Messed Up Bad - Any Hope For Me?

  • 1
  • Question
  • Updated 4 months ago
We were cleaning up users and licenses on our account and I removed an old admin user account that we no longer used.  This user had 0 items in their ShareFile folder so when I got the prompt to re-assign their folder, I opted to just nuke it instead of re-assign.

Well.....turns out that this user account was the account used to create a few of our company's Shared folders that were heavily being used and when I removed the account, it completely deleted those Shared folders and files.  I contacted Support but they said once those folders were deleted....they're gone forever.  We just assumed ShareFile would be doing backups of our data and we could restore but.....nope?

We've been contacting any user who may have been offline syncing those folders and are piecemealing data back together (when the folders were nuked, the user clients moved the contents to their recycle bin) but we're still missing random folders and files.

I done messed up good, I have a lot of people mad at me and I'm wondering if there's ANY hope of getting the data back before that account was deleted.
Photo of SH Admin

SH Admin

  • 3 Posts
  • 1 Reply Like
  • sick....

Posted 4 months ago

  • 1
Photo of Durga

Durga

  • 114 Posts
  • 6 Reply Likes

There is 45 days retention. check your accounts recycle bin
Photo of Leo

Leo, Official Rep

  • 437 Posts
  • 43 Reply Likes
Hi SH Admin,

Unfortunately no.  When content is created in ShareFile, there always has to be an owner of that content in order for it to exist in ShareFile.  This owner has to be an employee user.  If an employee user is deleted or downgraded to a client user without reassigning ownership of their content to someone else, that content no longer has any owner at all and cannot exist in that state in the account.  This is why there are multiple notices telling and warning about this during the user deletion process.  Once the user is deleted, the items that user owned are not recoverable.

For those unaware what the process looks like, it is visible in this article:
https://support.citrix.com/article/CTX214410

-Leo
Photo of SH Admin

SH Admin

  • 3 Posts
  • 1 Reply Like
Thanks, Leo.  Totally understand and you are 100% correct that there are multiple warnings issued when you choose not to re-assign the folder.  I do wish it would have listed the shared folders that were to be deleted (as I was only concerned about that user's specific folder), but I definitely take full responsibility for overriding the warnings.

Could you clarify why there is no option, I guess on the "back end" of ShareFile infrastructure to restore user's data or even users themselves from a specific time?  I know I'm taking a simplified view, but even within our own company we can restore user and data state from a particular day.
Photo of Leo

Leo, Official Rep

  • 437 Posts
  • 43 Reply Likes

Hey there,

I've passed along the request about listing the folders over to our product managers for you -- we think it's a reasonable suggestion, but I can't make any promises about implementation.  

As I mentioned, the content has to have an owner associated with them.  As long as that requirement is met, any sort of recovery is self-maintenance through the user and folder recycle bins.  Unless you know every single item that a user owns, or if you have to purge everything associated with a user for some security related reason, it's best to always reassign content to another user when deleting an existing user. Another tip is to perhaps run an audit report on the user to see what they have access and ownership over before removing the user.

ShareFile doesn't work like a recovery service like Carbonite or Apple's Time Machine.  We do not take snapshots of how a particular account was like on X day of Y month for restoration purposes.  While we do provide versioning to help manage multiple versions of files and recurring logs to help audit what was in the account, there is no option to roll back to how an account is at a specific time like you can with desktop management. Our focus is more on content collaboration than back up and recovery.

The scenario ShareFile Admin VA mentioned below is covered by the storage servers having their own backups if they go offline for one reason or another. You should feel confident that content stored with ShareFile is protected. Unless intentionally removed, through deletion or deletion by removing ownership, your data is backed up.

-Leo
Photo of ShareFile Admin VA

ShareFile Admin VA

  • 34 Posts
  • 6 Reply Likes
Thanks, Leo.  So are we covered in the case of a malicious action through a compromised account or some other situation? It seems that would fall under "Unless intentionally removed, through deletion or deletion by removing ownership, your data is backed up."
Photo of Matthew

Matthew, Product Manager

  • 7 Posts
  • 0 Reply Likes
In the case of a compromised account, if a bad actor decided to delete files and also permanently delete those files from the recycle bin they will be lost. We provide features to help our customers protect their user accounts including SSO https://support.citrix.com/article/CTX208557 and Two-Step Verification: https://support.citrix.com/article/CTX208336

For detection of anomalous and malicious behavior, we offer Citrix Analytics Service: https://www.citrix.com/products/citrix-analytics/.
Photo of ShareFile Admin VA

ShareFile Admin VA

  • 34 Posts
  • 6 Reply Likes
Sorry to hear about this.  I'm a little disappointed in ShareFile's take on backups.  If they truly have no backups, what happens if there's a physical incident at one of their data centers? All customer data is lost? Why do they advertise as being better than on-site storage?
Photo of Matthew

Matthew, Product Manager

  • 7 Posts
  • 0 Reply Likes
Thank you for your comments. We have redundant backups of customer data across multiple regions to protect against one data center going down. However, once a file is deleted from the recycle bin, it is deleted across all regions and cannot be recovered. 

If you are concerned about users deleting files, you may ask your account rep to enable archiving on your account. This will keep all deleted files for a specified number of years: https://support.citrix.com/article/CTX208326. However, this prohibits various features and we recommend a third-party disaster recovery vendor for point in time snapshots of data.
Photo of Amelie

Amelie

  • 64 Posts
  • 6 Reply Likes
Instead of deleting all the files the user had, could they be moved to the bin of the administrator ? I would feel more "protected"... 
Photo of Leo

Leo, Official Rep

  • 437 Posts
  • 43 Reply Likes
Hey Amelie,

It's not the same thing as a file delete.  Files and folders get created by someone.  That someone is the 'owner' of the content.  The mechanics that make ShareFile tick require an owner of the content or it can't exist in a usable state.  Moving the content won't do any good because the former owner was deleted, and there's no replacement, so they would go *poof* regardless of where they go.

-Leo
Photo of Amelie

Amelie

  • 64 Posts
  • 6 Reply Likes
Hi Leo, thank you for your answer. I understand that deleting a user remove all files because they need an owner. 

Although, the solution I had in mind was to copy the files in the bin of the administrator. It would be the same mechanism as when you are being asked if you want to keep the files of the user you are deleting (but the system would do the copy to your bin by default).

Thanks!
Photo of Leo

Leo, Official Rep

  • 437 Posts
  • 43 Reply Likes
Ah, understood.  Move would keep the original owner while Copy would recreate them under a new owner, so a copy under the deleting user's account would keep them around, yes. 

-Leo