Starting December 1^st, 2023, Jamaican businesses will be officially held liable for privacy violations under the Data Protection Act.

Passed in June 2020, the Data Protection Act provides guidelines on how personal data should be handled in physical or electronic form. All businesses that manage customer data must familiarize themselves with the rules of this act in order to ensure compliance.

One of Jamaica’s leading cybersecurity providers, Symptai Consulting, urges companies to not take the Act lightly and to make actionable changes to their data processes as soon as possible. Despite common barriers in Jamaica like the shortage of IT personnel and the global competition to find such professionals, business owners need to heed on the side of caution.

Ensuring compliance is expensive

In order to meet the requirements of the Data Protection Act by the beginning of December, companies can expect an escalation in the amount of effort, know-how and cost for data handling.

Some companies will choose to hire a Data Protection Officer or person of a similar role to lead the company towards a complaint solution. This addition would be a high cost and would require an efficient on boarding. Other businesses will choose to work with their IT team to implement an improved – or even brand new – IT system and framework. Most companies will also need to educate their employees on safe data privacy practices to ensure compliance. Whatever measures companies take, it’s a lot to accomplish in a little over 2 months.

But what if there was another, faster option?

Move to a private, on-premises cloud

Nextcloud provides companies the opportunity to keep all their data on their own servers, essentially providing their own cloud. This means no data leaks to external parties and thus a massive reduction in compliance issues and complexity.

When you store, share and work with your data on your own premises, you are in control. Everything you do is safeguarded, remaining in your jurisdiction and under the policies of your IT department. This means satisfying data privacy laws becomes massively easier.

For organizations in Jamaica, implementing Nextcloud would eliminate many of the issues, costs and efforts described above. Not only will your company or organization be complaint according to the Data Protection Act, but you’d also benefit from:

• All data on-premises, on your own server(s)
• Full Content Collaboration Platform in a single platform including
  • Nextcloud Files for file storage, sharing and collaborating
  • Nextcloud Talk for secure video calls and chats
  • Nextcloud Groupware for email, calendar and contacts
  • Nextcloud Office for document, spreadsheet and presentation creation, editing and collaboration
  • Nextcloud Deck for task management and organization
  • Nextcloud Notes for secure note-taking, sharing and collaboration
  • And more! Plus access to all the apps on our App Store, integrations with technology from companies like Microsoft, Slack, Pexip and more!
• Migration by a team of Nextcloud experts
• Customization to your own brand
• Ability to scale thousands of users
• NEW: AI functionalities, apps and integrations that are ethical, open-source and integrated throughout our platform in Nextcloud Hub 6!

There is room to take advantage of all the possibilities with Nextcloud while you can rest assured you are following the new guidelines set by the Data Protection Act.

Be on the forefront of data sovereignty

Nextcloud is currently leading the way towards a future where more and more companies have the ability to become data sovereign.

Join thousands of other governments, municipalities, companies and organizations who’ve already taken back control of their data.

See how others are becoming digitally sovereign

Learn about the City of Geneva’s path to digital sovereignty

Case Study

Contact one of our experts

Our Sales Engineers and Sales Representatives can help Jamaican companies implement a data sovereign Nextcloud solution right now.

Aaron Martin
Account Manager

Aaron has a degree in Business and Management from Swansea University and 4 years sales experience in the compliance industry, helping clients satisfy government regulations. He is passionate about ensuring that our clients have the most streamlined and efficient solution possible.

Get in touch

Don’t let the new data privacy law uproot your business and current strategies. Rather, focus on directing your company’s energy towards the implementation of a secure and dynamic solution.

Thank you for your interest in Nextcloud!

The post Jamaica looks to Nextcloud ahead of the Data Protection Act appeared first on Nextcloud.

Simple et personnel

Envoyez des fichiers et des dossiers en quelques clics à un ou plusieurs clients. Créez des liens personnels pour qu’ils puissent télécharger des données à votre intention.

Sécurité maximale

Les fichiers sont transférés et stockés en toute sécurité sur votre propre infrastructure, sans qu’aucun tiers n’y ait accès.

Le service informatique garde le contrôle

Le service informatique applique des règles et des limitations concernant les mots de passe et les dates d’expiration, l’accès par IP, le type ou la taille des fichiers, etc.

Comment cela fonctionne-t-il ?

Pour créer un lien de téléchargement, sélectionnez n’importe quel fichier, activez le « téléchargement de fichiers », puis choisissez « Dépôt de fichiers (téléchargement uniquement) ». Lorsqu’il est configuré, il masque tous les autres contenus existants du dossier au destinataire du partage, ce qui permet un téléchargement 100 % sécurisé.

Vous pouvez maintenant partager ce lien avec votre client, partenaire ou utilisateur !

Votre client pourra alors télécharger des fichiers sur votre serveur de manière simple et sécurisée. Lorsque le client télécharge un fichier, vous recevez une notification de nouveaux fichiers dans votre dossier de téléchargement et vous procédez au traitement des données. À la fin, vous fournissez le résultat dans un dossier séparé que votre client peut télécharger en toute sécurité. À tout moment, vos données et celles de vos clients sont protégées par des mesures de sécurité optimales.

Sous votre contrôle

L’administrateur du système peut être certain que toutes les interactions suivent les règles et les exigences définies par l’entreprise en ce qui concerne les mots de passe, les dates d’expiration et, bien sûr, les limites imposées par la fonction de contrôle d’accès aux fichiers de Nextcloud.

Les données restent, à tout moment, sur place, sous l’entière autorité du service informatique. File Drop prend en charge un large éventail de technologies de stockage, notamment NFS, SMB et Windows Network Drive, Sharepoint, Object Storage et bien d’autres encore.

Des liens uniques pour chaque client

Plutôt que de créer un lien de téléchargement aléatoire, vous pouvez également obtenir des liens personnalisés en saisissant l’adresse électronique d’un client, puis en activant la fonction de dépôt de fichiers (téléchargement uniquement). Votre client recevra un email contenant des instructions sur l’endroit où télécharger ses fichiers en toute sécurité et, si vous avez choisi d’en ajouter un, le mot de passe dans un email séparé. Vous pouvez disposer à la fois d’un lien partagé et de plusieurs liens email uniques, chacun avec son propre mot de passe, sa propre date d’expiration et ses propres droits d’accès. L’envoi du mot de passe par email peut être désactivé dans les paramètres de partage de l’administrateur pour des données encore plus sensibles en termes de sécurité, lorsqu’un second canal sécurisé (comme un appel vidéo sécurisé) doit être utilisé pour l’envoi du mot de passe.

The post File Drop – Échange de fichiers pratique et sécurisé pour les entreprises appeared first on Nextcloud.

Dans ce blog, nous décrivons comment l’organisation à but non lucratif Sea-Watch utilise une plateforme de collaboration souveraine en matière de données et pourquoi celle-ci est indispensable à son travail.

À propos de l’ONG Sea-Watch

Sea-Watch est une association à but non lucratif qui se consacre au sauvetage civil en mer Méditerranée. Face à une catastrophe humanitaire en cours, Sea-Watch apporte une aide d’urgence. L’ONG demande et, en même temps, impose les missions de sauvetage par l’intermédiaire de l’institution européenne responsable. Sea-Watch s’engage également publiquement en faveur de voies de migration légales, de la liberté de circulation et d’une Europe fondée sur la solidarité.

Le travail des 130 employés et des 500 bénévoles de Sea-Watchs implique des opérations de sauvetage et des activités humanitaires. Ils documentent les droits de l’homme et les affaires juridiques, s’efforcent d’informer le public sur la crise humanitaire en Méditerranée et interviennent largement dans les affaires politiques.

Souveraineté des données avec Nextcloud

En tant qu’organisation d’aide humanitaire et d’activisme, la protection et la confidentialité des données sont vitales pour la sécurité de toutes les parties concernées. Lors de la recherche d’une solution cloud, la souveraineté sur les données et la sécurité des données étaient essentielles.

Leurs employés travaillent dans le monde entier, de sorte que le travail à distance et la collaboration font partie de leur vie professionnelle quotidienne.

Avec Nextcloud, les employés et les bénévoles disposent d’un espace central pour stocker, partager et travailler sur des documents qui sont hébergés sur le serveur de Sea-Watch. Ils utilisent également :

• Nextcloud Polls pour la collecte de données
• Nextcloud Forms pour les sondages
• Keepass (un gestionnaire de mots de passe open source) pour les équipes / départements

Mise en œuvre technique

L’équipe informatique du navire a déployé Nextcloud sur un serveur dédié en utilisant une image Docker fournie par Nextcloud, avec Office sur un deuxième serveur. Un outil personnalisé utilisé pour synchroniser les fichiers avec Nextcloud à bord des navires a provoqué une avalanche de cookies de session, parfois plus de 30 millions entre deux exécutions de tâches cron. Une reconfiguration de la gestion des sessions dans Nextcloud a permis de résoudre ce problème.

Depuis, l’équipe a migré Nextcloud vers un cluster Proxmox à 3 nœuds sur lequel les identités, Nextcloud et Office ainsi que d’autres services sont gérées. L’infrastructure est sauvegardée avec Proxmos Backup Server sur un autre site.

Perspectives d’avenir

L’équipe s’agrandit constamment, et Nextcloud est devenu l’outil commun qui offre de nombreuses fonctionnalités extrêmement importantes pour leur travail quotidien.

Nextcloud est heureux que Sea-Watch puisse mieux fonctionner en tant qu’organisation à part entière grâce à des fonctionnalités plus sûres et plus efficaces.

Si vous souhaitez en savoir plus sur Sea-Watch, sa mission et son travail, veuillez consulter son site web.

The post Plus de 500 utilisateurs de l’organisation à but non lucratif Sea-Watch utilisent Nextcloud pour la confidentialité des données appeared first on Nextcloud.

Dans ce blog, nous décrivons comment l’organisation à but non lucratif Sea-Watch utilise une plateforme de collaboration souveraine en matière de données et pourquoi celle-ci est indispensable à son travail.

À propos de l’ONG Sea-Watch

Sea-Watch est une association à but non lucratif qui se consacre au sauvetage civil en mer Méditerranée. Face à une catastrophe humanitaire en cours, Sea-Watch apporte une aide d’urgence. L’ONG demande et, en même temps, impose les missions de sauvetage par l’intermédiaire de l’institution européenne responsable. Sea-Watch s’engage également publiquement en faveur de voies de migration légales, de la liberté de circulation et d’une Europe fondée sur la solidarité.

Le travail des 130 employés et des 500 bénévoles de Sea-Watchs implique des opérations de sauvetage et des activités humanitaires. Ils documentent les droits de l’homme et les affaires juridiques, s’efforcent d’informer le public sur la crise humanitaire en Méditerranée et interviennent largement dans les affaires politiques.

Souveraineté des données avec Nextcloud

En tant qu’organisation d’aide humanitaire et d’activisme, la protection et la confidentialité des données sont vitales pour la sécurité de toutes les parties concernées. Lors de la recherche d’une solution cloud, la souveraineté sur les données et la sécurité des données étaient essentielles.

Leurs employés travaillent dans le monde entier, de sorte que le travail à distance et la collaboration font partie de leur vie professionnelle quotidienne.

Avec Nextcloud, les employés et les bénévoles disposent d’un espace central pour stocker, partager et travailler sur des documents qui sont hébergés sur le serveur de Sea-Watch. Ils utilisent également :

• Nextcloud Polls pour la collecte de données
• Nextcloud Forms pour les sondages
• Keepass (un gestionnaire de mots de passe open source) pour les équipes / départements

Mise en œuvre technique

L’équipe informatique du navire a déployé Nextcloud sur un serveur dédié en utilisant une image Docker fournie par Nextcloud, avec Office sur un deuxième serveur. Un outil personnalisé utilisé pour synchroniser les fichiers avec Nextcloud à bord des navires a provoqué une avalanche de cookies de session, parfois plus de 30 millions entre deux exécutions de tâches cron. Une reconfiguration de la gestion des sessions dans Nextcloud a permis de résoudre ce problème.

Depuis, l’équipe a migré Nextcloud vers un cluster Proxmox à 3 nœuds sur lequel les identités, Nextcloud et Office ainsi que d’autres services sont gérées. L’infrastructure est sauvegardée avec Proxmos Backup Server sur un autre site.

Perspectives d’avenir

L’équipe s’agrandit constamment, et Nextcloud est devenu l’outil commun qui offre de nombreuses fonctionnalités extrêmement importantes pour leur travail quotidien.

Nextcloud est heureux que Sea-Watch puisse mieux fonctionner en tant qu’organisation à part entière grâce à des fonctionnalités plus sûres et plus efficaces.

Si vous souhaitez en savoir plus sur Sea-Watch, sa mission et son travail, veuillez consulter son site web.

The post Plus de 500 utilisateurs de l’organisation à but non lucratif Sea-Watch utilisent Nextcloud pour la confidentialité des données appeared first on Nextcloud.

How do computers recognize faces?

Face recognition is a system and technology that matches a human face from a digital image or a video frame against a database of faces.

The idea came about over 60 years ago when researchers tried computing the distances between an individual’s nose, eyes and mouth to determine their identity, but has since been fine tuned to be quite accurate and useful today.

Just like how the brain has neurons which process actions, so do artificial neural networks on a computer. Computerized neurons process and compute data recognizing statistical patterns. An (over) simplified example would go like this: you have a ‘network’ with 5 ‘input’ neurons (where you feed in information) and 1 ‘output neuron’ which shows you the outcome. The network does only one thing: tell you if something is a banana or not!

Each ‘neuron’ has to be told a type of information. Say, you tell neuron 1 the color of the object you have, the second neuron the size, the third its shape, the fourth its smell and so on. Each neuron will, when given information on an object, tell the ‘output neuron’ on a scale of 1-10 if it thinks what it got is banana (like). For example, the color neuron would give a 10 on yellow, 8 on green and brown, 7 on black, but 0 on red. The ‘output neuron’ adds up all chances and at a threshold (it has to learn by itself, one of the great tricks of neurons) say ‘yes, this is a banana’. A neural network that recognizes faces functions a bit similar – yet vastly more complicated.

So you can train neurons to recognize something, but in order to do that you need a large set of data and a large amount of computer resources. That is why it’s taken so long for this type of deep learning to be accurate.

Once the system has been trained, you can then use face recognition to find and tag your family members, friends and more. You can even do object recognition to identify animals, nature and landmarks.

Recognize: A Nextcloud app

Google created and trained several neural network models that are free to use under an Apache license used by many open source projects like Recognize, the Nextcloud app created by Marcel.

To see which models are being used as well as a detailed explanation about how the app works, check out Marcel’s post here.

Recognize goes through your media collection and adds fitting tags which automatically categorizes your photos and music. It can recognize:

Faces from contact photos

Animals, landscapes, food, vehicles, buildings and other objects

Famous landmarks and monuments

Music genres

The downsides and risks

Based on the way the face recognition model works, the model itself is not harmful towards privacy. Face recognition in Reconize happens on your local Nextcloud and your photos aren’t sent anywhere else.

But there are challenges. First, as explained – the models are trained on data. There are issues with where this data comes from and how it is put together. If one were to train a network on images from Instagram, and ask what the life of a human looks like, it’s not hard to imagine that the result would be hopelessly optimistic! Models thus bring the biases in their data with them. A computer is of course not racist or sexist, but models designed to help with hiring people have been show to exemplify these biases because the data used to train them contained these.

Beyond biases, one can ask if it is ok to take data stored for one reason and use it for training AI’s.

Stanford University researchers for example collected and used 10,000 photos from Flickr, which was legal under the Creative Commons license, to share with China’s National University of Defense Technology and an AI company that provided China with surveillance technology. That was likely not what the people who uploaded their photos had in mind.

All in all, when companies compile these large data sets, it’s not known what they will do with the data or if it will be exposed to vulnerabilities. It is important to trust the service you offer your data to and understand their policies on data privacy. And it is important to be aware of the limitations of AI and what it is being used for.

The post All you need to know about facial recognition technology and the Nextcloud Recognize app! appeared first on Nextcloud.

It’s more likely than it may seem.

And Google will do nothing about it.

The story of 2 mistakenly blocked Google accounts

As seen in the New York Times article, two individuals from California and Texas have been permanently blocked from their Google accounts due to a mishap with Google’s automated child abuse algorithms.

The mishap being nude children’s photos intended for a doctor’s diagnosis.

Mark, a San Francisco dad and avid user of Google products, discovered his infant son was in pain in the groin area and immediately scheduled an online emergency consultation due to the COVID-19 pandemic. Mark and his wife were advised by the doctor to take a photo of the affected area in advance and upload it to a medical portal. The photos were taken on his Android Smartphone and were backed up to the Google cloud. Two-days later, the Google algorithm mistook the sensitive photos of his son as child exploitation and his account was disabled.

As a former software engineer, he was familiar with similar algorithms and Mark thought that there would be someone who would intervene and he’d get his account back, no problem.

He was wrong. Even after explaining his situation in a follow-up form, Google responded that they would not return the account, with no further explanation.

In an almost identical incident, Cassio, a Houstan, Texas dad who was in the middle of buying a house, also was requested to take a photo of his sick son in an intimate area. He too took the photos for the doctor’s diagnosis on his Android phone which was synced to Google Photos, sent to his wife via Google Hangouts and ended up in the same misconstrued situation.

The consequences

Mark quickly realized the true detriment of the situation, like a domino effect.

Without access to his Google accounts, he lost his:

Gmail email

Contact list

Photos on Google Photos

Music

Phone number and carrier with Google Fi

Security codes for other Internet sites

Most of his digital life …

This everyday family man got locked out of most of his digital life that he’d acquired for over a decade.

Think about how this affects his personal life, family, job, career and more. All the information is intertwined and traces back to each and every Google product.

As such a loyal Google customer, you’d think the company would have at least looked into his case and reinstated all his accounts. After all, he did nothing wrong and was merely at the fate of an algorithm.

From account blockage to police investigation

In both cases, their “violation” against Google’s policies turned into a police investigation, at first without their knowledge. However, both were dismissed after a simple explanation. It was clearly an instance where they got caught under a false trap.

However, even after the police got involved and both cases were proven innocent, Google was not willing to re-activate their accounts or return their data. Both individuals, who for years have relied heavily on Google’s applications, were punished by a big tech corporation for something they were not guilty of.

Story takeaway’s

Nextcloud has written about this in the past, and now that it’s hit mainstream news, it’s even more relevant and a critical call-to-action than ever before.

1) Don’t take privacy for granted

Using Google Photos for instance is very simple for the everyday user, but unfortunately you’ll pay the price in privacy. And this can have consequences, even if you think you have “nothing to hide.”

It’s important to come to the realization that we live in a world where even your most private parts of life could become public and be used against you, at no fault of your own, and have dire consequences.

2) Big tech does not care about you

As seen in this story, even after such a highly publicized event, Google to this day has not rightly owned up to its faults and downfalls. Surveilling thousands of accounts with the intention of protecting children against exploitation is justified, however when the system fails there should be alternative procedures in place. Google does not return accounts even after a case was proven innocent, even for being a loyal customer, or for any other matter. Why? They are more concerned about following government regulations and making money. Truth is, the individual is not protected.

3) Never put all your eggs in one basket

For the victims of this case, both used Google products and services for the better half of their daily lives. To do that with any company is never wise, as you can never predict the consequences of what could happen. Read more here.

Do you really want to worry about what you save on your not-so-private photo album? Is it worth the possibility of wrongly getting turned into the authorities? How about losing all your data for good?

There’s a lot of wrongful and unfair play currently happening at Google and I’m sure you don’t want to get on the wrong end of the stick. Turns out, it really can happen to me and you.

The post NYT reports: Google offers no recourse for mistakenly blocked accounts appeared first on Nextcloud.

Danish Data Protection Agency (DPA) bans Google Chromebooks

The ban was finalized this summer based on the concerning results of a risk assessment the DPA ordered last year. It proved that children’s data was not kept safe by Google and that the processing of personal data on Chromebooks is an infringement of several articles of the GDPR.

After the DPA’s decision, the Mayor of Helsingør, Benedikte Kiaer, took immediate action by formulating a plan to replace 8,000 Google Chromebooks. However, IT experts estimate this could come at a significant expense to the municipality, costing near 30 million DDK.

IT Professor advises solution

Luckily, there is another option.

That is, a Professor of IT and Pedagogy at Aarhus University, Jeppe Bundsgaard, has called out for all municipalities to switch to open-source solutions instead. He believes the installation of free Linux systems on the school’s Chromebooks would be cost efficient, and relatively easy to set up.

Not only that, but the benefits of replacing the current Google operating system would greatly outweigh its limitations and skepticisms.

Benefits of switching to open-source

1. Significantly less security problems

No longer would the schools be at risk of Google’s data harvesting and transferring of data to unwanted sources like US authorities.

“… first and foremost, the transition solves the problem that is the basis of this whole discussion, namely that municipalities use programs that share data with the US intelligence service and probably also use them for product development and marketing. »

– Jeppe Bundsgaard

2. Less expensive bills

Open-source solutions are free to use, and the implementation of the new system would be much less costly.

3. Not overly complicated to replace

« It’s quite a simple operation to do if you have a little technical ingenuity. And if you have to do it with a thousand computers in a municipality, you could probably figure it out. »

– Jeppe Bundsgaard

4. No conflict with the GDPR in the EU

The fact that Google Chromebooks and Workspace infringe upon several Articles of the GDPR will not disappear. In fact, if the municipality continues to use these products and ultimately break the DPA’s order, they could risk a multi-million dollar fine of roundabout DKK 16 million.

5. Schools can still use all the same systems i.e. Aula, Meebook, Outlook, etc.

Because most programs are almost all in the cloud and browsers can go online, this shouldn’t be an issue.

6. No dependencies

Researcher in data protection law at the University of Southern Denmark and member of the Data Ethics Council, Ayo Næsborg-Andersen, criticizes the dependency issue and having no plan B.

“The case illustrates very convincingly how dependent you become on a particular technology once you have introduced it. (…) Products that at first glance seem to be practical, easy and cheap solutions may turn out to be useless because they do not comply with the rules. And then you have a problem if you have adapted your entire system to these products and have no plan B, » said Ayo Næsborg-Andersen.

Furthermore, big tech giants create a lock-in strategy that keeps customers “locked” with them under the false assumption that there are no alternatives.

7. Empowerment

Having no dependencies when switching to open-source ultimately empowers the customer. The code is open to everyone and the customer has the freedom of options.

« It’s a bit difficult to switch over, but as soon as you’re there, you’re going to have a higher degree of power over the way you do things, and you’re not constantly pushing the boundaries of what’s legal in terms of sharing data. »

– Jeppe Bundsgaard

For independence and future of the economy

For both digital sovereignty and the future of the economy, Jeppe Bundsgaard strongly encourages the public of Denmark to follow the recommendations of the EU’s Open Source Software Strategy: avoid the products of big tech giants, and move to an open-source solution.

Google loves to keep customers in its ecosystem while on the other hand not caring for its customer’s individual needs, as seen in this case. Due to the pressing issue, the tech giant is in conversations with the municipality to overcome its problems, but until they change their data processing and transferring policies, their products and services will still unduly infringe upon the GDPR.

The post Schools in Denmark look toward open-source solutions after DPA bans Google Chromebooks appeared first on Nextcloud.

Today’s blog highlights five Nextcloud features that provide the utmost security. Nextcloud provides its users with dozens of data privacy features, however we’re providing it to you in chunks.

Monitoring

To keep your files safe, you should know what is happening to them. Nextcloud has a number of ways that help users keep an eye on their files.

How to monitor your files with Nextcloud:

• Track file activity – Have a clear overview of changes like newly added or deleted files in shared folders, recent edits, downloads, new comments from other users or tags, and more!
• Add more monitoring capabilites with Nextcloud apps: Activities for shared file downloads which lets you trackdownloads of your shared files, and Quota Warning which sends notifications to users when they reached 85, 90 and 95% of their quota. See more in the Nextcloud App Store.
• The Server Information app allows admins to monitor the state and performance of a Nextcloud server installation. It shows some basic statistics and gives access to data through an API endpoint which enables it to connect to.
• Industry standard tools like Splunk, Nagios and openNMS. In fact, Splunk and openNMS have support for monitoring Nextcloud systems.
• Auditing Logs allow you to log data in the nextcloud.log file to not only monitor file handling and user management, but prevent against data loss too.

Read more about Nextcloud Monitoring.

Advanced Permissions

Advanced Permissions allow the user to configure permissions on the files they share.

There are several types of permission options that make your files more secure like:

• Setting permissions on a shared file to: read, create, edit, and / or upload.
• Watermarking confidential documents to make it harder to steal data
• Enabling a password protection or expiration date on a public file or folder
• File-Drop: option to hide the contents of a folder where people can upload files to
• Blocking downloads so the user can view and even edit the shared file(s), but not download them

With all of these features available, users can ensure their files are only accessed the way they want.

Machine learning based suspicious login detection

Introduced back in Nextcloud 16 by one of our developers, you can protect your account through machine learning, which increases security and productivity even beyond our brute-force protection and 2-factor authentification.

Suspicious Login Detection uses a locally trained neural network to detect attempts to login by malicious actors.

The way it works is that the app tracks a series of successful logins for a set period of time, and then uses the generated data to train a neural network. This network essentially learns the patterns of the user: at what time and from what location they usually log in. Once this trained model is formed, the system can detect any unusual or suspicious logins. For example, if a user typically logs into the office at 9AM, and suddenly there is a login from a different city at 11PM, something is off. When such a login is detected, the user gets a notification and can check the logs, potentially concluding in a password change by the user.

Note that Suspicious Login Detection trains and works with local data and does not send data anywhere else!

File Access Control

File Access Control is a feature that enables administrators to limit access to files in accordance to business and legal requirements.

Rather than working on individual files, it creates a definition of rules that block file access, even if an individual user would have shared a file against company policy. File Access Control is configured using Flow, which can also allow an admin or user to perform automatic actions like file conversion, getting notified based on certain conditions, and more.

For example, a company’s HR department normally works with documents only they and management can see. The administrator in this case could create a rule or “flow” implementing the following rule: “PDF files – from the HR department – should not be accessible outside company IP ranges or from outside the HR department or management.” This means specifically that PDF files, from the HR department, outside company IP ranges, will be blocked.

You can set each specific filter as simple or complicated as you wish, as seen below:

If now for instance an HR employee would accidentally share a resume with the entire company, all is fine. When that link seems like it could be accessed outside of management, the HR teams, or outside the company IP range, the rule would kick in and block access to the file.

Another example deals with a more specific and complicated flow, seen below. You set up a flow that only blocks MIME file types of images, that are a member of the admin group, that have a file size less than 5 MB, and that matches a specific IPv4 IP address. If a file access request matches these credential rules, Nextcloud will block access to the file.

There are truly countless options to the flows you can configure which ultimately safeguard your day to day workflow and business.

Audits

Audits are important security and compliance measures that can be used by companies to identify problems, track and dissect the causes of security or data loss breaches, improve efficiency, and instill trust to their partners and customers. They are often legally required and thus it is important that a collaboration platform supports them.

Nextcloud supports an audit log which stores the activities of all users of the system, suitable for review in case this is needed.

Of course, as a company, we also have our own processes and code audits. Beyond that, customers do their own audits or work with third parties on auditing the Nextcloud code base.

One prime example is the code audit conducted by Swiss IT security firm Kyos for the City of Geneva, Switzerland. The results came back with flying colors and added an extra layer of security that could be deeply trusted from the core of the code.

Today’s post just highlighted 5, however we recently posted more security features that bring our users the reassurance regarding all things security.

The post 5 More Things to Keep your Data Safe appeared first on Nextcloud.

When it comes to protecting your data, we want to be your #1 trusted technology and provide you with state-of-the-art, industry leading tools that go beyond today’s technology standards.

Nextcloud offers more security features and benefits than most people realize, and today we want to zoom in on 5 of them.

Remote Wipe

Remote wipe is a Data Leak Prevention (DLP) method that allows a system administrator to remotely delete data from a device. It’s especially useful if your device is lost, has been stolen or when an employee no longer works for your organization.

Due to built-in Nextcloud support, Remote wipe will not only work on systems under the management of a company (MDM), but also on the private devices of employees in BYOD situations or for friends who have an account on your server. Therefore it is also helpful for home users, large universities, and non-profits who often don’t fully control the devices of their users.

2 examples when Remote wipe is essential:

• In a scenario where guest accounts were handed to a third party who use private devices, say for planning an event: when the event is over, you can wipe the documents from the devices of guests you gave access.
• In a situation where an employee leaves the company and keeps their device(s): If you want to make sure an ex-employee can’t access company data, you can utilize Remote wipe and to remove the company data from their devices.

Stolen or lost devices usually catch you unprepared. Therefore, this feature is supported by all official Nextcloud clients, for Android, iOS and desktops. Note that the Nextcloud Remote Wipe feature can only remove data from online devices.

Curious? Watch the video to see how it works:

Video Verification

In situations where extreme security is warranted and the identity of a recipient must be verified with absolute certainty before they are granted access, Nextcloud includes the industry-first implementation of Video Verification in a file sync and share solution.

You might be familiar with this process from the opening of online bank accounts: you have to record yourself or have to have a live session with a human. In both cases, a human has to check your identity before you gain access.

Similarly, Video Verification enforces a Nextcloud Talk video call before access is given to a share, making sure the identity of the recipient is properly checked. The call can be picked up through the Nextcloud Talk Mobile apps as well as the web interface.

At Nextcloud, we want you to feel 100% certain that your data is protected and under your control and jurisdiction.

Private Cloud Security Scan

To help our system administrators assess the security of their private cloud server, we have developed the Private Cloud Security Scan.

Our scan is strictly based on publicly available information, that is, the list of known vulnerabilities relevant for Nextcloud releases as well as any applied hardenings or settings we can scan without having access to the server.

It’s available for free here, just add your server URL.

Security Bug Bounties

Nextcloud protects your security with up to $10,000 in our HackerOne’s Bug Bounty program.

We have partnered with HackerOne because of its extraordinary popularity among IT security professionals. The widely used platform has a global hacking community that uncovers high-risk vulnerabilities fast and which allows us to quickly leverage the collective knowledge of a huge amount of security experts. Over 3,000 hackers have already reported countless bugs for Nextcloud and reaped the benefits.

“Nextcloud’s commitment to responsiveness and putting security first puts them in the best position to attract top hacker talent to continue to supplement the good work their internal security team is doing to protect customers.” – Michiel Prins, Co-founder HackerOne.

Anyone reporting a security vulnerability in Nextcloud can earn up to $10,000, making ours one of the highest security bug bounty programs in the open-source industry!

Learn more in our latest update about the program and read the HackerOne Case Study!

Virtual Data Room

In settings where a strong security firewall is needed between departments or organizations without impeding smooth and efficient collaboration within each team, a separate Virtual Data Room can be set up. Nextcloud offers a range of features for VDR use and its on-premises nature offers unparalleled confidentiality and control.

For Nextcloud, VDR is a set of features to implement the concept of a VDR, with flexibility in the exact implementation. In our next post, you will learn about some of these features!

The post 5 Unique Security Features by Nextcloud appeared first on Nextcloud.

Microsoft tries to lock-in EU CSPs

3 weeks ago, Microsoft announced a new strategy shift with the aim to comply with its steady flow of legal complaints from the EU. The company has stated that it will revise its licensing deals to allow customers to use their licenses on any European cloud provider delivering services to their own data centers.

With this new strategy, EU CSPs (cloud service providers) like IONOS, OVH, Telekom, and AMX will have the ability to host and sell Office 365. Moreover, in our opinion, be subject to a complete lock-in with Microsoft. CSPs will be ultimately tied to Microsoft products and if they eventually decide to move away from them, they would lose their valuable customers.

CSPs will by no means have additional security because the software is not open-source and can thus not be modified, adapted, or improved.

Furthermore, CSPs are also at a risk by offering Microsoft’s software because they will still be in competition with the hosted Microsoft 365 product itself. It’s really not a win-win at all, as Microsoft gleans all the glory, and slowly takes down the smaller cloud providers.

Microsoft can offer all the new programs and principles they want to look anew, but they don’t come close to end the unfair licensing practices and anti-competitive restricting of productivity platforms with cloud services.

Antitrust Complaints against Microsoft

Last summer, and just recently gaining international attention, French cloud provider OVH filed an anti-trust complaint against Microsoft due to the company’s obvious unfair advantage and uneven playing field. Microsoft used its dominance in the industry once again and special licensing deals to intentionally put its own Azure cloud over OVH cloud services, among others in the area.

Nextcloud filed an anti-trust complaint with the European Commission’s Directorate-General for Competition in 2021, regarding similar concerns. Read about our coalition and anti-trust case here.

Microsoft continually contributes to the phenomenon of platform capitalism, as well as toying with making itself a monopoly. They make competing with other SaaS services near impossible when their cloud OneDrive and collaboration platform Teams are the default platforms in Windows. Customers are basically handed a choice that they don’t get to make on their own. Read more here in our blog.

« Through abusing its dominant position, Microsoft undermines fair competition and limits consumer choice in the cloud computing services market. »

OVH Cloud

Even after repeated antitrust complaints against them from across Europe, the company is still moving in the wrong direction.

A better outlook for CSP’s

In conclusion, all European cloud service providers should be hesitant if confronted by Microsoft to strike a deal, as their interests and values are indeed not shared.

CSPs are much better off without them.

The post EU cloud providers subject to lock-in with Microsoft due to new strategy appeared first on Nextcloud.