WHAT IS NIST? THE COMPLETE GUIDE TO THE NIST CYBERSECURITY FRAMEWORK
Explore this comprehensive guide on how the NIST Cybersecurity Framework can be applied to your organization.
Enterprise vs Consumer File Sharing
Cloud-based file sharing in the work place is quickly growing; this growth can be largely attributed to the use of mobile devices. Most corporations are now spending a larger chunk of their IT budget on software rather than hardware, mainly because employees are bringing their mobile devices to work and using them for work related purposes. A study conducted by Juniper research revealed that the number of employee-owned tablets and smartphones used in the enterprise will likely double in 2014.
Realizing that their IT infrastructure is walking in and out of the door in backpacks and purses, an increasing number of organizations are now enforcing Bring Your Own Device (BOYD) policies.
Below are some of the risks that consumer grade file sharing solutions pose in an enterprise environment.
1. Data loss
Consumer file sharing solutions do not have the administrative tools needed to ensure that files are accessed by people who have the authority to access them. IT admins have absolutely no way of monitoring consumer based file sharing solutions hence there is no way of tracking to whom or where crucial company information is sent to. This makes the risk of data loss very real.
File sharing services also give the option to send password-less access links via email. Email can be forwarded to anyone, without the knowledge of the sender. There is also no guarantee that email is secure from unauthorized parties, as email messages are stored on both outgoing and incoming mail servers. Finally, email is not encrypted and there can be no guarantee of protection against malicious parties.
2. No way to keep track of data access
Admin controls and monitoring in enterprise IT should never be taken for granted. If an employee with a generic on-line file sharing account leaves the organization, then this former employee would still own the account and any company data stored in it. Audit trails and granular access controls can help IT admins know who accessed what when and block user accounts if needed.
3. Data corruption / Virus penetration
Since files are not being closely monitored across endpoints in consumer file sharing. It is quite easy for modified files in a workers device to be erroneously backed up (or not backed up at all). If files are compromised and shared with coworkers, it would be easy for a a virus to replicate to the entire network.
4. Compliance violations
Compliance policies demand that files are only accessed by authorized people and that they be held for a specified duration of time. In order to comply, it is vital to use strict controls over who can access files and how long files are kept. Consumer-grade sharing solutions tend to have limited file access controls and generic file retention policies; by using it, you could be setting yourself up for a compliance violation.
5. Client related problems
Consumer-grade file sharing providers offer end users free rein to share or permanently delete files. This can easily lead to the deletion or permanent loss of crucial client files and documents or the sharing of private information. This would automatically break any agreements in place with clients and other third parties and leave your organization liable for a lawsuit.
Administrators need to exert control over end users to ensure files are transferred securely at all times. Consumer-grade (end even Enterprise-grade) file sharing puts too much control in the hands of the end user (sender).
So the question still remains – how can an enterprise make sure that employees can share information and collaborate without sacrificing compliance and security? How can they guarantee that sensitive company info is safe? Well, the answer is clear; get an Enterprise account from FTP Today.
About Martin Horan
Founder of FTP Today and an expert in secure file transfer and Internet protocols. A software and IT geek since a young age, Martin has successfully led his companies through the digital age by spotting market niches and filling them with quality IT services.