Research Computing Services is now offering a secure, online file sharing platform based on Citrix ShareFile for researchers to store their data and collaborate with Carleton faculty and students as well as external collaborators. The data is stored locally within the secured data centre on Carleton’s campus.
Getting Started with ShareFile
To get started with ShareFile please contact the service desk (email@example.com) and ask to have an account created for you. You will be provided what is called a primary account and a default storage volume of 500GB will be assigned to you. These accounts are only available for Carleton faculty and researchers. When your account has been created you can log into ShareFile at the following link: curesearch.sharefile.com. All primary account holders must log in using their Carleton credentials and Microsoft Azure multi-factor authentication. Follow the instructions to log in by clicking the Sign In button on the left (students and external collaborators will login directly on that page on the right). Once authenticated you can navigate to Folders->Personal Folders to create folders and upload your data. If you have any issues logging in to ShareFile using your Carleton credentials and Microsoft Azure, please contact the service desk (firstname.lastname@example.org).
Students, External Collaborators and other non-Faculty Users
Only Faculty members need to contact ITS to have an account created. Once this is done, they will be able to create an account for you and share data with you. Please contact your Carleton Faculty collaborator, have them request an account and have them follow the instructions below to have you added to ShareFile.
Adding Users and Sharing Your Data
Once you have some data uploaded to ShareFile (at least a single folder), you can begin sharing with others. Select a folder you would like to share and click on the People on this Folder tab at the top. This page will tell you who has access to this specific folder as well as their access permissions. To add a user to this folder, click the Add People to Folder button. If the user is already has a ShareFile account then you can find them using the search box. If not, click the Create New User button and input their details. Finish by selecting the user’s access permissions for the folder in question and click Add. This will create what is called a secondary account for this user. Anyone (Carleton faculty, students or external collaborators) can be assigned a secondary account. These users will log in directly to ShareFile on the login page (curesearch.sharefile.com). Multi-factor authentication has been enforced for secondary account holders as well. Secondary account holders only have access to material shared with them within ShareFile and do not have a personal allocation assigned to them.
When a secondary account is created for a new user, the email address provided by the primary user will be associated with their account and is what the secondary user will use to log in. The new user will receive an email with a link allowing them to complete the creation of their account. Following the link, the new user will:
- Among other details, be asked for a phone number to be used for 2-factor authentication.
- Then be asked to verify their 2-factor authentication phone number.
- Finally be asked to create a suitable password.
If a secondary user is having trouble logging in to their account they can click the “Forgot password?” link on http://curesearch.sharefile.com or contact the service desk (email@example.com).
Citrix Files Desktop & Mobile Application
The Citrix Files application gives you direct access to your files by integrating with Finder on a Mac or File Explorer on a Windows computer. Files is also available for Android and Apple iOS devices through the Google Play Store and Apple App store, respectively. For more information and to download the application, follow the appropriate link below.
Quick App Sign-in Information for Primary Users
- When the App opens enter curesearch in the “mycompany” text box and click continue
- The next screen select the “Sign in with my company credentials” link which will allow you to use your MC1 account & password, then authenticate with DUO
Secondary users will enter their credentials directly into this page (and not click the link), followed by an SMS two-factor authentication prompt that was setup at the time of account creation.
Although user data is secured in Carleton’s data centers, there are certain responsibilities that fall on the user. These include:
- securing end user devices which are logged in to Sharefile and have access to your data
- ensuring secondary accounts provided to students and external collaborators are kept up to date and unneeded accounts are removed
- ensuring permissions on your files and folders are set appropriately so only authorized users have accesses to specific files
- being cognizant of the data that you have stored in the ShareFile service, and removing any data that is no longer required
- considering the use of file level encryption for any data that is particularly sensitive or that may be accessed or stored on devices that may not be fully secure
It is possible that a secondary account holder will need their two-factor authentication phone number changed. The phone number associated with their account can be reset only after the situation has been verified by the associated primary account holder. The primary account holder will be asked to verify the identity and the situation either face-to-face or over the phone with the affected secondary user. If the email associated with a secondary account is compromised, then the malicious user might attempt to access the data stored ShareFile, however, the two-factor authentication will keep the data shared with this account secure. It is for this reason that email should not be used to verify the situation. If the situation cannot be verified, the secondary account can simply be deleted to ensure data security. In situations like this it is the responsibility of the primary user to be able to verify the identity and account status of individuals associated with their account.
Data Security & Retention Policy
Carleton University’s Information Security Team completed a security risk assessment of the RCS ShareFile solution and found it to be operating within the risk acceptance tolerance defined within the University’s Risk Management Framework. If you require further details, please contact RCS (firstname.lastname@example.org). Based on this assessment, the Carleton Research Ethics Boards (CUREB-A and CUREB-B) have deemed this an acceptable platform for research data.
This service is hosted at Carleton and all of your research data will be securely stored in Carleton’s data centres. This data will be replicated and backed up to ensure resiliency. Any file uploaded to this service will remain until deleted by the user. Once a file is deleted, it will reside in your Recycle Bin for 45 days. After this time it will be removed from your view. Files will remain on the system for a few weeks more once they are removed from your Recycle Bin and will be recoverable by an Administrator. All efforts will be made for requests to recover deleted files outside of this window, but no guarantees can be made. If this data retention policy does not fit your needs please contact RCS so we can discuss your needs.
Scheduled Maintenance and Outages
From time to time Citrix will perform scheduled maintenance which could impact end users. To check Citrix’s current status, see past outages and sign up for notifications of future maintenance interruptions, please visit the Citrix ShareFile status page.