The storage and sharing of corporate data has come a long way in the past century. Filing cabinets and storage units full of cardboard boxes are becoming less and less common as technology has paved the way to new ways of doing things. And as companies expand to occupy multiple locations across the globe, and accommodate remote workers and teams, the cloud has become an integral part of how information is stored, shared, delivered, updated, edited, and more. And while the cloud offers many great benefits—for example, co-authored documents that allow multiple people to see updates in real time—it also brings with it a bevy of potential security risks.
Security Concerns of File Sharing
Online file sharing, whether through the cloud or via email, is an incredible business asset—when properly implemented. If it’s misused, however, it also becomes an incredible liability. Suddenly, all of your business’s data, including sensitive information, employee records, and strategic data, is vulnerable and at risk of being discovered by outsiders.
What is particularly troubling is that 80% of data leaks that do occur are entirely accidental. These happen not because of a hacker or industrial espionage, but because of simple human error. If you want to make sure your company doesn’t contribute to that statistic, then there are several clear, concrete steps to take.
Educate Employees on the Risks
It all begins with your employees. If the people who work for you don’t understand the risk inherent in irresponsible file sharing practices, they’re immensely more likely to continue those poor practices. By educating them on the dangers of file sharing and leaked data, you are empowering them to make informed decisions in how to they do their job from day to day.
It’s important to impress upon your employees that they should never use their personal email accounts to send work-related documents, that they should not use apps or services that have not been approved by your IT department or CIO/CISO, and that they should keep a strong password—weak passwords (i.e. “123456,” “passw0rd,” “companyname123,” the list goes on) are a major security risk, and one of the easiest to remedy. They should also be reminded to keep enterprise applications as up-to-date as possible, since most updates include security patches to cover new and emerging threats. Remind your employees that they play an important role in protecting the security and privacy of the company, and give them the tools to live up to that expectation.
Use Business Grade Tools
While cloud-based file sharing apps like Google Drive and Dropbox are fantastic for personal use, they’re made with exactly that in mind—personal use. They aren’t equipped with the same features that make enterprise solutions so secure. If you’re going to employ a cloud-based storage solution for your business, then pay extra for one that has end-to-end encryption of at least 128 bits (though higher doesn’t hurt). If it can be integrated with other services, such as email, then that’s even better.
BYOD also presents security risks, though these can be mitigated by using devices and apps that stand up to rigorous security tests. Again, the importance of keeping enterprise applications up-to-date is paramount.
Implement a Formal File Sharing Policy
The best defense against the risks posed by poor file sharing practices is to leave nothing to chance. This means sitting down with either the IT department in your company, or an IT or cyber security consultant, and addressing every possible angle. What does your file sharing system need to accomplish? What risks are there? How do you protect against those risks? How can you prevent the usage of applications not approved under the policy? Is the solution scalable? Can it be adapted to meet new challenges?
Once you have drafted a formal file sharing policy, put it into practice. Make sure that employees are familiar with it, that they know the importance of only using approved, secure applications, and that they understand the dangers of failing to do so. Keep your policy up-to-date to address new risks and always maintain the security of your cloud infrastructure.
File sharing is easy and convenient, and sometimes that’s what can make it dangerous. But as long as you’re cautious of the potential risks, all your files should be safe and protected from unwelcome gazes.
About the Author:
Lisa Froelings is a business and productivity consultant with over 4 years of experience in human resources working for a major retailer in the country before she decided to build her own business. Her interests include technology, mindfulness as well as time management.
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
- Blog2022.10.12Vulnerability management with Wazuh open source XDR
- Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
- Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky