Don’t Risk Corporate Data: Three Steps to Take Back Control of File Sharing

Bring your own device (BYOD) has redefined the way we work. It allows us to work from any device and access corporate files and networks from anywhere. Now we also have bring your own cloud (BYOC).

 

Workers are using the device and cloud service provider of their choice for a range of things they would traditionally have used corporate systems for, including file sharing. Without the proper policies in place, this can cause a major headache for IT. Email remains the most prolific platform for communication and messaging in the workplace. However, certain limitations within email can lead to data security issues. Users simply want to remain productive, send and receive files of any size, and ultimately, work free of restrictions – and they want to do so in a familiar environment. Unfortunately, file size and storage limitations within commonly-used email platforms impose restrictions that force users to find workaround solutions. In most cases, the workaround solution is an unsanctioned, consumer-grade file sharing service.

Ask yourself: Do you have policies in place to control the use of file sharing services – and ultimately protect corporate data – across your organization? Are you among the 37 percent of organizations that have no policy in place? Or, are you among the 46 percent of organizations that “restrict and say no” to file sharing services altogether, according to research from the recent report from Bloor? We get it. You are overwhelmed, under-resourced and focused on issues flagged as “top priority.”

With the right policies, personal devices at work don't have to be a data security threat.

But if the protection of your corporate data is not a priority, it will eventually catch up to you – most likely in the form of information leaking out of the organization. Whether or not you choose to acknowledge the issue, employees at your organization are finding ways to send, receive and share files of all sizes. According to Workshare, 69 percent of employees are using free file sharing applications – but only 28 percent have authorization from the organization to do so. Consequently, data from Symantec shows through the use of rogue cloud-based file sharing services, 83 percent of large enterprises and 70 percent of SMBs have had sensitive information placed in the cloud without organizational oversight. The repercussions of consumer-grade file sharing services in the workplace can include loss of IP; sensitive data leakage; loss of visibility and control over where data resides; and compliance, regulatory and eDiscovery breaches. Many of these will not only cause you inconvenience, a significant breach could cost you business, irreparably damage your reputation and result in significant fines from regulatory bodies. How to Take Control of File Sharing at Work The bottom line is this: users want your support. If you give them guidance, education and a viable, frictionless solution, they are a lot more likely to comply with your policy. Here are three easy steps to keep corporate information protected by putting in place a secure, controlled file sharing service: 1. Don't ignore the problem. There is a lot of file sharing happening at work, and file sizes will only continue to rise. Instead of ignoring data protection, make it a priority by finding a service that allows users to work within email to send and receive files – regardless of size – instead of finding workaround solutions. 2. Select an enterprise-grade platform. Consumer-grade services leave your organization susceptible to data leaks and other security threats. They also make it hard for you when it comes to eDiscovery or statements of compliance. Find an enterprise-grade service that gives you visibility and control, while allowing users to work seamlessly within a familiar environment. Use a platform that is built with access controls; content control and data leak prevention; archiving, compliance and eDiscovery; expiring access; and centralized policy management, reporting and logging. 3. Train and educate users. Programs should be in place to help your users understand the sensitivities of different classes of information and the risks associated with mishandling sensitive data. Users should have a clear understanding of what cannot be shared outside the organization and secure ways of sharing appropriate information with external parties. By following these three steps – and finding the right solution – you can take back control of file sharing in your organization. Interested in learning more? Download this report by Bloor Research: “Take Control of File Sharing Services … Best Practices for the Safe and Secure Use of File Sharing for Organizations.”        

FILED IN