Should Your Company Just Say "No" To Dropbox?

As the business world increasingly turns to mobile devices and cloud-based file-sharing services to store or collaborate on important documents, the amount of information that’s falling into the wrong hands keeps climbing.

The numbers tell the tale: 90% of organizations had a leak of sensitive or confidential information over the past year. That’s one of the take-aways from a new study from security analysts at the Ponemon Insitute.

Dropbox Is Useful - And That's The Problem

Services like Dropbox, Bitcasa, YouSendIt and others are useful and efficient ways to get documents and files from one worker to another, especially in this age of mobile devices and distributed workforces. Plus, they’re cheap (or free) and easy for individual workers or small departments to set up.

But increasing use of these tools in the workplace, even for legitimate business reasons such as collaboration, puts a lot of private information at risk. And companies are starting to notice.

How bad is the situation? According to the Ponemon study, 60% of organizations have employees who frequently or very frequently put confidential files on services like Dropbox without permission. And just about that same percentage (59%) reported that what controls they do have in place were inefffective at managing who has access to sensitive files.

Not Inherently Insecure, But...

It’s not that these consumer cloud services are inherently insecure. But as Wired’s Mat Honan learned a few weeks ago, nearly any service can be socially hacked (though proper precautions can help.

The problem is that mobile and remote workers want to have access to their files where and when they need them. But the idea of just having critical company information out in a public cloud makes a lot of companies nervous. Risks of data loss and falling out of compliance are too high to ignore.

“Consumer file-sharing services are effective, for consumers, but they lack the security, reliability and granular permission settings that business requires,” said Andrew Dixon, Sr., Vice President of Sales & Marketing for Igloo Software, a cloud-based business collaboration company. “And that means they can quickly become just another way for information to fall into silos or slip into the wrong hands.”

IBM Bans Dropbox And Its Ilk

Some companies are already reacting with strong policies regulating use of such file-sharing services. IBM, for instance, has banned employee access to services like Dropbox and iCloud. Even the iPhone’s Siri is turned off for fear that sensitive information could be discovered from search query data stored at Apple.

This might be going too far for many companies. Especially if they don’t provide some sort of alternative. IBM has its own custom-built solution for file sharing, but many smaller operations can’t afford such measures.

A Business-to-Business Opportunity

Not surprisingly, new ventures are stepping to try and fill the void. The solution is use a collaborative platform with secure file sharing capabilities, according to Yorgen Edholm, CEO of Accellion, which markest just such a product.

“Organizations need to give their employees a secure way of sharing files or every mobile device will continue to be a potential sieve for confidential data,” Edholm wrote in a recent article on Forbes, “Before deploying a file-sharing solution, organizations should educate themselves about the risks of various file-sharing technologies and the requirements for enterprise-class mobile security.”

In other words, if you can’t beat ‘em, join 'em. By implementing a broader solution for collaboration that has easy-to-use and secure file sharing features, IT managers can reduce workers’ temptation to venture out on a consumer service.

Make a collaborative platform safe, make it easy and your sensitive documents might just stay where they belong.

 

Images courtesy of Shutterstock.