More than 25% of file-sharing service users report still having access to work documents from their previous employer, according to a “Rogue Cloud in Business” survey of 2,000 U.S. adults by Harris Interactive for Egnyte, an enterprise file-sharing platform provider.
According to FierceITSecurity, the survey highlights the security risks uncontrolled file-sharing practices pose to the work place from these practices are obvious. An Egnyte presser claims The survey results illustrate a major exposure for today’s businesses when it comes to the transfer and storage of data through unapproved and insecure cloud-only file-sharing services.
The new survey uncovers deep issues around the rogue usage of consumer-based cloud services and illustrates the need for IT to deploy a secure enterprise-grade solution that meets the file-sharing needs of employees while protecting sensitive business data from the risks associated with insecure file sharing through the cloud
The survey found that:
51% agree that collaborating on file-sharing services (such as Dropbox and YouSendIt) is secure for work documents;- 46% agree that it would be easy to take sensitive business documents to another employer;
- 41% agree that they could easily transfer business-sensitive data outside the company using a file-sharing service;
- 38% have used file-sharing services have transferred sensitive files on an unapproved file-sharing service to someone else at least once; 10% have done it 6 or more times;
- 31% agree that they would share large documents that are too big for email through a file-sharing service without checking with their IT departments;
- 27% of file-share service users report still having access to documents from that previous employer.
Another report from Workshare paints a grimmer picture for those of us tasked with protecting a firm’s intellectual property. The report titled “Workforce Mobilization” shows the true extent to which mobile users are willing to bypass IT policies and use unsanctioned applications to share large files and collaborate on documents outside of the office.
- 72% of workers are using free file-sharing services without authorization from their IT departments.
- 62% of knowledge workers use their personal devices for work.
- 69% of these workers also use free file sharing services to collaborate and access shared documents.
- At companies with fewer than 500 employees only 24% of employees using authorized file sharing solutions.
Robert Hamilton, director of information risk management at Symantec (SYMC) in Mountain View, CA also told FierceCIO a continued threat to the company’s data comes from employees who feel like they live in a “finder’s keepers” environment.
Not encouraging
The results of the survey report, entitled “What’s Yours Is Mine,” were not encouraging to IT security professionals and IT management. According to the Symantec survey of employees:
68% of their company doesn’t take proper steps to protect sensitive work information;- 56% do not believe it is a crime to use a competitor’s trade secrets;
- 40% download work files to personal devices;
- 40% plan to use old company information in a new job role.
Symantec’s Hamilton told FierceCIO:
Employees are taking increasing amounts of data outside the company, and most people do not believe using corporate data for themselves is wrong … The attitude is that ownership lies with the person that created it, not with the company that employs them.
rb-
All three of these firms sell products they claim that can stop a firm’s intellectual property from leaking out through public file-sharing services. But before you engage any firm, some basic steps should be taken.
- Develop a technology acceptable use policy.
- Include public file-sharing services in the AUP.
- Incorporate the AUP in the staff handbook, and make sure staff sign it before they are given network access.
- Train staff on the risks associated with using public file sharing services for sharing corporate documents. Risks include HIPAA violations, PII release, Malware, PCI-DSS violations, and Government “Snooping.” Only then –
- Engage a service provider to implement an enterprise-approved alternative to the free file-sharing services.
Symantec Infographic
Related articles
- New Snowden docs reveal Canada spying on millions of internet users | Jan. 29, 2015 (information-machine.blogspot.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.