With the increasing popularity of free services like DropBox and YouSendIt, do you really know where your shared business files are going or who has access to them?
Take a moment to think of the last time you shared an electronic file or document with a colleague or friend outside of your business or workplace. What did you use to share this document? Perhaps it was via email or maybe you used a free consumer service like Dropbox or YouSendIt to upload and host this file online. No matter how you shared this file, do you know exactly how secure the service is and who else has access to your data?
As some well publicised recent data breaches in free online file sharing services show, users looking for an easy way to share and sync files across desktops, laptops, smartphones, and tablets need to think carefully about the risk they are taking as their files head to externally hosted cloud file sharing solutions.
One free service popular with both consumers and business users was recently attacked by hackers who were able get a hold of customer email addresses, resulting in spammed accounts, and last year the same service accidentally turned off password protection for all customers for four hours. IBM has also taken steps to ban the service from use among employee devices.
In Australia, there is a growing trend that is seeing staff bring their own IT equipment into the workplace, this has been termed “BYOD”, short for bring your own device. This includes smartphones, tablets and laptops to access, work on and share business information. This trend is the major driver in the need for secure file sharing abilities for businesses.
Global Industry Analysts (Inc.) has predicted corporate investment in mobile software for remote workers is expected to reach nearly $80 billion by 2017. That’s $80 billion just for software – not hardware! The Asia Pacific region represents the largest market worldwide for mobile computing devices.
While greater use of mobile technology is resulting in huge benefits for businesses of all sizes, safe and secure sharing of information can seem difficult to navigate. On the plus side, it’s easier than ever before to share files across devices and with co-workers, but the downside of possibly exposing that information to hackers, or not having access to it in a public cloud outage, can outweigh the benefits.
Using free services may seem easy, as in many cases, you simply drop files in a folder, and – Presto! – your files are accessible to others. But the easy, casual nature of these solutions can also present a major security issue for business owners. Your files just went somewhere else, but where? And to whom? Did the free service you signed up for ask you to sign over the rights to that data? To the dismay of security experts, vast amounts of business information is being stored and shared from unregulated and potentially unsecured locations on a daily basis.
Consumer mobile file-sharing solutions can also lack the audit trails and monitoring to allow you the control needed to ensure sensitive information remains completely secure. The big question is how do you ensure employees can share information and collaborate without sacrificing security? How does a business track a file’s use?
At Accellion, we suggest this is the minimum standard of what to look for in a secure file-sharing solution for your business:
- Easy-to-use: Why is easy-to-use at the top of the list? Because if a solution isn’t easy-to-use, employees will look for ways to work around it. When it comes to security, you want employees working with you, not against you.
- Encryption: No surprise here: encrypting files is essential for protecting confidential data from prying eyes. Make sure the solution encrypts files both in transit (travelling over a network) and at rest. “At rest” here means not just on a file server, but on any mobile device, such as a smartphone or tablet. Mobile devices are often lost and you want to make sure your data is safe even when a physical device is not.
- Centralised control: The business owner should be fully informed about where the data is at all times. Just this week a major consumer service has been slammed by users unable to access their files for more than 24 hours. These types of risks are simply not acceptable when running a business.
- Multi-platform support: The typical mobile worker today is carrying two or three mobile devices, so your mobile security solution needs to work seamlessly on laptops, tablets and smartphones from multiple vendors. For smartphones and tablets, security controls must work reliably across iOS, Android, BlackBerry and Windows Phone. The same solution should work on desktop computers, as well.
- Secure access for external users: The changing face of business in Australia means a rise in the number of remote workers. You want to include these people in the secure scope of your file-sharing system. Otherwise, employees might be tempted to break the rules and illicitly share files to “outsiders” who really are part of your team.
When it comes to knowing who has access to your corporate information, you wouldn’t let a stranger rummage through your computer, yet millions of businesses are putting their critical information at risk of being accessed electronically through unmanaged file sharing sites.
The implications of having files vulnerably stored in consumer grade file sharing solutions can be monumental. From hackers accessing critical business information to competitors sabotaging plans via leaked documents, the stakes are always high.