that syncing can be used to create backups:
- Local to Local: this involves having an external storage device physically connected to the workstation (for the home user, this can be a USB, for example).
- Local to Remote: this uses a remote host that contains the master folder. A FTP (File Transfer Protocol) or SSH/SFTP (Secure SHel/Secure File Transfer Protocol) account is needed for this option. After a target folder is specified the URL will include the the path of this. Any changes to the local folder will automatically be made on the remote one. This is one-way set up.
- Remote to Local: this is the opposite configuration to the last but because FTP cannot support this, SSH/SFTP is needed. This allows synchronization from a remote location.
Whilst synchronization is efficient for creating and updating backups, it doesn’t preserve the history of the the original files, so if this is needed, then manual, scheduled backups will have to be created or a program like ViceVersa is needed which can be set to arrange archives and retain version-specific files in a backup.
An alternative, one-way system for corporate back-up and file-sharing is achieved by a dedicated file server where shared data is stored (or in large environments, this is sometimes a Storage Area Network, or a SAN). For environments with limited network facilities, this can be an external server or cloud facility. This synchronization is achieved in a single direction with the data storage waiting passively to be updated. Security is maintained by file system permission, which varies depending on the operating system parameters enforced by the Administrator.
File backups are obviously essential for restoration in case of data-loss, though may also be required for an integrity check in the course of a review or legal investigation. In this instance, information such as the date a file was created and last accessed can be vital to checking that it has not been altered. Because the storage of all previous versions amounts to a great use of memory, compression is used.
Vulnerabilities of FSS
As mentioned, social media is becoming a widely used tool in crime. Does a user really want to post: HEY, we’re all out at the bar having a great time! ? This is almost like inviting the criminals into a home. The other aspect is the use of social media platforms via personal devices for commercial file-sharing. It would be presumed that professionals would not be so foolish as to do this. Apparently 68% of those surveyed admitted to regularly doing just this: in a 2014 survey by Fiberlink, over 50% of people reported uploading business data to cloud services like Dropbox and iCloud. The biggest mistake made by some users in this scenario was creating links in browser search box, so leaving URLs on the respective search engine; this is certainly file-sharing in a big way! With increased use of hand-held devices, logic dictates that since this survey, this figure would have increased…
Besides malware such as worms, a growing number of other extremely damaging infections can now detect and infect network shares (including cloud storage). How would it be to go into the office one morning and find that because of unsafe sharing, you were responsible for letting in ransomware, and that this had encrypted all the company’s accounts?
Training and implementation of protocols must be done in commercial settings if file-sharing is vital. This should be done on a closed network if possible on company devices with no social access. If remote FSS is required, then this should be configured with maximum restrictions that still allow vital tasks to be carried out.
Safe ways to backup
Commercial file-syncing is vital for backing-up. In businesses of any size, the administration of sorting though un-synced files would put commerce back by a two decades. However, if FSS is NOT needed remotely, then a synced backup routine can be put in place Local to Local for maximum security. If outside data storage is used, then the security of this is in the hands of a third-party, providing an extra possibility of compromise. The safest way for the home user to backup is also locally, and using a program like FreeFileSync is a good option. In conclusion: file-syncing is integral to business, and can be useful to the private user, though it should be applied with security in mind.