You are here

Share

Only You Can Prevent Data Leaks

Posted by Accellion Team

A staggering 822 million records were exposed by data breaches in 2013, according to research firm Risk Based Security. Data breaches compel organizations to look at their network infrastructure and security processes, and shore up areas where inadvertent data leaks are taking place.

The use of free online file sharing and syncing solutions is an overlooked area that leaves organizations vulnerable to unintentional data leaks. While most employees would not consider using a non-corporate sponsored email system, those same employees often readily collaborate through a free file-sharing service, because it is often easier to use than what is available from their employer.

Unfortunately, IT departments are often unaware or turn a blind eye to ad-hoc unmanaged and controlled file sharing activity Compounding the problem, many of these ad-hoc file sharing solutions offer little user authentication, encryption, tracking or audit controls. As a result sensitive data can be shared with unauthorized users without being screened by data leak prevention (DLP) or other security solutions often deployed for corporate tools such email.

Instead of ignoring the issue at hand, IT departments and senior managers should accept that employees need an easy way to collaborate without putting the company at risk. Ask these key questions to determine which solution ensures your organization's data security:

  1.     Will employees be sharing sensitive or confidential information? If the material is sensitive or confidentially, there is definitely a need for encryption both at rest and in transit, no matter what deice is being used to share the content.
  2.     Will employees collaborate on files and get input from multiple parties inside and outside of the company, on a variety of platforms and devices? If yes, then the solution must be extensible inside and outside of the corporate firewall, be device and platform agnostic, as well as have features for version control and data backup.
  3.     Do you need to be concerned with the location of stored information? If this is a concern, the solution must be able to host content in specific geographic regions for data sovereignty, or in an on-premise private cloud that complies with international regulations.
  4.     Do you have compliance controls and authentication policies in place for email or other content management solutions? If so, you'll need the same level of control for your file sharing and sync solution, including user authentication, integration with content filtering solutions, and tracking access logs.

The days of turning a blind eye and ignoring ad hoc, BYOD solutions are over.  You should answer these four questions to set your company practices around sharing information to avoid the worst-case scenario of sensitive data leaking outside the company.