Sharing files with colleagues and clients should be easy and convenient. What it shouldn’t be is a security risk — but it frequently is. Because many small businesses don’t have the right file-sharing systems and policies, many turn to unsafe practices that often put both their business’s and clients’ privacy in jeopardy.
An annual study by the Ponemon Institute revealed that although 37 percent of data breaches are due to malicious attacks — cybercriminals and inside jobs — 35 percent are actually caused by the “human factor” attributed to employee or contractor negligence. Another 29 percent are due to system glitches. One significant contributing factor is Shadow IT, the practice of employees using IT solutions that are not officially implemented and approved by an organization or its IT department. This includes using personal email accounts, free cloud storage services and other consumer services systems to share business documents, all of which pose significant security risks.
“It should be no surprise that Shadow IT, combined with the carelessness of corporate employees, can put company data at risk and lead to dangerous consequences,” said Alex Gorbansky, CEO and co-founder of document management company Docurated.
When it comes to file sharing, IT is still playing catch-up in many companies, Gorbansky said. “Employees have bypassed IT and signed up for individual or departmental access to cloud-based file storage and collaboration services,” he said. “Doing so gives employees short-term gain through immediate access to files.”
However, such short-term collaboration solutions potentially carry long-term risks. “These individual or departmental accounts are set up on an ad-hoc basis, corporate permissions are not inherited, and deprovisioning user access when someone leaves the group, team or company is often an afterthought,” he said.
Is your business guilty of engaging in dangerous file sharing habits? Here are five you need to watch out for and what you can do about them: