This is totally NOT JAMF related. However, you are all my favorite folks to ask for this type of advice and so, here I am.
Now for my issue: Our users are tired of working with our secure SMB file shares. They don't like being advised to move files to their local drives before beginning to work on them. They don't like learning which characters they shouldn't use (you know, like and or :), and they really hate having to have IT set directory permissions etc...
To help alleviate these issues we've moved all of our non-sensitive documents and files to GAFE (in more of a managed manner than that implies), are moving all HR related files to our HR management system, will be moving archival financial documentation to a properly secured Document management system that we are still evaluating, but we need to find the best solution to manage, share and maintain secured working files which may contain PII, PHI or other sensitive business information.
Because we've found good secure ways to handle MOST of our documents there are only a small number of users (I'm guessing less than 30) with minimal storage needs. Here in IT we love our Dropbox Business account but are looking into things like Box because they'll let you manage your own encryption keys. While both companies will sign BAAs (or rather HIPPA BAs) only Box will let you manage your encryption keys. While advertising some pretty neat file collaboration features.
Now, most of my personal experience with FileSharing and file security relate to our Distribution Points and so I am nowhere near being an expert in this field. I am unaware of any easy ways to accomplish this type of thing utilising traditional file sharing services and so I may be missing some ways to manage standard SMB shares so that it's more user-friendly and reliable.
What are everyones thoughts on this?
Most cloud programs sync to the local computer. OwnCloud, Google, DropBox, extra. So if they don't want to upload / download; syncing may be one way around that issue. Of course then you have files being stored on the client computers. Though your users probably do that to some degree anyway.
Some clouds now have options like save to drive, open from drive. Or plugins for browsers that try to make working from the cloud more seamless. (double clicking on a file , cause the browser to download and open the file in the background. When the file changes it tries to syng the file back to the cloud.
You could also look at hosting your own with some thing like qnap or sysnology.
Maybe we'll get lucky and at some point macOS will have the same built-in cloud drive features as iOS.
You could also use a service like https://www.sookasa.com/ to give you the seperation between google drive & your encryption keys .