The Perils of Consumer-Grade File Sharing and Sync Solutions in Enterprises
The popularity of Cloud-based file sharing and sync in the work place is quickly growing; this growth can be largely attributed to the use of mobile devices. As a matter of fact, most corporations are now spending a larger chunk of their IT budget on software rather than hardware, mainly because employees are bringing their mobile devices to work and using them for work related purposes. A study conducted by Juniper research revealed that the number of employee-owned tablets and smartphones used in the enterprise will likely double in 2014. Realizing that their IT infrastructure is walking in and out of the door in backpacks and purses, an increasing number of organizations are now enforcing Bring Your Own Device (BOYD) policies.
However, BOYD policies and a growing mobile workforce are putting new pressures on IT and revolutionizing the requirements for how employees want to access corporate data. A mobile workforce is without doubt a productive one but a mobile workforce also has the ability to bring the most threats to the enterprise. IT is not a command and control role any more, where the software and hardware that employees use is dictated. Enterprise IT departments are now struggling to accommodate a growing and changing assemblage of mobile devices while at the same time keeping business operations secure and on track.
If you have a smartphone or a tablet, you would clearly like to have the ability to quickly access information on both those devices for work purposes. Recent statistics show that most employees access work documents on the go. However, most organizations don’t provide enterprise-grade alternatives for file sharing, forcing a large portion of the mobile workforce to resort to the use of unauthorized consumer grade file sharing services as consumer-grade file sync and share solutions are usually free, quick to install and easy to use.
The first thing that should be noted is that enterprise security needs greatly differ from individual security needs. No one would like their private files and documents exposed however, when it comes to the protection of sensitive information, the stakes tend to be higher for organizations. The information security threats faced by an organization are also quite different and widespread compared to the ones faced by an individual.
Below are some of the risks that consumer grade file share and sync solutions pose in an enterprise environment.
1. Data leakage
Most consumer file sharing and sync solutions do not have the administrative tools needed to ensure that files are accessed by people who have the authority to access them. With such a setup, IT admins have absolutely no way of monitoring consumer based file sharing solutions hence there is no way of tracking to whom or where crucial company information is sent to. This makes the risk of data leakage very real.
2. Impossible to keep track of data access
The importance of admin controls and monitoring in enterprise IT should never be taken for granted. If an employee with a generic on-line file sharing account leaves the organization, then this former employee would still own the account and any company data stored in it. The use of audit trails and granular access controls can help IT admins know who accessed what when and block user accounts if needed.
3. Data loss
Since the movement of files and file versions is not being closely monitored across endpoints in consumer file sharing. It is quite easy for modified files in a workers device to be erroneously backed up (or not backed up at all). If the endpoint is compromised, it may result in the inability to restore current versions of files.
4. Compliance violations
Most compliance policies demand that files are only accessed by authorized people and that they be held for a specified duration of time. In order to comply, it is vital to use strict controls over who can access files and how long files are kept. Consumer-grade sharing solutions tend to have limited file access controls and generic file retention policies; by using it, you could be setting yourself up for a compliance violation.
5. Client related problems
Most consumer-grade file sharing providers offer end users free rein to share or permanently delete files. This can easily lead to the deletion or permanent loss of crucial client files and documents or the sharing of private information. This would automatically break any agreements in place with clients and other third parties and leave your organization liable for a lawsuit.
So the question still remains – how can an enterprise make sure that employees can share information and collaborate without sacrificing compliance and security? How can they guarantee that sensitive company info is safe? Well, the answer is clear get a private cloud aka a self-hosted enterprise file sharing and sync solution such as FileCloud.
Author: Gabriel Lando