"How do you guys handle large file transfers without users resorting to email attachments or insecure workarounds?"
Posted by kiritoova20_10@reddit | sysadmin | View on Reddit | 243 comments
Pretty much the title.
For reference I'm currently using Beam Transfer (.org). But I have been wanting to find some more Tools in case Beam Transfer somewhat doesnt work anymore.
skreak@reddit
What do you consider large? 4mb, 4gb, 4tb, or 4pb? Sometimes a multi terabyte transfer is just easier via FedEx.
TexasVulvaAficionado@reddit
Yep. We just sent about 20TB to a site from corporate with the ol "hey aren't you heading to that site tomorrow? Take this box too and hand it to Steve when you get there. Don't fucking drop it." Eight hour drive later, NAS is at the site and a few hours later, it is up and running...
Wolfram_And_Hart@reddit
Sneakernet is still the most reliable protocol.
duane11583@reddit
avian carriers too:
https://datatracker.ietf.org/doc/html/rfc1149
dedjedi@reddit
"never underestimate the bandwidth of a 747 full of dlts"
DaChieftainOfThirsk@reddit
....I'm imagining how they got the station wagon into the cargo hold... many wacky stunts are streaming through my mind...
flummox1234@reddit
Not at these HDD prices. :P
MrJingleJangle@reddit
I remember it as a bootload of tapes, but, whatever the adage, the sentiment applies. Even when it is one bloke carrying a 8mm tape from the UK to Russia back in the 90s.
Remarkable_Tomato971@reddit
SneakerNet
kiritoova20_10@reddit (OP)
Up to 800GB
themisfit610@reddit
Aspera is the solution here.
kiritoova20_10@reddit (OP)
We'll look into it, thanks a lot!
cioncaragodeo@reddit
Sharefile
Kuipyr@reddit
Requiring the recipient to create an account is pretty shitty.
1999animalsrevenge@reddit
There are settings to not require an account - far less secure obv
TheBros35@reddit
There’s a middle ground too, where you don’t have to make an account, but you still have to verify with a code sent to the recipients email. Still verifies them but less of a hassle for the customer.
boot_strap_@reddit
Is this on ShareFile? Our SF admin centre doesn't seem to have this listed as an option :/
TheBros35@reddit
I’ll have to look this week, I’m not the main SF admin where I work. But we recently switched to this option being available for users.
boot_strap_@reddit
True but if one uses the Outlook plugin it automatically creates accounts for everyone in the "To" field. Saves a lot of time.
UrbyTuesday@reddit
hear hear!
cioncaragodeo@reddit
We need to control who can download the files and prove it by access as we're a regulated industry. It's a requirement for us.
kiritoova20_10@reddit (OP)
Sounds logical
patmorgan235@reddit
Do you use Google workspace or m365/SharePoint online? Same thing.
kiritoova20_10@reddit (OP)
Thanks a lot! That looks great! - You help us a lot!
Kryavan@reddit
We also use ShareFile. It works well enough, very little hassle.
TheBros35@reddit
+2 for ShareFile. Easier for non technical users to download from than Sharepoint in my experience. And has a good Outlook plugin.
UrbyTuesday@reddit
has nobody vibe-coded an Outlook plugin for Sharepoint/OneDrive? or is there an official plugin I don’t know about? seems like a no brainer to have something that would auto convert files to links or something. same way the adobe add in tries to push everything from their cloud link…
cioncaragodeo@reddit
This is our primary reason. Our primary download users are non technical clients outside of our org. Sharefile is easy enough the email instructions we send avoid a phone call and we can set the permissions around who & how long it can be accessed.
ScrambyEggs79@reddit
Yes - use a 3rd party service for file sharing outside of your org.
boot_strap_@reddit
+1 For ShareFile.
Big-Minimum6368@reddit
SneakerNet or IPoAC
cacheclyo@reddit
IP over Avian Carriers with 800GB sounds like a horror movie for the poor birds.
Sneakernet honestly isn’t the worst answer though. If you’re moving 800GB inside the same building or campus, a decent SSD in a USB-C enclosure is often faster and less painful than trying to babysit some flaky upload for hours.
Across sites though, I’d stick with something like Beam or a proper managed file transfer setup. The “walk a drive over” trick stops being funny when the drive is in another country.
Big-Minimum6368@reddit
IPoAC at that scale isn't a walk in the park from the admin side either. log cleanup is a nightmare
SevaraB@reddit
First, why the hell are people passing around copies of 800GB of data instead of accessing it remotely at its living place in, say, Amazon S3 or Azure Blob Storage (at that file size, binary storage is your only option)? Thats 6.4 terabits of data- that’s going to grind most small business networks to a halt or take so long to transfer that someone will have to be assigned just to monitor it and make sure the transfer doesn’t stop…
donrosco@reddit
https://www.liquidfiles.com/
Best software, heavily used and never makes a fuss. Cheap, you can get an unlimited user license for about 6 grand where competitors are looking for 15 quid a month or whatever. I’ve installed it or administered it in a bunch of places, it’s always loved which I don’t think I can say for any other piece of enterprise software.
pmandryk@reddit
Used it years ago. Did they ever add Modern Auth?
InternalServerErr500@reddit
2nd Liquidfiles as I did in another comment here. It's fantastic, constant development releases, it just works, users love it, and ITS CHEAP AS HELL.
harrythefurrysquid@reddit
We use this, too. Almost the definition of good, traditional software that just works (TM).
I installed it years ago in our then-small startup, and other than one major upgrade that required a migration, it's just ticked along keeping itself up to date and doing its job. No complaints at all.
Alyred@reddit
+1. Fantastic system and great process flows. We use LiquidFiles and had several other agencies glom onto it after they saw how easy it was. We eventually had to kick them out and tell them to get their own because they were sending 20 gig files through it to people that weren't us.
Diseased-Imaginings@reddit
same. and for a smaller organization, it's cheap as hell. 20 user license is only 200ish per year.
pmandryk@reddit
We used to used Liquidfile but they didn't keep up with Modern With, so I was sad to see it go.
Safe_Performer_868@reddit
Webdav maybe.
Demented_CEO@reddit
We quite literally still use FTP for this. A simple process for the user: create a helpdesk ticket detailing what you're transferring and why. We then give you the credentials and instructions to install FileZilla from our Software Center. Send the recipient the link and ask them to download the file(s) within X days. Then, after the time is up, both the FTP folder and account are pruned automatically. Rinse and repeat...
vrtigo1@reddit
Sounds super complicated for the average end user and not very convenient.
Why not just use something like OneDrive, box, etc?
Demented_CEO@reddit
At what point do you draw a line and tell your users they simply have to do something in a proper way? Our email transport rules prohibit attachments of certain types and beyond a certain size. We then have SharePoint, which our users can use to share documents, but only from allowed sites to limit internal files from leaking.
So, by the time a user posts on our #helpdesk channel in Slack, they're already doing something that requires vetting. We ask the questions and if the user provides a legitimate reason for sending a 3rd party files that couldn't be attached to email or shared from SharePoint, then go download FileZilla, login with X and Y, and have fun.
And P.S., if your recipient doesn't download all this in 7 days, it'll be automatically deleted and the FTP account stops working. That means you have to do this all over again! So, make sure you get your recipient to hasten their processes, since we're not interested in hosting files on an FTP server for an indefinite amount of time.
Everyone wins in this scenario. GDPR is complied with, legal is happy. Users aren't blocked. Whoever needed the files from our company has a reasonably simple way to get them without having to create accounts with a 3rd party, etc.
vrtigo1@reddit
Except instead of following that complicated process, a user will pull out their credit card and get a personal Dropbox subscription to totally subvert your processes and governance.
pitiless@reddit
Firstly your systems should be setup to prevent exfiltration of data and so this should be impossible.
If somehow the user bypasses this then they get a visit from opsec, HR and are quite likely shown the door.
Of course this assumes a level of competency on behalf of whoever setup these systems...
Demented_CEO@reddit
Yeah, that sounds like a lawsuit at that point and a firing at a minimum. Legal would have a field day with that kind of user...
redex93@reddit
Legal are the ones who'd be doing jt
vrtigo1@reddit
Sweet summer child…
VortechSCMarauder@reddit
I guess I'm getting old, but it makes me laugh to think that FTP is "super complicated" for people.
graph_worlok@reddit
For what it is, it is. And also older than “the internet”
(To be clear - I am talking about the underlying clusterfuck of the protocol which generally isn’t exposed to the user. Unless they or the server are behind NAT and it breaks things )
If you know exactly what I’m talking about, don’t forget to schedule your colonoscopy.
kiritoova20_10@reddit (OP)
Thank you! But for me this sounds very complicated. Is there a tutorial out there?
Demented_CEO@reddit
We use an isolated Linux VM for this purpose, you can use pretty much anything from Ubuntu to Rocky Linux. I'd recommend checking out some instructions like: https://ubuntu.com/server/docs/how-to/networking/ftp/. The actual storage can be an NFS mount from a NAS if you'd like, it's up to you and how your environment is set up. To add users, just create a new user with permissions to read/write in their designated folder.
kiritoova20_10@reddit (OP)
Thank you! We will see what first our needs best.
apophis27983@reddit
Regular ftp is not secure OP. Use SFTP.
kiritoova20_10@reddit (OP)
Thanks, but there were a few people that said that FTP is allowed but SFTP not? In the EU at least?
cuppachar@reddit
Did they tell you why SFTP is not allowed in Europe, or were they just spouting shit?
apophis27983@reddit
I'm really not sure.
WantDebianThanks@reddit
I hope you're not using vanilla ftp
AnnoyedVelociraptor@reddit
Is here a kinky ftp?
reddit-trk@reddit
This is a wild guess, but they probably used latex when writing the ftp protocol. That's pretty kinky in my book. 😂 😂 😂 😂 😂 😂 😂 😂
PonderStibbonsJr@reddit
Yeah, the feather tickling protocol. It's how you convince the pigeons to carry the USB sticks.
ouchmythumbs@reddit
Offshoot of RFC 1149
1cec0ld@reddit
Free To Play
MCSSniper@reddit
PLEASE PLEASE PLEASE PLEASE
MCSSniper@reddit
Lmk if you find it.
Fragrant-Hamster-325@reddit
He works for the government, sftp is pending evaluation.
progenyofeniac@reddit
Is that a joke? That EU governments approve FTP but not SFTP?
lethargy86@reddit
yes
progenyofeniac@reddit
Oh my god. My trauma is coming back from working in US healthcare where faxes were HIPAA-compliant but many places did not consider encrypted email to be so.
ihaxr@reddit
Most places did that because they did not want to update their severely outdated workflows to include the hundreds of different ways secure emails come through or change their integration with the fax system.
My company always had a barcode on all documents, so once a client would fax it back, the barcode would be read and automatically processed by the department the form is for. Some workflows would even read the client's name and automatically associate the document with their account.
That level of automation is much harder when some secure message systems require you to download an HTML file and enter a password into a form.
graph_worlok@reddit
CSV. So much CSV.
SikhGamer@reddit
I can't tell if you are trolling.
How is this easier than sharing on sharepoint/363/onedrive/whatever?
astral16@reddit
This has to be a joke.
astral16@reddit
Are you fucking kidding me.
Turdulator@reddit
Please at lease use sftp… at the bare minimum.
mercurygreen@reddit
Last place had an IP filter on our SFTP service - you could only access the file if you were coming from the right location. And passwords on the compressed file, etc. Layers and layers...
tscollins2@reddit
Globus
mercurygreen@reddit
SharePoint on 365 for us.
Spraggle@reddit
This. It's trivial to create a folder called "shared" so you can easily remember which files need to be kept so you're not disrupting other people's files, and then use the share feature to manage access.
FearlessAwareness469@reddit
We use client drops and tell the user don't share folders they aren't supposed to have access to
Senkyou@reddit
I distribute hundreds of USBs drives to my users and tell them to facilitate file transfers physically with clients to avoid hacking.
jaffster123@reddit
You could cut costs and just have users store the data on their mobile phones. Many employees will have 256/512GB storage on their iPhones; plug in via USB and you've got a free USB drive.
Public_Warthog3098@reddit
You mean you don't block usb flash drives? Lol
Senkyou@reddit
They're block storage, yes.
TheIntuneGoon@reddit
This is very amusing
Senkyou@reddit
Lol I'm glad. I am a grown man literally giggling to myself in amusement at each comment I write in this post.
sexydadee@reddit
You're not a grown man, you're just a groan man
Public_Warthog3098@reddit
Stop being a bully
TheIntuneGoon@reddit
Same here honestly lol. I appreciate a silly ass moment
hobovalentine@reddit
What happens if an employee loses one of these usb drives?
Senkyou@reddit
It's fine, I put a README in each USB's root with a legal disclaimer and trojan to make sure it's never used outside of intended scope.
hobovalentine@reddit
I hope you’re encrypting these drives at least.
You can enforce bitlocker on external drives via gpo so in case a drive is lost it’s going to be very difficult for the average person to crack the encryption.
Senkyou@reddit
I heard that some states and countries were considering banning encryption, so I'd been holding off pending legislature.
chipredacted@reddit
Encryption just takes up CPU time anyways. More cycles for real work
fresh-dork@reddit
sharepoint is solid. granular access control, easy links. i'm not a MS fan, but it works.
fuck teams.
the_wookie_of_maine@reddit
yes. fuck teams.
Want to search something simple....no.
mercurygreen@reddit
Teams is terrible. I've had to write a script to update it because some versions don't update correctly.
tdressel@reddit
Ditto here.
ElectroSpore@reddit
Sharepoint will not work for OPs requirements.
https://learn.microsoft.com/en-us/office365/servicedescriptions/sharepoint-online-service-description/sharepoint-online-limits
250 GB - File upload limit. Applies to each individual file uploaded to Microsoft Teams Files tab, SharePoint document libraries, OneDrive folders, and Viva Engage conversations.
250 MB - File attached to a list item. Applies to Microsoft Lists and SharePoint lists - both based on same lists platform.
20 GB - ZIP downloads. Applies to the autogenerated ZIP when downloading multiple files.
north7@reddit
Works great until you have a client/vendor/etc. that is a Google Workspace shop and you have to somehow convince them to to sign up for a Microsoft account, and/or explain to them what a Microsoft account is and oops they actually signed up for one using their Workspace email but they don't know the password or how to reset it and blahblahblah
hobovalentine@reddit
In AAD you have the option of creating guest accounts so it doesn’t matter if they don’t use Microsoft.
Vexxt@reddit
guest accounts are the norm.
sextowels@reddit
For our own tenant I made a dedicated sharing site where the links will expire after 30 days. Anything needing more long term collab can have its own site.
SoftisAloeVera@reddit
I exported multiple mail server and archives for customers. We simply used SFTP via Filezilla.
FelisCantabrigiensis@reddit
We're a Google Workspaces shop so we use Google Drive. You can email things too, then it goes via GMail, unless it's big in which case the gmail client will stuff it into gdrive for you and put a link in the message.
GDrive is approved for all data types that we handle.
Public_Warthog3098@reddit
Do you lock down sharing to external until approved?
FelisCantabrigiensis@reddit
Not for senior tech staff, at least. There's a warning that the sharing is to an external person. I expect it's the same for everyone else in the organisation.
duane11583@reddit
we have a tool called big file transfer we can support gigs
its basically a service that runs on a linux box.
stupid simple an intern wrote it.
you visit the web page any body can it is not protected.
you enter the sender email address and the receiver email address
one of the two (sender or receiver) addresses must be in our company.
you get an email with a link The link is effectively a random GUID link
you visit the link and upload files via your web browser
repeat until all files are uploaded (max 4g per file i think)
when done you click done that notifies the reciever
the receiver gets an email link.
after the reciever downloads the sender gets an email
”the file NAME was downloaded”
after 1 week the files are deleted automatically
i am surprised some body does not do this with an aws/azure service and charge $1 per file
nyckidryan@reddit
Plenty of services do that. 🤣
ArgonWilde@reddit
A torrent with the shared file, and manually add them as a peer 😅
kiritoova20_10@reddit (OP)
But that is actually smart. You don't need to pay for anything and there is no limit, right?
Choice_Dimension_269@reddit
tar huge file in smalller chunks then sftp
AdInevitable8483@reddit
Hosting nextcloud have unlimited large storage
The_Koplin@reddit
We have Nextcloud self hosted and users can use it like Dropbox etc.
kiritoova20_10@reddit (OP)
Sounds quite nice, but aren't the Server costs a bit high?
dustojnikhummer@reddit
What server costs? A salary of a guy maintaining a Linux VM?
The_Koplin@reddit
I have a virtual server, not a physical box. It’s an open source project with a dedicated install or even just a container. The only real cost is storage.
Aggravating-Sock1098@reddit
Nextcloud is not that heavy to host yourself. We use it in combination with Sendent so that users can simply share large files with their Outlook Client.
https://sendent.com/nextcloud-exchange-connector/
kiritoova20_10@reddit (OP)
Thank you! The Problem being that my Boss doesnt really want to pay for a Server at all, so I have been searching for a Tool for lange file Transfers without needing Our own Server.
finallygrownup@reddit
I’ve done nextcloud and owncloud. They’re easy and fairly cheap to host. We settled on 365 though to be honest.
Aggravating-Sock1098@reddit
Install it as a Virtual Machine on an existing server or desktop. No need to purchase a server.
kiritoova20_10@reddit (OP)
I looked into it and These are actually quite cheap für there price, thank you!
Bogus1989@reddit
yeah, its good enough lots of guys even run it in homelabs…
iama_bad_person@reddit
This is what we use. Cheap VM with large storage disk attached. Nextcloud SSO'd to Azure, upload file to a folder and share that folder for a specific time perioud, can even password protect it. Better still we have it connected to our domain so it's accessed via secure.domain.com so they know it's us.
DaOfantasy@reddit
onedrive
cuppachar@reddit
Don't use somebody else's computer; Set up your own service so you can control it.
SuperScott500@reddit
Sharepoint, Dropbox, Box, OneDrive, Sharefile, Intralinks, etc. i’m so sick of people trying to email 50mb+ worth of attachments. Thats not what email is for.
Smith6612@reddit
A former job I worked at used Google Suite. Anything exceeding 25MB would become just a Google Drive shared file with the recipients added as view-only by default.
vnagornyy@reddit
Nextcloud.
SweetsMurphy@reddit
Used to use Egnyte at my old job. Bit of a learning curve for some users, but widely adopted, nonetheless.
sryan2k1@reddit
ZendTo/Liquidfiles
InternalServerErr500@reddit
Liquidfiles is so fuckin solid and so fuckin cheap.
The biggest con against it was no Oauth2 support, but that comes with the next release in like a month. Otherwise, it's a fuckin rock star in our org. If I took away Liquidfiles from our users they'd fucking riot.
BoggyBoyFL@reddit
LiquidFiles , works very well.
kiritoova20_10@reddit (OP)
What file size Limits are there?
JaspahX@reddit
LiquidFiles is self hosted... so as big as you want.
protogenxl@reddit
And Let's Encrypt ssl management is already built-in
sryan2k1@reddit
Both are self hosted, so, as big as you want.
Admin_Stuff@reddit
ZendTo works great! We use it.
KingDaveRa@reddit
Second ZendTo.
Works very well for us, especially for stuff like Subject Access Requests or the likes.
unauthorizeddinosaur@reddit
2nd Liquidfiles
r3almaplesyrup@reddit
In the Media/Film industry, the standard is usually Signiant or Aspera. Have also seen MASV used.
moffetts9001@reddit
Aspera is great when it works. When it breaks, the IBM support contract pays for itself.
randomlyme@reddit
Built a service based on SFTP.
breenisgreen@reddit
sharepoint works fine. But if we’re talking a half a terabyte mediashuttle portals are great
musiquededemain@reddit
We have a robust SFTP environment and use Globalscape. It's an incredibly versatile and highly configurable file transfer tool.
PoolMotosBowling@reddit
Hosted ftp and M365 tools. (Drive/SharePoint)
Not sure why we still keep the hosted ftp subscription, not my money...
LaffingAtYuo@reddit
Blob storage with short lived SAS key.
Layer_3@reddit
are there any that use branded sites? Ie the url has your domain in it?
boobka@reddit
Depends on your architecture but we started using MoveIT but not the cloud solution
kiritoova20_10@reddit (OP)
Do you mean that you host it yourself?
boobka@reddit
Check this out
https://community.progress.com/s/article/Automation-Central-Architecture-Diagrams
four_reeds@reddit
Globus
kiritoova20_10@reddit (OP)
What are the Limits?
four_reeds@reddit
PS: depending on needs, get in contact with your networking folks and possibly your provider(s). For some science data transfers, network paths have been tailored for the anticipated traffic.
That kind of thing happens far, far above my pay grade and area of expertise.
four_reeds@reddit
I'm not sure. Petabytes of science data is transferred using it. It's basically distributed ftp and offers guaranteed delivery.
KnoxvilleBuckeye@reddit
File Requests from OneDrive/Sharepoint...
We also have JScape MFT - but I find it to be kinda shitty and can't wait to shut it down.
badaccount99@reddit
Sharepoint / Onedrive would be the wrong answer. Super expensive, and just breaks all of the time whenever MS adds new AI stuff to it. There is no standard protocol they have to follow so they keep changing things.
We do SFTP for vendors because it is a standard. There is an entry fee to setting it up, but storage is cheap. We do S3 behind it for vendors and they don't have to deal with AWS, just SFTP which has been around for like 30 years.
For internal users we just let them go directly to S3 with AWS creds, but we support other things if they ask nicely.
Filezilla and hundreds of other clients support S3, GCP drive or SFTP.
Jealentuss@reddit
SharePoint synced location and Teracopy.
flummox1234@reddit
SFTP with ip restriction in the firewall and preferably key based access.
kombiwombi@reddit
Local instance of this:
https://filesender.org/
smoike@reddit
Cool. Not op, but still looks handy
C0mput3rMan@reddit
Check out box.com as they have unlimited storage plans. Pretty nice for external file sharing outside of Microsoft. Could be well worth it depending on use-case for the company.
DogThatGoesBook@reddit
How big is big? We have users transferring PBs via Globus
Fragrant-Hamster-325@reddit
OneDrive and SharePoint
Neuro_88@reddit
How do you do this magic?
Swimming_Office_1803@reddit
What magic? OneDrive even has a “request files” option that works great.
https://support.microsoft.com/en-us/office/create-a-file-request-f54aa7f8-2589-4421-b351-d415fc3b83af
Simple-Kaleidoscope4@reddit
Depends on context
End user is SharePoint and OneDrive.
Me doing server admin: Rsync Robocopy
Banks and finance org: SFTP everywhere
jks513@reddit
USB Flash drive and someone hand carries it.
Public_Warthog3098@reddit
Google Drive
hadrabap@reddit
Attachments in Confluence 🤣
Happlord@reddit
Take my angry upvote
Killertigger@reddit
OneDrive and Sharepoint - we are purely an Iffuce 365 shop with a mix of E2 and G3 accounts. We also use Mimecast keyword triggered email encryption (specific keywords anywhere in the email act as encryption triggers) to make email encryption as easy as possible.
fourpotatoes@reddit
Globus is pretty popular in research and higher ed. You can connect your endpoint to your SSO system for free, but using your SSO for accessing the entire Globus ecosystem (i.e. instead of users creating a Globus account or using their OrcID to log in, then logging into the endpoint separately with your SSO) costs unless you're an Internet2 member. Support for guests on your endpoint also requires a paid subscription; connecting as a guest to someone else's collection is free.
daemon_afro@reddit
Internally or externally?
kiritoova20_10@reddit (OP)
Externally
daemon_afro@reddit
You should look for a Managed File Transfer (MFT) solution.
https://www.gartner.com/reviews/market/managed-file-transfer-mft-software
This way there’s a process for sharing files externally, logging for audits, and other features.
Lock everything else down to prevent data leaks.
People will gripe at first but it’s good for the business. Also is a sign of maturity when working with other companies.
kiritoova20_10@reddit (OP)
Thank you!
daemon_afro@reddit
Good luck!
sfc_scannow@reddit
Kiteworks
notdedicated@reddit
Saw your note about external cloud..
We used Dropbox transfer for a while but it's annoying because it "User X has shared a file with you" which is not what we want, we wanted "Organization has shared a file" but Dropbox no care about this feedback.
We ended up building a really simple one using S3, CloudFront, CloudFront Functions so it runs serverless for our purposes. Ties into cloudwatch logs which feeds to newrelic for reporting and alerting. The AWS WAF runs to keep people who just hammer the login on a ban list. Use pulumi to manage and deploy it + the configurations for files. And it runs within "our cloud" (yes it's AWS but it's ... ours?). Note, the services and the files that go there for sharing are 100% managed by IT so the lack of interfaces isn't a problem for us.
If we had $ we'd have gone with ShareFile or maybe liquid. Who knows.
kiritoova20_10@reddit (OP)
Thank you!
canadian_sysadmin@reddit
If you're on Azure/365, Sharepoint/OneDrive is the pretty easy answer.
If you have extreme files (800GB), I'd give some of those users access to an azure files / blob share.
astral16@reddit
Dude, use One Drive.
kiritoova20_10@reddit (OP)
The thing is that its sensitive stuff and we don't want to share it on an external cloud. The more direct the better. Also we need to sending files of up to 800GB
OrdyNZ@reddit
With OneDrive / SharePoint, you restrict access. Which should be the default anyway.
Then you can add timers, restrict who can share, where they can share from.
800GB is massive / nearly an entire sharepoint though.
Putting data through all these random file transfer companies seems pretty sus.
Neuro_88@reddit
How?
AtarukA@reddit
We use shared dropboxes, OneDrive, wetransfer, mega, SharePoint...
xendr0me@reddit
OP say "800GB" down in the thread, which should have been said in the first line.
https://www.reddit.com/r/sysadmin/comments/1ts909f/comment/ootkm6p/
kiritoova20_10@reddit (OP)
Sorry
OrdyNZ@reddit
If you have 365. All these replies are a nice list of places to block uploading to.
Overdraft4706@reddit
https://payload.app/
StatementOwn4896@reddit
Cryptshare is pretty good
AnonymooseRedditor@reddit
Seen some organizations use OneDrive or one other tool that I’ve seen a lot of specifically around sales, but it works well is seismic https://www.seismic.com
Vel-Crow@reddit
Ms Shop? Onedrive and SharePoint.
Google Shop? Google Drive.
If thise are too open for you- Share file.
ramraiderqtx@reddit
https://massive.io
kiritoova20_10@reddit (OP)
Sounds good!
aardvark_xray@reddit
We switched to MASV over WeTransfer, love it and works very well for non-technical users for both sending and receiving files
gregarious119@reddit
I won’t forgive proofpoint for sunsetting their file share service that went with the email encryption product.
jsellens@reddit
We have a ProjectSend service which we use for passing files back and forth with customers. Controls, tracking, etc. We just run it as another PHP web site on our web servers. We're happy. https://www.projectsend.org/
Strassi007@reddit
Email attachments are limited to 20MB. Personally i would go lower.
File transfer happens via OneDrive/Sharepoint, or in some rare occurrences our hosted FTP server.
ProgressBartender@reddit
Why not ftps or s-ftp?
Strassi007@reddit
Sorry, did not elaborate further, since i thought no one is using base FTP anymore. We use SFTP.
troywilson111@reddit
Self hosted Copyparty.
BolaBrancaV7@reddit
One drive
Hulkazoid@reddit
I wish more people were comfortable with Azure. I usually have to transfer datasets between us and partners, but it's easy to just create a storage account and hand them keys.
There are dozens of ways to access the data, including the web portal, but they really need a more user friendly interface like OneDrive has. If they just had more options for auth inside OneDrive and accounts weren't so tied to AAD users then it would be a perfect solution.
leprechanmonkie@reddit
OneDrive/Sharepoint if you have it.
WeTransfer.com is great as well, I use it to send large, 4k drone videos to customers quite often.
aardvark_xray@reddit
I moved to MASV is an alternative to WeTransfer. You can tie to an S3 bucket of your choosing(other cloud services are supported as well) and set retention policies from the AWS side.
One difference over WeTransfer, users can send a link via email and it acts as a one time drag and drop interface, and that data is siloed to the user made the link (very useful for non-technical users)
br01t@reddit
Wetransfer is not gdpr proof. Links are sent with unenctypted email, so can be phished.
GrizellaArbitersInc@reddit
And I believe the terms of their free tier grant them a copyright licence to anything included. Plus the AI training they’ll be sending it to.
LonelyWizardDead@reddit
ftp always works but auditin is rubbish.
mediashare is an optio
or sharing through sharepoint though i dont find the logging that great to be honest. and can be a bit confusing depending what you want to use it for.
kiritoova20_10@reddit (OP)
What are the Limits of mediashare?
LonelyWizardDead@reddit
main one is cost, its expensive. its used by a lot of production companys for media transfer though.
it connects to azure blog storage, so you defo need to have a chat with security about it and your server/sharepoint admin team. making the storage really big if you need that.
its not always obvious on some of the set up.
i found the logging lacking :/ and didnt capture what it should be. i.e. incomplete transfers were not captured on the logs i saw. only completed ones. which is a bit of a red flag.
i wast the main system admin testing, more on user said and asking questions on how the logs present for audit and legal purposes.
kiritoova20_10@reddit (OP)
Thank you so much!
Jarebear7272@reddit
There are some encrypted email products out there that can handle large file sizes, kind of a getting two birds stoned type of deal if your client also needs email encryption.
AlbatrossWorldly9815@reddit
I customized PSITransfer for a customer. Works great.
Mercuryhawk21@reddit
Liquid files
Lower-Limit3695@reddit
scp for simple bulk file copying over network and rsync for bulk file synchronization without copying everything over.
I usually do this stuff using systemd-run -r to verify job success and read over the logs using systemd or journalctl for easy troubleshooting.
kiritoova20_10@reddit (OP)
And what do you use when sending files externally?
Lower-Limit3695@reddit
scp and rsync both use ssh under the hood for secure file transfer, making them perfect for sending/synchronizing stuff between servers.
But for non-server stuff, Google workspaces.
kiritoova20_10@reddit (OP)
Thank you! We will look into it
Lower-Limit3695@reddit
You're welcome
Yuugian@reddit
Local instance of CrushFTP connected to AD
alphaxion@reddit
You can use tools like Jetstream or Aspera that you host yourself.
vuz3y@reddit
We have our own nextcloud instance that is made for this.
Baschbox@reddit
Schollz/Croc with selfhosted relay for Internal / other technicians or for our users: Large Files from NospamProxy.
Fuzzy_Paul@reddit
Veracrypt the file and use wetransfer. That the easy part. Not compliant but secure enough. Always encrypt the file before sending. Googke drive share, Onedrive share, Sharepoint etc. sftp server and let the other end pick it up. Plenty of possibilities to send it.
monkeydanceparty@reddit
OneDrive/Sharepoint for internal things. NAS over zero-trust for bigger internal things, Box.com for external files and for external blind drop files, then frame.io for large video files (like usually 500GB - 1TB)
Drenlin@reddit
Onedrive/SharePoint works well, but we have in-house file sharing services of various types as well for different use cases. Most of them predate 365 but still get used for unique file size, file type, or access control capabilities.
andrea_ci@reddit
spikbebis@reddit
Globus or rsync.
Bouncing via SharePoint, where GDPR is a mirage plus the speed...
StumblingEngineer@reddit
We have 2 sites setup with Fortra globalscape mft. One for internal on our AD and one for external.
Expensive_Plant_9530@reddit
We use OneDrive with password protection and a pre-set expiry on the share link to share large files externally.
cty_hntr@reddit
Microsoft Sharepoint and Google Drive you can lock down user permissions.
Turdulator@reddit
OneDrive and blocking large outgoing attachments.
zesar667@reddit
Sharepoint or NAS in DMZ With Dnat to it
czenst@reddit
Bitwarden
joex_lww@reddit
It has a 500MiB limit, so does not work for really large files.
alphageek8@reddit
This is industry specific (AECO) but we use Newforma for file transfers. Recipients are explicit and theres tracking on who downloads a file and when. Potential options for requiring an account to download, prevention on forwarding of transfers and what not.
HelixClipper@reddit
SFTPGo
CFH75@reddit
OneDrive and sftp server.
AniBMagal@reddit
Sharepoint