10/11/2014

By James Bindseil, CEO, Globalscape

As the iCloud photo breaches continue to plague celebrities, the spotlight that these data breaches created is now firmly on IT security, begging the question, how can data can be safely transferred? The breaches have made many business leaders question their current security protocols and examine how their employees are sharing data. This particular incident is of special concern because private files were taken from iCloud accounts, and many organisations regularly allow their employees to use personal devices for business related activities.

Most employees who choose to use consumer file sharing applications or consumer cloud storage sites in the enterprise choose to use them because of convenience. However, personal email, remote storage devices, cloud storage services and consumer file-sharing sites, all pose significant compliance and security risks to organisations. All too often it seems business users are failing to utilise public tools safely or are unaware of the potential risks. Organisations must take precautions accordingly to mitigate these risks, which are often ignored by employees.

1. Education
One of the easiest ways for employers to reduce the threats posed to their organisation is to educate their employees on safe ways to share data, both with other employees and with partners outside of their organization. A Globalscape survey found that a staggering 45 percent of employees have used consumer-grade file sharing solutions, to share business data and information. Employers must educate their employees on the risks they impose on the business by using consumer-grade file sharing methods. Once employees understand the risks, it is imperative that they get educated on how they can share files securely.

2. Protocols
This leads us to the next step of imposing strong file sharing protocols within an organization. These protocols help ensure that employees share and store data safely. The inherent benefit of keeping data stored within the enterprise IT infrastructure is that it can be managed and monitored by the internal IT team. When files leave the enterprise infrastructure, they are very difficult to track and they can land in the wrong hands without the knowledge of the IT team. Protocols must prohibit the use of consumer-grade file sharing tools to help mitigate the risk of the distribution of business data outside of the controlled enterprise IT infrastructure.

3. Empowerment
Education and protocols are two good steps in the fight against keeping proprietary data in the enterprise, but providing employees with suitable tools is the next important step. Introducing employee-friendly technologies such as an easy to use enterprise-grade managed file transfer solution, gives employees the ability to easily and safely share files. The optimum situation is to provide tools that work in a way that your employees are already familiar with. Empowering employees to use these solutions, helps keep them from returning to old unsafe standbys, like consumer-grade file sharing systems or unencrypted USBs.

4. Visibility
The growth of the mobile workforce and the importance of flexible working means that more businesses are actively encouraging their staff to work remotely. This is great, it provides a work life balance for many employees; however an increasingly remote workforce should not limit an IT department’s ability to view what is happening in their network. Introducing enterprise-grade managed file transfer solutions help provide the IT department with visibility into what is being moved where and almost more importantly, by whom. Authorized personnel, whether they are in the IT department or in management, need to be able to see the status of corporate data at all times, including when it is being sent to other people within or outside the organization.

Managing IT security for any organisation is an ongoing process, unfortunately however, it seems to take a data breach as large as the celebrity iCloud incident to spark businesses into action. As companies introduce new tools and software to their workforces, organisations need to make themselves and their employees aware of potential security risks. In addition, IT teams need to make sure they work with employees when they choose new technologies to ensure that all relevant parties are committed to using them. This will also ensure the security of proprietary enterprise information and data.

There are many businesses that are already putting many of these steps in place and are investing in enterprise-grade managed file transfer solutions. This is a significant first step for any organisation, but it must be accompanied by employee education and empowerment. Ensuring an environment exists where safe file sharing is simply a best practice can be made relatively simple through ongoing education and leadership, the benefits of which, the safety and security of enterprise data, are often priceless.