Magic Quadrant For Enterprise File Synchronization and Sharing
Magic Quadrant For Enterprise File Synchronization and Sharing
Magic Quadrant For Enterprise File Synchronization and Sharing
By 2018, 70% of EFSS destination vendors will cease to exist, having been acquired or put out of
business, and the remaining 30% will evolve to support the digital workplace or modernize
corporate data infrastructures.
Market Definition/Description
Gartner defines the enterprise file synchronization and sharing (EFSS) market as a range of cloud-
based or on-premises offerings that enables individuals to synchronize and share files (such as
documents, photos and videos) among mobile devices and PCs. Sharing can happen among
people (for example, partners and customers) within or outside the organization, as well as among
applications. Smooth search, retrieval and access of files stored in multiple data repositories (e.g.,
file servers or content management platforms) from different client devices complement these
offerings, as well as security, data protection and collaboration capabilities.
EFSS offerings enable modern user productivity and collaboration scenarios for the creation of a
digital workplace (see Note 1). Typical deployment architectures for EFSS offerings can be public
cloud, hybrid cloud, private cloud or on-premises. EFSS offerings may present different levels of
support for:
■ Mobility, with native apps for mobile devices, notebooks and desktops, as well as web browser
support; and integration with third-party mobile apps for productivity or management.
■ Simplicity and usability with optimized UIs and interactions, such as file drag-and-drop and file
open-in applications.
■ File productivity, including easy file access, synchronization, sharing, search — and cloud
storage.
■ Manipulation, such as file creation, editing, annotations and note taking — natively or through
integration with third-party suites, such as Microsoft Office 365 apps or Google Docs.
■ Collaboration, such as cooperative editing with change tracking and comments on shared
content.
■ Workflow, including document-based process automation with actions on files, metadata and
users, triggered by specific events.
■ Data governance, with content management capabilities, including metadata, retention
policies, audit and trail, e-discovery, and analytics.
■ Security and data protection on connected devices, in transit and in cloud services (or
servers). It includes password protection, remote wipe, data encryption, data loss prevention
(DLP) and disaster recovery management (DRM).
■ Administration and management, including integration with an Active Directory and
Lightweight Directory Access Protocol (LDAP) policy enforcement.
■ Integration with corporate on-premises data infrastructure, enterprise servers and cloud
services; also, support for Content Management Interoperability Services (CMIS) and APIs.
■ Storage, with some using a central data repository, cloud-based or on-premises, and others
integrating with existing third-party repositories.
Gartner distinguishes EFSS offerings as destinations and extensions: The former are stand-alone
products with file sync and share as the core capability, and normally represent a new purchase for
an organization; the latter are features, such as collaboration, content management or storage,
added to established products or applications. These are features that organizations find in
deployed systems and may decide to use (see "The EFSS Market's Future Will Present an
Opportunity for IT Planners").
Both EFSS product types are subject to IT organizations' consideration for adoption. However, the
relevance of EFSS extensions is limited to use cases or user categories that rely heavily on the
extended IT product. An example would be companies looking for mobile access to their enterprise
content management (ECM) platforms for a selected workforce.
Organizations with complex requirements and multiple use cases to support, including access to
different data repositories, auditability, data governance, extensive collaboration and workflow
automation, prefer EFSS destinations. These vendor selections tend to be challenging, as most
often they imply investment in a new product or service from a new supplier. Companies may end
up choosing a combination of EFSS capabilities.
This Magic Quadrant focuses on EFSS destination offerings only, not extensions.
Accellion
Accellion is a private company, founded in 1999, with headquarters in Palo Alto, California, U.S.,
and offices in London, U.K., Singapore and Ukraine. The company originally served the traditional
file sharing and managed file transfer (MFT) market. Since 2010, its offering has focused on mobile
file synchronization, sharing and collaboration. Its EFSS product, kiteworks, offers broad support for
back-end integration, security and management. The user experience is optimized for mobile users,
this being the product's first design objective. The architecture employs a multitier model that
separates the web, application and data layers. The product can be deployed on-premises, as a
private cloud on-premises (a virtual appliance on-premises), as a hosted cloud (via Amazon Web
Services [AWS]) or hybrid cloud (mixing on-premises and hosted), or as a public cloud. The hybrid
model can combine the on-premises component with public and private cloud services. Accellion
serves midsize to large regulated or security-conscious organizations, particularly in the
government, technology and professional services sectors.
Accellion is a good fit for organizations that prioritize EFSS initiatives for mobile access to a variety
of corporate data repositories and require customized mobile apps to support document-centric
business workflows while ensuring data protection and compliance, particularly in regulated
markets. Accellion is also preferred in scenarios where large files (1 terabyte and larger) need to be
exchanged, such as for engineering groups, graphics shops and video/audio production houses
dealing with large media files (for example, videos, source code and computer-aided design [CAD]
files).
Strengths
■ Accellion provides extensive security features, including encryption, auditing, geofencing, built-
in DRM encryption and app whitelisting, as well as e-discovery, policy-based content retention
and data sovereignty. Accellion has compliance and certifications for regulated sectors,
including Federal Information Processing Standard (FIPS) Publication 140-2, the Health
Insurance Portability and Accountability Act (HIPAA), the U.S. Federal Information Security
Management Act (FISMA) and the Sarbanes-Oxley Act.
■ Accellion offers many connectors for back-end integration. These enable content access,
without a need to duplicate files, to a variety of systems and services, including Microsoft
SharePoint, Microsoft SharePoint Online, Microsoft Windows file shares, Microsoft OneDrive for
Business, EMC Documentum, OpenText, Dropbox, Box and Google Drive for Work.
■ The kiteworks' content platform has enterprise-grade RESTful APIs and software development
kits (SDKs) to enable developers to build mobile apps with security, collaboration and custom
integrations. A secure mobile container enables them to store and manage content on a mobile
device and edit it in a secure mobile editor, or to access enterprise content repositories
securely.
■ Accellion has a good reputation for being customer-oriented, flexible in addressing customers'
needs, willing to adapt its product roadmaps and able to deliver on time. Reference customers
Cautions
■ Accellion is a small, private company, compared with the big IT and cloud players in this
market. It is competing against larger and more mature players in a consolidating and
commoditizing market.
■ Accellion's product pricing can be confusing, and some of its reference customers perceive
kiteworks as expensive and as offering less value than competing products. In addition,
Accellion's ecosystem of partners and system integrators is limited.
■ Accellion does not offer prebuilt integration with IBM products, such as Connections,
Connections Docs, Domino and FileNet. Integrations with Google Gmail and web-based
Distributed Authoring and Versioning (WebDAV), and support for OpenID, are also missing.
Accellion's Enterprise Connect Program can deliver custom connectors to various ECM
systems.
■ Despite an increasing focus on its content platform, Accellion still does not support user-
defined metadata, metadata management, tagging and analytics.
Box
Box, founded in 2005, has been a public company since 2015. It has headquarters in Redwood City,
California, U.S., and offices in Europe and Japan. Box has one of the largest user bases in this
market. The company provides secure cloud-based file sync, share and collaboration as part of a
broader cloud-based content collaboration platform and storage offering. Box's vision is to be the
cloud data backbone for business applications, supporting modern document workflow automation
and business process enablement. It aims progressively to replace traditional on-premises content
repositories with its cloud service alternative.
Box's offering is available in the public cloud, which is implemented in Box's data centers in the
U.S., or through Amazon's and IBM's local data centers in other regions. It focuses on balancing a
simple user experience with the security and administrative needs of the client organization.
Box is a viable option for public cloud-friendly organizations prioritizing digital workplace
transformation strategies and aiming to integrate file sync and share services into re-engineered
business processes. It is a viable option for stand-alone use cases, particularly when external-facing
collaboration scenarios are involved.
Strengths
■ Box offers a user-centric, modern, cloud-based and mobile tool that integrates with the user's
productivity and collaboration apps. Customer satisfaction is very high across a variety of job
roles and generally better than that of its competitors. Box's capabilities for supporting
Cautions
■ Box's offering is available only in public cloud. There is no hybrid model that adds data storage
on-premises. Movement of corporate content to Box's cloud repository (or replication of it
therein) may not be a viable option for IT organizations with stringent data residency and
sovereignty requirements in and out of their region.
■ Box's integration with enterprise on-premises systems and data infrastructure is limited, and
weaker than some of its competitors. For example, Box lacks integration for access to EMC
Documentum and OpenText. Reference customers occasionally faced challenges in integrating
Box with their on-premises corporate IT systems, as Box prioritizes integration with other cloud
offerings (such as those of Salesforce).
■ Box stores document metadata (such as user and content type) in its cloud, which is
implemented in its U.S. data centers. This is an issue for organizations in need of fully regional
implementation. Nevertheless, Box Zones gives customers data geolocation choice, with the
ability to store content in other cloud repositories, implemented in regional data centers.
■ Users with a personal Box account could face a challenge if they upgrade to a corporate Box
account because business and personal data cannot coexist within the same Box account. If a
personal Box account is converted into a corporate Box account, it's the employee's
responsibility to move personal content to an alternative service.
Citrix's ShareFile is a viable option for organizations seeking to enable EFSS across a broad
spectrum of end-user scenarios — from mobile devices to virtual desktop clients (based on Citrix
XenDesktop and XenApp), and for organizations undertaking EMM initiatives.
Strengths
■ Citrix offers flexible deployments, through a hybrid architecture and storage model. Customers
can store data in Citrix's cloud in on-premises private data storage (Citrix's ShareFile
StorageZones); in supported third-party cloud storage in Amazon Simple Storage Service (S3)
or Microsoft Windows Azure; or in preferred clouds, such as those of Microsoft, Google,
Dropbox, Box and Salesforce. Connection to existing on-premises Microsoft SharePoint sites
and network file shares is also possible through ShareFile StorageZone Connectors. Users can
share files from any of those locations. Custom integration can be built with the StorageZone
Connectors' SDK or through third-party vendors' connectors.
■ Citrix offers security and data protection, including information rights management, based on
Seclore's technology. ShareFile offers granular control over where files are stored by assigning
location based on specific use-case requirements (for example, to comply with local laws and
limit the risk of data loss).
■ Citrix offers document collaboration and productivity features with workspaces and workflows.
Team-based features are supported, such as shared folders with granular permissions. Podio,
included in the ShareFile platinum, supports project management. Co-editing of documents
stored in ShareFile with Microsoft Office 365 is a new feature, as is the ability to share rich-
media streams.
■ There is integration with other Citrix products, particularly XenDesktop (desktop virtualization),
XenApp (app virtualization), for virtual clients and end-user computing, and NetScaler for mobile
and web application delivery control.
■ Integration through native connectors is available today only for a handful of enterprise systems
(e.g., network shares, SharePoint and Microsoft Office 365) and cloud storage repositories (e.g.,
Microsoft OneDrive, Google Drive, Box and Dropbox). The development of additional native
connectors is underway.
■ Citrix's reference customers reported occasional limitations with presales and postsales
support, roadmap visibility, and service changes. However, they mentioned also a positive
trade-off between price and performance, and the compelling ShareFile's pricing, compared
with the competition.
■ A decision to deploy ShareFile may have implications for investments in end-user computing
management and collaboration workspaces. Organizations that have not already invested in the
Citrix stack should explore how a ShareFile investment may impact current EMM and
collaboration environments.
■ Citrix is still without FISMA, FedRAMP and ITAR compliance, although it does offer compliance
with many other regulations and programs. Role-based access controls are available only when
ShareFile is managed by XenMobile.
Dropbox
Dropbox is a private company, founded in 2007, with headquarters in San Francisco, California,
U.S., and additional offices in the U.S., Europe, Israel, Australia and Japan. Dropbox is the best-
known provider of cloud file storage and sharing, with the largest user base for consumer services.
Millions of people use Dropbox at work as a personal tool for productivity. Dropbox Business is the
corresponding service for businesses, which adopt it for employees and teams. Public cloud based,
it includes storage, file-sharing and productivity tools, central IT management, and security features.
Specific capabilities include separation of personal and business data in two connected accounts,
and remote wiping of business data from users' devices. Dropbox Enterprise is for larger
organizations that require additional security management and control features beyond those in
Dropbox Business. The broad adoption and preferences by individuals drive Dropbox's expansion
in the enterprise market. Dropbox Business helps IT departments convert personal usage into
regular IT services and regain control of their data.
The enterprise market is a strategic priority for Dropbox, whose customer base has been growing in
large enterprises and SMBs. Created less than two years ago, its enterprise team is expanding, with
experts joining from various IT markets. The vision is to be a secure content platform for
collaboration and workflow processes, focusing on the experiences of users and IT administrators.
Clients value Dropbox's ease of deployment, scalability, regular upgrades, user experience, and
presales and postsales support. Dropbox is a best-in-class benchmark for ease of use. Its
reputation as a consumer player occasionally raises concerns about its ability to support large
organizations.
Dropbox Business is an attractive offering for organizations seeking broad user acceptance of EFSS
deployments, under IT control, and easy collaboration across multiple organizations. More generally,
Strengths
■ Dropbox offers a fast and reliable desktop synchronization client. This is deployed to a large
base of customers across the world using several methods, including LAN synchronization,
delta synchronization and automatic bandwidth optimization. Dropbox continues to invest in the
efficient performance of file synchronization over networks.
■ Dropbox offers a content platform with extensive APIs and developer partners (more than 500
billion API calls are generated per year on the platform). Customers can build integration of
Dropbox and business applications, repositories and other clouds, enabling business processes
and corporate content workflows. For example, they enable identity management, single sign-
on (SSO), data loss prevention (DLP), analytics, data migration and on-premises backup.
■ Dropbox offers a well-designed user experience across all major device platforms. There is
support for personal productivity and collaborative content creation, including co-authoring in
Microsoft Office 365, mobile activity feeds, team sharing and collaboration (Team Folders), and
integration with other Dropbox features (such as Paper and Badge).
■ To support large-scale deployments, Dropbox continues to extend security and administration
features that offer administrators the visibility and control that an IT organization needs to
manage a collaboration solution companywide.
Cautions
■ Dropbox does not support hybrid or on-premises deployment architectures, only public cloud
architecture. It offers some integrations with third-party clouds and on-premises repositories to
facilitate data migration to and from its cloud, but no hybrid cloud deployment is possible.
■ Dropbox's cloud is implemented on U.S. data centers today, without flexibility in terms of
international data residency, data geolocation or data sovereignty. However, Dropbox plans to
host customers' data in local data centers in other regions, and announced a forthcoming
launch for Germany, based on Amazon Web Services.
■ Dropbox's integration with on-premises systems and data infrastructure is very limited, and
weaker than some of its competitors. For example, Dropbox lacks turnkey integration for
access to most on-premises ECM tools, such as Microsoft SharePoint, EMC Documentum,
OpenText and IBM FileNet. SharePoint integration for copying is based on third-party
technology. Dropbox prioritizes integration with other cloud offerings (such as those of
Salesforce).
■ Dropbox lacks enhanced security features, such as content-aware DLP and built-in DRM,
although they are supported through partners that use the Dropbox API. FISMA certification is
missing. Dropbox added support of HIPAA and HITECH Act compliance in 2015.
Adoption is mostly in sectors with large mobile workforces, such as media and entertainment,
financial services, high technology, retail, healthcare, and construction. In these contexts, people
need to access content, share and collaborate securely on the move. Egnyte is a viable option for
enterprises aiming to enable modern user scenarios by integrating with data infrastructure both on-
premises and in the cloud. It should also be considered by organizations dealing with sensitive data
in regulated sectors, which require flexibility in terms of data residency and geolocation in order to
comply with regulations. In addition, organizations with distributed workforces and remote offices
should consider Egnyte for its smart governance of the storing and sharing of files, and of access to
files depending on user profile.
Strengths
■ Egnyte offers platform APIs to integrate different content storage offerings and repositories, and
to enable content productivity, collaboration and workflows. APIs include user features such as
folder management and differentiation between public and private folders. There are also IT
administration features, such as content access permissions by user and group. Integration with
cloud platforms, such as Microsoft Office 365, Google Apps and Salesforce is available. UI
customization for specific workloads and interfaces is possible through embeddable APIs.
■ Egnyte has a flexible, hybrid architecture that separates productivity from storage, which can be
in the cloud, on-premises or both. Egnyte supports integration with storage infrastructure from
multiple vendors, as well as data access, management and migrations. Global IT policies can
be created to decide the geolocation of confidential data in selected countries or regions, on-
premises, or in the cloud.
■ Egnyte's file analysis and analytics support content management, and automate user and IT
administrator reporting. Metadata and tags enable smart searching. Security features include
on-premises encryption, key management and storage systems, DRM, and remote wiping of
mobile data. Server-to-server encryption provides mirrored network drives at branch offices.
■ Egnyte's customer satisfaction is generally high and is the highest of all the vendors in this
Magic Quadrant. Its reference customers reported a rapid support service and flexibility in
Cautions
■ Egnyte's offering is complex, with a broad range of options for the implementation. This can
complicate the initial stage of solution design, although allow flexibility to meet customers'
needs. Initial proofs of concept may be needed to identify the most appropriate design.
■ Egnyte does not offer native connectors for integration with most enterprise content
repositories. Through Mover.io, Portal Architects (SkySync), Tervela and cloudHQ, it can
synchronize with or migrate content to its cloud — for example, from Microsoft SharePoint,
Google Drive and Salesforce. When uploading content from other repositories to Egnyte
Connect, custom metadata is not imported.
■ Language localization is missing for the UI, IT administration tools and documentation. Native
DLP and geofencing capabilities are missing.
■ Egnyte is a small, private company with limited resources, compared with the big IT and cloud
players in this market. It is competing with larger and more mature players in a consolidating
and commoditizing market.
Google
Google is a public company, founded in 1998, with headquarters in Mountain View, California, U.S.,
and offices worldwide. Google Drive is a cloud-based file storage, synchronization and sharing
service, offered as part of the Google Apps for Work product suite. It represents the central content
repository for all collaboration and communications apps in the suite. In particular, Google Docs,
Google Sheets and Google Slides support document creation and collaborative editing. Google's
approach to browser-based, collaborative editing transformed content collaboration. Google Drive
sits at the center of Google's vision for modern productivity and collaboration, and will evolve with
machine-learning and natural-language search capabilities. Google Drive is available through a
freemium model for consumers, or as a per-user, per-month subscription for organizations.
Organizations that choose Google Drive typically have a distributed workforce. They may have
multinational operations, broad mobile device adoption and a need for consistent performance
across the world. Also, they often value users' preferences and select Google Drive after auditing
unsanctioned consumer services used by employees.
Google is a good choice for companies that are migrating collaboration tools to the Google Apps
suite, and that value the editing and collaboration facilities of Google Docs. The competitive
economics make Google Drive attractive for organizations that are prioritizing value for money.
Strengths
■ Google has a global infrastructure for fast access to data almost everywhere. It can store and
serve large files (up to 5 terabytes) at high speed. It also has a worldwide customer support
Cautions
■ Google Drive is available only as a public cloud offering. There is no hybrid model that allows
data to be kept in private clouds or on-premises storage. The movement of corporate content
to a public cloud (or its replication therein) is not a viable option for many organizations.
■ Google Drive does not fulfill compliance requirements for data sovereignty and residency
features. Regional cloud implementations are not available, nor are policy-driven storage
location, regional isolation of data centers, document geopinning policies and native
geofencing. Data retention capabilities are also lacking.
■ Google Drive has poor integration with IT deployments and third-party IT products. It lacks
native connectors to on-premises content repositories and business applications, including
Microsoft SharePoint, as well as integration with Microsoft Office Online. Integration with
network drives and storage infrastructure such as network-attached storage is very limited, as
is integration with other cloud providers. Integration can be developed using standard APIs and
tools, or via third-party vendors, such as cloudHQ.
■ Google's customer satisfaction is sometimes limited. Reference customers mentioned poor
presales and postsales technical support. They also pointed to a lack of integration with
corporate IT systems and deployment complexity. Furthermore, reporting, e-discovery and
auditing capabilities are limited.
Huddle is a good fit for enterprises and governments that want to go beyond basic file
synchronization and sharing capabilities, and empower their users with broader collaboration,
project management and team features.
Strengths
■ Huddle's platform API offers extensive methods for working with files, folders, tasks, comments
and people. The platform includes a recommendation engine, with learning algorithms based on
workers' actions that selects relevant files and pushes them to connected devices. Content
management features include content filtering, conflict and version management, metadata, and
identity and permission mapping.
■ Huddle provides a range of data protection features natively. These include regional isolation of
data centers, geofencing, policy-driven storage location and other policies based on document
metadata, role-based access controls, rule-based alerts and actions for files and user activities,
and complete trail reporting.
■ Huddle has a number of compliance certifications, including FedRAMP, FISMA, HIPAA and the
U.K. Pan Government Security Compliance and Accreditation service.
■ Huddle's customer satisfaction is high, judging by its reference customers. The implementation
process is generally smooth, and the product is perceived to be affordable and good value.
Cautions
■ Huddle does not have a hybrid solution that enables clients to keep some data in on-premises
repositories, nor does it integrate with existing repositories. It offers APIs with which customers
can build integration with other cloud services, such as those of Box, Dropbox, Microsoft
(OneDrive) and Google (Google Drive).
Intralinks
Intralinks is a public company, founded in 1996, with headquarters in New York, New York, U.S.; it
also has offices elsewhere in North America, and in Latin America, Europe and Asia/Pacific.
Intralinks specializes in secure content sharing and collaboration for enterprises, with a focus on
externally facing business processes with sensitive data and complex workflows, such as those
associated with mergers and acquisitions (M&As), client communications, and regulatory
compliance. Intralinks' offering can be implemented in a private cloud, with two colocated facilities
holding all the data and accounting for all the processing. Intralinks has data centers in the U.S. and
the U.K., and it plans to add more regional ones. Intralinks can host customers' files, with
processing and controls, within an Intralinks data center, using Intralinks Client Attached Storage,
which extends Intralinks' colocations to support storage of data in alternative locations (this option
is currently available only in the U.K.). A hybrid architecture is not yet available, but development
plans include Distributed Content Nodes, which will allow for flexible deployment options, with
customer repositories (hosted either on-premises, or in private or public clouds), augmented with
local processing of content (e.g., for indexing).
Their EFSS offering, Intralinks VIA, is a stand-alone secure file sharing and collaboration product.
Intralinks VIA is also central to Intralinks' VDR edition, used for specialized use cases such as virtual
data rooms, loan syndication, M&A transactions, private equity fundraising and clinical trials. A
single platform for content sharing and management, based on a common identity/access model,
enables content access across applications, data protection and governance, and compliance
reporting.
Intralinks VIA is a viable option for organizations that want a private cloud deployment, and that
value data protection, security and regulatory compliance; also for those requiring sensitive data
sharing and collaboration with external parties. Large enterprises already using Intralinks'
specialized applications (such as those for the financial services, legal and life science sectors) can
benefit from Intralinks' content platform and enable horizontal EFSS use cases by means of
Intralinks VIA.
■ The Intralinks platform offers workspace capabilities for projects and teams, and enables
content collaboration, teamwork and project management. Simple rule-based or multitask
workflows are supported.
■ Intralinks' content platform supports security, process management, compliance and reporting.
A range of RESTful APIs enables in-house application development or integration with existing
IT systems and third-party technologies.
■ The rich security features in Intralinks VIA include plug-in free Information Rights Management
(IRM) to protect Microsoft Word, PowerPoint and Excel files, and Adobe PDF files. Intralinks
IRM enables policy enforcement, including restrictions on downloading, copying, pasting,
screen capture and printing. Access to shared documents can be revoked, and documents can
be unshared.
■ Intralinks offers Customer Managed Keys technology for encryption of data at rest through a
Hardware Security Module (HSM). This gives adopters full control over the management and
secrecy of their cloud-stored data. Intralinks' architecture offers geolocation and data
sovereignty capabilities for compliance with data protection and privacy laws (currently in the
U.K.).
Cautions
■ Intralinks does not offer native connectors for integration with enterprise content repositories
(with the exception of Microsoft SharePoint and Salesforce). Integration can be built by
customers using the Intralinks Integration Adapter, a client-side application.
■ Customer satisfaction is sometimes limited. Reference customers identified Intralinks'
limitations in integrating with corporate IT systems and third-party products. In addition, pricing
is perceived as expensive, with Intralinks being thought to offer lower value than some other
competitors.
■ Intralinks VIA suffered a service outage in the second quarter of 2016. This was due to major
upgrades to the content platform's hardware and software infrastructure, in response to rapid
growth in the user base and usage.
■ Intralinks does not provide an easy way for organizations to investigate levels of access to
employees' file shares — to detect internal data theft, for example — without gaining users'
permission. Native DLP is also missing.
Microsoft
Microsoft is a public company, founded in 1975, with headquarters in Redmond, Washington, U.S.,
and offices worldwide. It offers two different products for file synchronization and sharing: OneDrive,
a cloud- based consumer service without enterprise control capabilities; and OneDrive for Business
(ODB), an EFSS product available as a stand-alone cloud service, or as an extension to Microsoft
SharePoint Server, or in Microsoft Office 365. Microsoft ODB offers file synchronization and sharing
ODB can be deployed in several ways — in a public cloud; in a private cloud as part of an Office
365 dedicated tenant; in a hybrid capacity, together with SharePoint; and on-premises, in
SharePoint 2013 and SharePoint 2016 deployments. In SharePoint 2016, an app launcher for ODB
is available, which enables a smooth hybrid deployment. ODB is the native EFSS service for Office
365 and offers an integrated Office experience on desktops, browsers and mobile devices. ODB is
available in over 50 languages, and Microsoft runs a global support operation. Microsoft aims to
broaden ODB's focus beyond file synchronization and sharing, to make it the gateway to any files in
Office 365.
Although ODB is available as a stand-alone offering, organizations generally adopt ODB as part of
an Office 365 purchase. Interest in ODB is high in the enterprise market because of rapid adoption
of Office 365.
Microsoft is a good choice for companies that have prioritized investment in Microsoft's productivity
and collaboration suites, content server platforms (such as SharePoint Server), SharePoint Online
and Office 365.
Strengths
■ Microsoft ODB is available as part of Office 365 at no additional cost. Being central to
Microsoft's productivity and collaboration vision, ODB is fully integrated into Office 365, so that
it works with Office, Outlook, Yammer and Skype for Business. Files in ODB are indexed in
Office Graph and surfaced within Office Delve. In ODB, workers can edit Office files
collaboratively in real time.
■ A new ODB synchronization client, the ODB Next Generation Sync Client, is available in which
the performance and reliability problems of the previous version have been solved. It is available
only for the cloud version, not for SharePoint Server. Features on Microsoft's development
roadmap include synchronization with SharePoint document libraries and the ability to pause
synchronization.
■ Microsoft ODB offers extensive security features, including regional isolation of data centers,
storage location and policies based on metadata; IRM for internal and external users based on
Microsoft Azure Active Directory; native DLP; file scanning for viruses on uploading; two-factor
authentication; and Security Assertion Markup Language (SAML). Most certifications are
present, such as FedRAMP, FISMA, HIPAA, ITAR, and Family Educational Rights and Privacy
Act (FERPA).
■ ODB users and groups can be managed by Office 365 administrators. In Office 365 Protection
Center, administrators can set security and compliance policies, create audit reports, run e-
discovery cases, and conduct retention, archiving, DLP and mobile device management.
■ Microsoft ODB does not support downloading of multiple files or folders from a web browser,
but only one file at a time. In addition, it does not allow a folder to be shared with an external
user using an anonymous guest link — users have to sign in. Development to deploy these
features is underway.
■ Microsoft ODB lacks native connectors to most enterprise content repositories and business
applications, except for Microsoft and Salesforce products. Nonetheless, OneDrive API is
accessible with Microsoft Graph and used by multiple app partners.
■ Customer encryption key management, with keys managed by the client organization's IT
department, is available to Microsoft Office 365 customers through Azure Rights Management
(Azure RMS), but with limitations. Azure RMS can be used with a "bring your own key" model,
to store keys in a hardware security module, but this configuration will result in reduced IRM
functionality in Exchange Online.
■ Microsoft ODB's management console and sharing controls are poor, compared with those of
many other vendors. For example, ODB is missing group management, role-based access
controls and rule-based alerts. Development plans for a new OneDrive admin console are
underway. Mobile management features depend on Microsoft's EMM product, Intune.
Syncplicity
Syncplicity is a private company, founded in 2008, with headquarters in Santa Clara, California, U.S.
It has offices in the U.S., and in Germany, Ireland and the EU. Syncplicity is owned by Skyview
Capital, a global private investment firm headquartered in Los Angeles, California. It acquired
Syncplicity in 2015 from EMC, which remains a financial stakeholder and sales channel partner.
Syncplicity's EFSS offering is a hybrid cloud focused on data infrastructure modernization, security
and data governance, along with user productivity and collaboration. Its value proposition is to
enable digital transformation. Its offering can be deployed in public clouds (implemented in the U.S.
and the U.K.), on-premises or in private clouds. Its hybrid architecture, enabled by a policy-driven
hybrid storage model (StorageVaults), enables customers to have storage in different locations, on-
premises or in the cloud (or both). Legacy storage, such as file shares and home directories, can be
replaced by a Syncplicity EFSS platform that offers alternative cloud storage options. Other
capabilities include compliance with data residency requirements, data governance with fine-
grained group security and IT administrative policies.
After the acquisition, Syncplicity underwent a period of reorganization, reshaping its vision, strategy
and value proposition. Syncplicity streamlined its organization, with a sharper focus on R&D and
offshore development. A direct sales organization was created, and a new partnership with the
EMC's sales team created. This new approach is attracting interest in the market.
Syncplicity is a viable option for large enterprises aiming to give users mobile access to on-
premises and cloud repositories, file productivity, and collaboration, without forcing a migration of
files to a public cloud. It is a suitable choice for large enterprises wanting to replace or optimize
Strengths
■ Syncplicity has experience tackling complex deployments and use cases for large, global
enterprises and dealing with the different priorities of CIOs, CISOs and CTOs. A recent
deployment for 330,000 Siemens users is an example. It has a large customer base, which
inspires confidence that it can execute on a large scale.
■ Syncplicity offers rich policy management features to enable IT administrators to control
access, protect data, and secure file sharing at user and group levels. There are, for example,
policies to restrict sharing via a device, an IP address or a network name, to control file
locations and automatically delete data. A complete administration console supports tracking
and auditability of users, devices and content.
■ Its flexible hybrid architecture can integrate with network-attached storage arrays and object
storage APIs (from EMC and other storage providers) to store files on-premises and integrate
with file shares, Microsoft SharePoint and EMC Documentum. A real-time document backup
mechanism is enabled by a multifolder synchronization feature. Syncplicity's platform has
RESTful APIs for building integration with and plug-ins for client applications (for example,
Microsoft Outlook).
■ Syncplicity offers extensive security features, including native DRM encryption with policies,
customer key management and geofencing; and compliance certifications, such as FedRAMP,
FERPA, FISMA, HIPAA and ITAR. Complex data residency and sovereignty requirements can be
satisfied by policy-driven hybrid storage options.
Cautions
■ Syncplicity's support for direct content access to most enterprise content management and
business application systems is limited. However, Syncplicity Data Hub enables customers to
migrate, copy and sync content from a specific enterprise content repository into Syncplicity's
cloud.
■ Reference customers reported occasional challenges in integrating Syncplicity's offering with
corporate IT systems and third-party products. Syncplicity's ecosystem of partners is limited,
compared with some competitors.
■ Syncplicity's social collaboration capabilities are poor, lacking features such as likes, ratings,
tasks and comments (including comments on file and folder levels).
■ Syncplicity is a small, private company with limited resources, compared with the big IT and
cloud vendors in this market. It is competing with larger and more mature players in a
consolidating and commoditizing market.
Thru is a viable option for midsize and large organizations aiming to improve collaboration through
secure exchange of large files among departments, customers and partners using any device and
from any location. It also is a good fit for enterprises aiming to support file exchange across multiple
applications (such as CRM, ECM and ERP applications), and for those needing to send large files to
geographically distributed locations with low-latency downloads and uploads.
Strengths
■ A rich platform of APIs and other tools enables customers, partners and independent software
vendors to build applications on top of Thru's platform and build back-end integration with
existing IT systems. Integration is readily available for Salesforce applications, Microsoft
Outlook, IBM Notes, and Microsoft SharePoint and Office 365. An Outlook plug-in includes
side-panel integration, with drag-and-drop capabilities between email and Thru's virtual file
system on the desktop. Thru optimizes data transmissions on satellite connections with
dynamic adjustment of bandwidth enabled by Thru's Optiband technology.
■ Administrators can choose where files reside at a folder level, whether on-premises or in cloud
storage, and in which geographical location. A universal search capability enables users to
search for files in multiple places, not only in Thru's repositories but also in customer file
systems and third-party repositories.
■ Security features include rule-based access controls, alerts, actions for file and user activities
(with reporting), virus scanning for uploaded files, customer key management, and geofencing.
Compliance certifications include FISMA, HIPAA and ITAR. Data residency and sovereignty
capabilities include policy-driven storage location and regional isolation of data centers.
■ Customer satisfaction is high, judging by the views of reference customers. The implementation
process is generally smooth with products that are easy to deploy, thanks to a robust and easy-
to-understand set of APIs. Pricing is perceived as affordable, and products are considered to
represent good value.
■ Thru, a small, private company, is competing against larger and more mature IT and cloud
players in a consolidating and commoditizing market. In addition, Thru, which focuses on the
U.S. and Europe, has limited presence in other regions.
■ Thru's capabilities for back-end integration are very limited, as it is missing connectors to most
enterprise content platforms and cloud storage repositories. In addition, Microsoft Active
Directory and Lightweight Directory Access Protocol (LDAP) integration for groups and roles is
not available.
■ Thru's social collaboration capabilities are poor, missing features such as likes, ratings and
tasks. There is, as yet, no synchronization client for Apple Mac computers.
■ Thru does not offer native DRM and DLP, but does support these capabilities through
integration with third-party products.
Varonis
Varonis is a public company, founded in 2005, with headquarters in New York, New York, U.S. It also
has offices in the U.K., France, Germany, Russia and Israel (for research and development). Varonis
focuses on data governance, and protecting corporate file and email servers from cyberattacks and
insider threats. It is an established vendor in this market, with products for data auditing and
protection, sensitive-content discovery, user behavior analytics, data access governance, file
synchronization and sharing, search and e-discovery, and data retention and migration. Its EFSS
product, DatAnywhere, enables secure file access and sharing from any device to large (petabyte)
data stores, without changing the existing IT data infrastructure or moving data, with data protection
and controls. DatAnywhere supports on-premises and private cloud architectures, providing access
to existing file storage while maintaining security and access restrictions that are already in place.
DatAnywhere does not support public cloud or hybrid deployments with third-party clouds. Varonis
competes in the financial, healthcare, energy, manufacturing, education, transportation and
government sectors.
Varonis is a viable EFSS option for midsize enterprises that have large amounts of content in on-
premises repositories on internal file shares or network-attached storage, and that are unwilling to
move from their current location to the cloud for reasons of cost, privacy or compliance. It is also a
suitable choice for midsize enterprises looking for tightly controlled access to on-premises network
storage.
Strengths
■ Varonis supports Microsoft Active Directory and LDAP integration for groups and roles. It also
enforces rule-based access controls, alerts, and actions for file and user activities, as well as
data governance and controls. For example, administrators and users can decide which folders
to synchronize.
Cautions
■ Varonis does not offer native connectors for integration with on-premises enterprise content
management repositories and application systems. Integration is available for on-premises
storage infrastructure, and it can be built, using APIs, for other repositories.
■ Varonis does not offer enhanced security features, such as native DRM, SAML, customer key
management and geofencing. Compliance certifications and EMM integrations are also lacking.
■ Varonis does not offer collaboration features such as collaborative editing. Likes and comments
are also missing, as are user productivity features such as annotation and note taking.
Integration with Microsoft Office 365 is not available.
■ DatAnywhere's support for content management is limited, lacking metadata, tagging, content
analytics and built-in e-discovery. However, these capabilities are available in the broader
Varonis' Metadata Framework, which is often deployed together with DatAnywhere.
WatchDox by BlackBerry
WatchDox, founded in 2008, is now part of BlackBerry. BlackBerry is a public company, founded in
1984, with headquarters in Waterloo, Ontario, Canada. Since the acquisition in May 2015,
BlackBerry has been integrating and bundling WatchDox with other BlackBerry and Good
Technology product suites to deliver a complete offering for secure mobile productivity and
collaboration. In addition, the WatchDox solution continues to be sold as a stand-alone offering —
aided by BlackBerry's channel and carrier partners — for customers who want EFSS only, without
BlackBerry's enterprise mobility management features. WatchDox, like BlackBerry, has a strong
background in the fields of security and collaboration, with a focus on regulated sectors. Synergies
with BlackBerry help with the building of a modern collaboration offering for digital workplace
scenarios.
The WatchDox EFSS product has enhanced security and content collaboration features. It can be
deployed on-premises, in a public cloud or in a private cloud, with multiple hybrid options through a
virtual appliance, and integrated with corporate applications through APIs. Unique aspects of
WatchDox's technology include secure viewers, apps and rights management features. Due to its
WatchDox is a viable option for midsize and large organizations that are in regulated or sensitive
vertical markets, that have legacy infrastructures and content repositories (for example, Microsoft
SharePoint), that collaborate internally and externally using sensitive information, and that have a
relatively mature mobility strategy. WatchDox is particularly suitable for high-security use cases
within organizations (for example, those involving intellectual property issues). BlackBerry is
pursuing an upsell bundling strategy for all BlackBerry and Good Technology products to enable
more customers to take advantage of WatchDox.
Strengths
■ WatchDox offers a rich and secure user productivity environment on mobile and other device
app clients for secure viewing and editing, annotation, search and app streaming. Alerts and
information notifications that appear on the mobile apps, as pop-ups on the desktop clients, or
as messages, help with collaborative work.
■ WatchDox's security and data protection capabilities are extensive and include native DRM for
shared files; control policies for copying and pasting, opening, editing, sharing, caching, and
saving; geofencing; and encryption key management. Compliance certifications include FISMA,
HIPAA and ITAR. In addition, policy-driven storage location and regional isolation of data
centers is available for data geolocation and data residency requirements.
■ A WatchDox role-based access mechanism enables the creation of a permission layer on top of
connected content repositories' permissions (such as those of Microsoft SharePoint) to help
with the creation of complex and consistent access roles across enterprise repositories.
■ A rich set of platform APIs enables organizations and individual developers to incorporate
WatchDox features into new or existing custom applications (server- or client-side), or build
integrations with them. Third-party apps can upload files, folder structures and permissions into
a WatchDox repository. These APIs also will be available through the Good Developer Network.
Cautions
■ WatchDox has a stronger mobile characterization since its integration with BlackBerry's and
Good Technology's products. Its new "mobile first" approach is sometimes perceived by EFSS
buyers as a deviation from the original broader content collaboration focus. In reality, recent
enhancements, such as the WatchDox integration with Salesforce and nonmobile versions of
BlackBerry and Good Technology solutions, support other computing platforms beyond
mobility.
■ Some of WatchDox's collaboration capabilities, such as comments on files and folders, ratings,
and tasks, are not yet fully implemented. Workflows are not supported in the client interfaces,
although they are available via API. Also, integration with Microsoft Office 365 is limited to
SharePoint Online and OneDrive for Business, and does not include file editing with Office
Online (though WatchDox does integrate with on-premises Office Online for web editing).
Added
None.
Dropped
■ Acronis — The vendor does not meet the revenue threshold.
■ Ctera — The vendor does not meet the revenue threshold.
■ VMware AirWatch — The vendor's EFSS offering is no longer available as a stand-alone
product, but only integrated with other products for EMM and client virtualization management
(i.e., extension).
Honorable Mentions
The EFSS market landscape is still crowded, with more than 100 vendors. About 40% of them sell
an EFSS destination offering and were considered for inclusion in this Magic Quadrant. Many did
not qualify because they were missing some of the inclusion criteria, particularly related to revenue
and number of customers. Relevant EFSS destination vendors, not included in this Magic Quadrant,
are:
■ Acronis: With backup and recovery software as core business, Acronis sells an EFSS product,
Acronis Access, for file sharing and mobile access to enterprise content servers. Missing
criterion: Revenue.
■ Autotask: The company acquired Soonr, a cloud EFSS vendor offering productivity tools and
built-in security. Missing criteria: Revenue and maximum deployment size.
■ Barracuda Networks: In addition to the consumer service, it offers a business cloud service
connected to its storage products. Missing criteria: Users, revenue and geographic coverage.
Finally, a range of vendors providing EFSS features (extensions) in their products can be found in a
variety of markets. They do not qualify for this Magic Quadrant because they do not have a stand-
alone, EFSS destination offering. A few are:
In addition, their EFSS offerings must support a selected range of product capabilities:
■ File synchronization: This is support for transparent and automatic round-trip data
synchronization between devices and the cloud service/server. It is also synchronization
support for multiple devices connected to the service or system, for selected files or folders.
■ File sharing: This is support for multiple levels of mobile file sharing among devices belonging
to the same person; different applications on the device; and people inside and/or outside the
organization.
■ File access: This means access to files in on-premises repositories by direct access or
replication to a cloud repository. Use of third-party connectors is acceptable, but native support
is rated higher.
■ Content manipulation: Features such as document view, editing and annotation in the mobile
app and/or browsers are considered optional, either through embedded native capabilities or
through third-party apps.
■ Mobile OS diversity: This is support through a local native application for iOS and Android.
Support for Windows and other platforms is optional.
Features provided by partners must be tightly integrated with the vendor's product and invisible to
the end user.
Evaluation Criteria
Ability to Execute
Gartner evaluates vendors' execution on the quality and efficacy of the processes, systems,
methods or procedures that enable the provider performance to be competitive, efficient and
effective, and to positively impact revenue, retention and reputation within Gartner's view of the
market. In the maturing and consolidating EFSS market, established cloud providers and IT players
normally present a strong ability to execute; smaller vendors instead, such as new ventures with
high-risk profiles, tend to be limited in execution.
See the main criteria for evaluation of ability to execute in the Evaluation Criteria Definitions section.
The Overall Viability (including financials), Operations in multiple regions and Customer Experience
criteria are highly relevant for buyers to assess new players' Ability to Execute. The Product or
Service richness and maturity is highly relevant for buyers that want to assess how well their IT
suppliers are evolving traditional products to meet modern EFSS requirements.
Operations High
Completeness of Vision
The EFSS market originated from consumer trends, such as smart devices, personal cloud and
bring your own device (BYOD). Vendors with consumer backgrounds best understand the new
digital workplace imperatives, with user-centric design, and mobile and cloud agility. They have
adapted their strategies and evolved their business offerings to address specific enterprise
priorities, such as security and data governance. Vendors with IT backgrounds, instead, understand
the IT organization's priorities (such as IT administration and back-end integration). However, they
have been forced to redesign their services to meet the users' expectations, which are about hiding
IT complexity and getting a consumer-like experience. Buyers of EFSS offerings need to understand
the priorities, constraints and dynamics of the EFSS enterprise market to make long-lasting
investments in this market.
Although core file synchronization and sharing capabilities are standardizing across products, EFSS
vendors are specializing in related areas, such as data protection, collaboration, content creation
and business workflow. Therefore, the product strategy criteria are highly relevant for buyers to
identify vendors with a long-term vision that aligns with their company's objectives.
Innovation Medium
Quadrant Descriptions
Leaders
Leaders provide mature offerings that meet market demand. They have demonstrated the vision
necessary to sustain their market positions as requirements evolve. The hallmark of Leaders is that
they focus and invest in their offerings to lead the market and affect its overall direction. Leaders
can be the vendors to watch as you try to understand how new offerings might evolve. Leaders
typically possess a significant, satisfied customer base, and they enjoy high visibility in the market.
Their size and maturity enable them to remain viable under changing market conditions. Leaders
typically respond to a wide market audience by supporting broad market requirements. However,
they may fail to meet the specific needs of vertical markets or other more specialized segments.
Challengers
Challengers have a strong Ability to Execute but may not have a plan that will maintain a strong
value proposition for new customers. Large vendors in mature markets often may be positioned as
Challengers because they choose to minimize risk or avoid disrupting their customers or their own
activities. Although Challengers typically have significant size and financial resources, they may lack
a strong vision, innovation or overall understanding of the market's needs. In some cases, they may
offer products nearing the end of their lives that dominate a large, but shrinking, segment.
Visionaries
Visionaries align with Gartner's view of how a market will evolve, but they have fewer proven
capabilities to deliver against that vision. In early markets, this status is normal. In more mature
Niche Players
Niche Players do well in a particular segment of a market, or have a limited capability to innovate or
outperform other vendors in a market. This may be because they focus on a particular functionality
or region, or because they are new to the market. Alternatively, they may be struggling to remain
relevant in a market that is moving away from them. Niche Players may have reasonably broad
functionality, but limited implementation and support capabilities, and relatively small customer
bases. They have yet to establish a strong vision for their offerings.
Assessing Niche Players is more challenging than assessing vendors in the other quadrants. Some
Niche Players could make progress, while others might not execute well or may lack the vision to
keep pace with broader market demands. A Niche Player may be the perfect choice to meet your
requirements. However, a Niche Player also may prove to be a risky choice if it is moving against the
market's direction, which may put its long-term viability in question.
Context
Organizations are increasingly confronted with demand for digital transformation. Cloud, mobile and
consumer technologies brought out new work styles, approaches and paradigms, challenging
traditional IT and forcing it to change. EFSS is a core enabler for digital transformation and a priority
for organizations who pursue IT modernization and digital workplace initiatives. EFSS enables them
to address users' and business owners' expectations, while granting security and compliance.
Enterprise's interest in EFSS investments emerged in 2010 driven by consumerization trends and in
response to "shadow IT" threats. Over time, a range of more compelling reasons raised priorities in
this area, elevating discussions to more strategic levels. The driving forces behind EFSS adoption in
the enterprise market today are:
■ Mobility — a widespread adoption of devices, bring your own device (BYOD) programs, and
apps for productivity and collaboration for mobile and remote workers
■ Cloud — growing adoption of cloud services for storage, productivity and collaboration (e.g.,
Microsoft Office 365 and Google Apps for Work), as even traditional organizations realize that
managed data in a reputable supplier's cloud may be safer than on-premises
■ Security — a growing perception of security risks related to cloud and mobile technologies
requiring support for data protection, regulatory compliance, data residency and ownership, and
compliance
New cloud-based storage repositories add on to existing on-premises repositories and create more
data fragmentation. Some EFSS platforms act as an integration layer that can "glue together"
distributed data architectures, federating legacy data repositories with new cloud repositories in a
virtual data space. Users can access and use them, under IT controls and data governance.
■ Modern productivity for the mobile workforce — enabling access to on-premises data
repositories such as Microsoft SharePoint and other common ECM systems that boost user's
productivity
■ Secure external collaboration and document workflow processes — enabling collaborative
document editing and business process support, with appropriate data protection
■ Modernization of the corporate data infrastructure — optimizing fragmented data
infrastructure, introducing cloud elements to enable modern user scenarios such as mobile
productivity and collaboration, without forcing organizations to migrate content from existing
repositories
Depending on use cases, organizations choose different EFSS options. The first two cases are very
common and often addressed with cloud-based EFSS solutions based on a proprietary content
repository, adopted for selected use cases, and requiring the migration of existing enterprise
content to the cloud. The third use case emerged more recently from slower organizations that have
legacy data infrastructure but are not ready to migrate content to the cloud. They prefer an
incremental approach to enabling new user capabilities, without replacing existing data repositories
or migrating content somewhere else.
For users, EFSS represents a modern alternative to traditional, cumbersome IT tools. A 2015
Gartner online survey of more than 2,000 respondents about the state of the digital workforce
indicated that 70% of digital workers use cloud file storage and sharing tools for their work
activities. Almost half of respondents use them at least once a week, if not more, and 25% of
respondents use these services daily. A fourth of all respondents characterized by a stronger digital
dexterity tend to have sentiments, behaviors and preferences that are clearly oriented toward
personal, unsanctioned technology tools, including cloud storage and sharing service for
productivity. Among them, 35% say they use unsanctioned tools daily.
These data points show trends in workers' adoption of cloud storage and sharing tools on a
personal basis to raise productivity at work. This represents a potentially explosive issue for IT
organizations — if they do not modernize users' IT tools. EFSS options are the appropriate IT
response to users' demand trends. While EFSS services may not be as easy to use as consumer
offerings, they are definitely a step forward compared with standard IT options and a good
compromise between IT and users' priorities. When users' preferences are central, organizations
should opt for vendors that prioritize on user experience and offer superior UI.
■ Cloud delivery models: Organizations show growing preference for cloud EFSS deployments.
Public cloud is preferred for external collaboration not requiring relevant access to corporate
repositories and systems of record; hybrid cloud is preferred to integrate with existing content
repositories; and private cloud is preferred for content geolocation. Regulated organizations
require local implementations of cloud by regional providers or even on-premises. As a rough
estimate, public clouds get about 50% of preferences, hybrid cloud gets 30%, private cloud
gets 15% and on-premises gets 5%. This Magic Quadrant focuses on EFSS offerings that can
support at least one form of cloud delivery model, and does not consider on-premises-only
models.
■ Content manipulation: Beyond moving and share files, users need content editing, annotation
and note taking to be productive. Key players offer simple content manipulation features in their
client applications, as well as integration with Microsoft Office 365, with controls. Some of the
EFSS vendors provide enhanced native capabilities for protected document manipulation based
on DRM.
■ Back-end integration: Integrating EFSS with existing back-end enterprise content repositories,
such as those in ECM systems and business applications, is critical for organizations to enable
a modern workplace. EFSS vendors offer ready connectors to integrate with common systems
such as Microsoft SharePoint, EMC Documentum and OpenText; as well as platform APIs to
build integration for access and controls. Some vendors support the standard CMIS APIs to
build connectors to ECM products. Although CMIS adoption by ECM vendors is limited, it is
likely to grow, thanks to the emergence of web services and REST APIs. EFSS products
increasingly offer integration with cloud storage such as Dropbox, Box, Google Drive and
Microsoft OneDrive for Business. EFSS vendors are working with cloud access security broker
(CASB) vendors to improve their APIs so that they can fit better into an external management
interface.
■ Data governance: Complementary to back-end integration, a range of capabilities is required
to manage and govern data in different repositories. EFSS products increasingly are expanding
capabilities on content life cycle management (for example, metadata management; assignment
of files per user, per group and per device; and data migration to cloud) and e-discovery. Where
these products are not available natively, they tend to complement third-party products.
■ Security, data protection and compliance: Revelations about pervasive surveillance activities
raise organizations' concerns and drive demand for mechanisms to control cloud encryption
keys and accesses to cloud data. To that end, some public cloud suppliers offer customer
managed key (CMK) technology. Others offer cloud implementations in regional data centers,
with data geolocation, data residency and data sovereignty to meet regulatory compliance.
Sharing files requires granular controls to protect data during access and use. Furthermore, in
regulated markets, these tools must extend existing compliance safeguards. Evaluating security
and compliance risks enables IT organizations to identify not only control priorities but also
service access permissions. EFSS offerings offer security, compliance and management,
including enhanced features (such as built-in DRM).
EFSS offerings differentiate on multiple functions and features, including security, mobility,
collaboration, integration, content management and architectural options. Making a decision on
EFSS destinations investments is complex, given the number of vendors and offerings. It gets even
more complicated when trying to address multiple use cases and requirements. Not only EFSS
destinations, but also EFSS extensions offered by established IT suppliers are considered as well.
Buyers value synergies among different products in a supplier's portfolio, even if it is not complete.
When a single EFSS option is not optimal for all use cases, organizations choose to deploy a
combination of products (see "How to Build EFSS Plans to Address Current and Future Business
Requirements"). For example, often they combine Microsoft OneDrive for Business for internal
users' productivity, and a hybrid EFSS product such as Citrix ShareFile for external collaboration..
Market Overview
Six years after its inception, the EFSS market continues to be fluid and crowded, with over 100
vendors offering EFSS capabilities as either destinations (see Note 2) or extensions (see Note 3). A
fierce competition is ongoing, under pressure of cloud storage, office and collaboration vendors
(e.g., Microsoft, Google, Salesforce, Amazon and Dropbox) that bundle EFSS products or features
in their offerings. Also, traditional IT players contribute to making competition tougher with the same
approach (e.g., Citrix, EMC, VMware AirWatch and IBM). In both cases, EFSS capabilities are
brought to customers at low or no price, diminishing the value of pure EFSS destinations.
Standardization of EFSS features is driving rapid commoditization of EFSS offerings and, therefore,
market consolidation. Destination vendors are expanding their value propositions in new areas that
support digital transformation efforts undertaken by IT buyers — and, overall, the EFSS market is
rapidly transforming into something different.
Looking closer at this evolution, over the next two years, surviving EFSS destination vendors will
transform their EFSS products into much broader suites, partly overlapping and partly
complementing each other. This will generate two new markets (see "The EFSS Market's Future Will
Present an Opportunity for IT Planners"):
■ Modern content, collaboration and workflows: These EFSS products will evolve into modern
content collaboration and document workflow enablement. The focus will be on users'
productivity and collaboration, business tasks, and mobile, context-aware, content-centric
experiences. These products will prioritize on their own content repository, often cloud-based,
and try to replace traditional content management systems. Vendors in this category include
Box, Dropbox and Intralinks.
■ Data infrastructure modernization: These EFSS products will evolve toward enabling back-
end integration with existing content repositories, federation, management, data governance,
and optimization of data implementation, including storage, backup and MFT. The focus will be
on IT infrastructure and operations priorities. These products will prioritize on hybrid
architectures, connectors and data governance — and will be inherently capable to integrate
with products in the first category. They will increasingly implement a virtual layer spread over
enterprise content repositories, and provide management and governance controls to IT
organizations. Vendors in this category include Egnyte, Syncplicity and Citrix.
This transformation will happen over the next 12 to 18 months. Therefore, this Magic Quadrant will
be subject to redefinition in 2017.
In terms of future demand, we expect to see growing demand for both submarkets. In particular, the
first category will be driven by cloud adoption trends that force organizations to rethink productivity
and collaboration, both internally and externally.
The second category will likely see a rapid growth over the next three years. Organizations have
deployed multiple data repositories over the years and must connect them to modern file sharing/
productivity/collaboration environments to accomplish digital transformation of the workplace.
Hybrid architectures and connectors enable EFSS integration with existing content repositories and
Midmarket organizations can derive considerable benefit from taking a strategic approach
to enterprise file synchronization and sharing. IT leaders in such organizations should use
this report to identify EFSS vendors that are focused on or especially suited to the
midmarket.
Market Differentiators
This report contextualizes Gartner's "Magic Quadrant for Enterprise File Synchronization and
Sharing" for midmarket IT leaders, helping them differentiate among various enterprise file
synchronization and sharing (EFSS) tools. It is one of many sources of help in the evaluation of
EFSS solutions that meet the needs and scale of midmarket organizations. The providers
identified have a proven track record of being a good fit for such enterprises.
Effect on IT and business resources: EFSS applications and services with cloud and hybrid
architectures can help minimize internal resource requirements by placing the responsibility to
manage the day-to-day operations and maintenance on the vendor itself.
Usability: In general, EFSS products offer a modern user experience accessible from the cloud
with mobile apps. These modern user interfaces provide a simple and familiar experience for
end users to begin to utilize the product. In turn, less IT involvement in training is needed.
Extended functionality: EFSS vendors provide a broad range of features out of the box,
beyond file synchronization and sharing. These allow IT leaders from midmarket organizations
Notable Vendors
Vendors included in this Magic Quadrant Perspective have customers that are successfully
using their products and services. Selections are based on analyst opinion and references that
validate IT provider claims; however, this is not an exhaustive list or analysis of vendors in this
market. Use this perspective as a resource for evaluations, but explore the market further to
gauge the ability of each vendor to address your unique business problems and technical
concerns. Consider this research as part of your due diligence and in conjunction with
discussions with Gartner analysts and other resources.
AeroFS
AeroFS is a good fit for midmarket enterprises in regulated industries with a need for on-
premises EFSS. The tool uses a combination of peer-to-peer technology and a central virtual
appliance acting as a management layer. This replaces the need for traditional storage servers
without sacrificing the strong control and oversight usually gained from on-premises tools. The
product provides mobile and external sharing features similar to other EFSS products. AeroFS
is available in both free (up to 30 users) and Business (over 30 users) editions.
Citrix
Citrix ShareFile has a large midmarket installed base. The pricing model is different from others
on this list: the Team edition includes five user accounts, but additional employees can be
added for an additional cost. Included with the price is 1TB of storage per user, potentially
alleviating on-premises file share needs. ShareFile also has strong archiving features and is
compliant with several U.S. regulatory statutes, making it a viable candidate for midmarket
organizations in regulated industries interested in using the cloud for archiving.
Dropbox
Dropbox will work well for midmarket organizations that have minimal IT resources to support
EFSS and a desire to move much of their data to the cloud. Included at no additional fee is
service and support across phone, chat and email in multiple languages. In contrast, most other
vendors charge a flat additional fee or a percentage based on user licenses. Dropbox has a
self-service file recovery option, allowing end users to recover deleted versions of documents
without the need of IT intervention.
Google
Google Drive makes sense for midmarket organizations that are considering investing, or are
already invested, in the Google Apps for Work suite. The Google Apps Unlimited plan includes
unlimited storage for accounts with over five users (1TB/user otherwise). The Google Apps
Marketplace extends Drive use cases into other areas of the business beyond EFSS with
integrated third-party apps. In some cases this creates a "one-stop shop" for midmarket
organizations looking to fulfill multiple use cases, such as accounting, marketing and workflow.
Google Drive is also a powerful collaborative tool, with facilitating/authoring using Google Docs
and interconnectivity with other areas of Google Apps for Work.
Syncplicity
Syncplicity is an enticing option for midmarket IT groups with few resources that are looking for
a competitively priced, highly scalable EFSS. The Syncplicity Business Edition is aggressively
priced for midmarket enterprises and includes 300GB per company plus 5GB per user, with the
"How to Build EFSS Plans to Address Current and Future Business Requirements"
"Solution Comparison for Five Enterprise File Sync and Share Solutions"
Sales Execution/Pricing: The vendor's capabilities in all presales activities and the
structure that supports them. This includes deal management, pricing and negotiation,
presales support, and the overall effectiveness of the sales channel.
Marketing Execution: The clarity, quality, creativity and efficacy of programs designed
to deliver the organization's message to influence the market, promote the brand and
business, increase awareness of the products, and establish a positive identification
with the product/brand and organization in the minds of buyers. This "mind share" can
be driven by a combination of publicity, promotional initiatives, thought leadership,
word of mouth and sales activities.
Operations: The ability of the organization to meet its goals and commitments. Factors
include the quality of the organizational structure, including skills, experiences,
programs, systems and other vehicles that enable the organization to operate
effectively and efficiently on an ongoing basis.
Sales Strategy: The strategy for selling products that uses the appropriate network of
direct and indirect sales, marketing, service, and communication affiliates that extend
the scope and depth of market reach, skills, expertise, technologies, services and the
customer base.
Business Model: The soundness and logic of the vendor's underlying business
proposition.
Geographic Strategy: The vendor's strategy to direct resources, skills and offerings to
meet the specific needs of geographies outside the "home" or native geography, either
directly or through partners, channels and subsidiaries as appropriate for that
geography and market.
Corporate Headquarters
56 Top Gallant Road
Stamford, CT 06902-7700
USA
+1 203 964 0096
Regional Headquarters
AUSTRALIA
BRAZIL
JAPAN
UNITED KINGDOM
© 2016 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. This
publication may not be reproduced or distributed in any form without Gartner’s prior written permission. If you are authorized to access
this publication, your use of it is subject to the Usage Guidelines for Gartner Services posted on gartner.com. The information contained
in this publication has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy,
completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. This
publication consists of the opinions of Gartner’s research organization and should not be construed as statements of fact. The opinions
expressed herein are subject to change without notice. Although Gartner research may include a discussion of related legal issues,
Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner is a public company,
and its shareholders may include firms and funds that have financial interests in entities covered in Gartner research. Gartner’s Board of
Directors may include senior managers of these firms or funds. Gartner research is produced independently by its research organization
without input or influence from these firms, funds or their managers. For further information on the independence and integrity of Gartner
research, see “Guiding Principles on Independence and Objectivity.”