How Mac-Centric Creative Teams Can Work Remotely Without SMB Over VPN

The Challenge: Balancing Security and Remote Access for macOS Users

As organizations adapt to an increasingly remote workforce, marketing and creative teams face unique challenges. Many rely on a centralized file-sharing system, often served from an on-premises Mac Server, to collaborate on projects. These teams need a mountable volume for their daily macOS-based workflow, but traditional remote access solutions introduce security and performance concerns.

A VPN-based approach using SMB over VPN was ruled out due to security policies, as direct SMB over the Internet was rejected by the Infosec team. Moving the centralized Apple-based file sharing to cloud services like Dropbox or SharePoint was also considered but deemed disruptive, as it would have altered mount-volume-based file references within projects, causing workflow interruptions.

With VPN and direct SMB over the Internet off the table, and cloud migration presenting major operational challenges, it seemed as though all options were exhausted. Was there no alternative but to require all creative team members to work from the office at all times?

Fortunately, an alternative emerged—one that balanced security, usability, and workflow continuity: HTTPS-based file access.

Evaluating Solutions: The Journey to an HTTPS-Based File Gateway

The marketing and creative team initially explored various options, including Azure File Sync. However, because Azure File Sync synchronizes files to Azure Files, which then serves out those files over SMB across the Internet, it was immediately deemed unsuitable due to security concerns. The team sought a solution that could deliver the same file access experience without exposing SMB traffic over the Internet.

To meet their needs, the solution had to provide:

Security and Compliance

• Infosec Approval: Compliance with security guidelines.
• HTTPS-Based Access: Secure file access over the Internet.
• Secure External Access Without VPN: Eliminating complexities and security concerns of VPN-based solutions.

Seamless Integration and Performance

• Mac Integration: Simulating a mounted volume for macOS users.
• SMB3 Protocol Support: Compatibility with existing infrastructure.
• Performance and Reliability: Enabling efficient access to large creative files without workflow disruption.

Flexible Remote Work Support

• Remote and Office Work Accommodation: Providing flexible access for hybrid teams.
• Seamless Remote Work Experience: Allowing remote employees to work as if they were in the office.

The Solution: How an HTTPS-Based File Gateway Works

An HTTPS-based file gateway is installed on-premises next to the Apple Mac Server, where it communicates with the Mac Server via the SMB3 protocol. This allows it to function as a bridge between the internal file-sharing system and remote users.

On the internal network, the gateway maintains SMB3 compatibility, ensuring that files remain accessible in their native format. However, when accessed externally, the gateway translates file access requests into HTTPS, enabling secure file transfers over the Internet. This architecture ensures that users can mount and interact with files remotely just as they would in the office, while maintaining security and compliance standards.

Additionally, an HTTPS-based file gateway often includes features such as:

• Local Caching: Frequently accessed files are cached locally on remote devices to improve performance.
• Offline Access: Users can continue working on files without an internet connection, with changes syncing when connectivity is restored.
• Access Controls & Auditing: Ensuring granular permissions and tracking access for security compliance.

By implementing an HTTPS-based file gateway, organizations can provide their macOS-based creative teams with secure, high-performance remote access to on-premises files, ensuring seamless collaboration while upholding security requirements.

Conclusion

Triofox is an HTTPS-based file gateway. If you are interested in this case study and how it can solve similar challenges for you, please visit https://www.triofox.com/.