Security First Associates

Security Clearance CAN Change Your Life!

You are here: Home / Security Focus Blog / The Threat of File Sharing

By

The Threat of File Sharing

The Threat of File Sharing

A surprising number of companies suspect their employees are using online file-sharing services to store and share company files. This is a dangerous situation.

How dangerous? It really depends on how sensitive, regulated and critical the documents are. However, many of the companies are unaware that employees are even using these personal file sharing services, and they are being used without the approval of the IT department.

This trend, known as “shadow IT” is becoming more popular with over 60 different products available for consumers. Today, employees are using popular products such as Dropbox, Citrix ShareFile, and EMC Syncplicity to help them share files in a public, private or hybrid cloud – or sometimes even over the Internet.

The problem comes when they’re storing sensitive information – the information subject to regulatory and compliance laws – in those clouds. However, most of these companies have a formal policy against using personal file-sharing services for corporate data, but employees may do it anyway.

The issue becomes a real problem when the employee leaves the company. Because these corporate files are shared on personal accounts – not corporate accounts – they leave with the employee when they leave the company, with the IT department never knowing what files they have saved where. That employee could have personal data such as health, banking or credit card information of customers, other employees and the like. Additionally, this data could be accessible from any device that the employee (or other family members) can access that personal file-sharing service from.

Of course, it’s impossible for companies to prohibit employees from using personal file-sharing services. However, it is imperative for the IT department of every company to come up with a solution for storing sensitive data in personal online file sharing accounts on their own company cloud. There’s obviously a clear need, otherwise there wouldn’t be such a high demand for outside products.

So to keep company information safe, every IT department should begin to roll out their own alternative before the personal file sharing becomes a legal problem.