Technology News

latest updates from easySERVICE™

Can Services like Dropbox be a potential risk for Data Breach?

dropbox

Dropbox is one of the most commonly employed file sharing services in Shadow IT, offering a simple tool for file storage and sharing. According to Dropbox, the number of registered users is growing exponentially and is currently at 100 million users worldwide.

It is commonly understood that people use Dropbox to share personal photos, videos and documents. The question is – how many people are using Dropbox for work? And, perhaps more importantly, do organizations have a clear view into who is using Dropbox?

According to the survey, 1 out of every 5 respondents is placing work files at risk in a personal Dropbox account. In the process of leveraging filesharing services users are storing files outside of the managed IT infrastructure in a solution that does not provide enterprise class security or control.

The frequent use of Dropbox at work, combined with the security concerns, is one of the most troubling aspects of Shadow IT. A critical step in addressing the risk is by understanding that who is in the organization leveraging this tool.

After an organization identifies who is leveraging Dropbox, the next step is to understand what type of files reside in it – are they public or private files? While it is possible that the files stored in Dropbox contain non-sensitive information, it is more likely that users have become accustomed to using these services for all files, including sensitive content. The sensitive data stored in Dropbox is not secure and just as importantly, not controlled by IT.

This means that if an employee leaves the company, the information that user has stored goes with them, creating a significant risk of data loss or exposure. Furthermore, as the amount of sensitive corporate data stored in Dropbox increases, the online filesharing service will become a more attractive target for hackers and other malicious groups.

The Move to Mobile

Beyond using file-sharing services on desktops and laptops, users are leveraging smart phones and tablets to access work files, attaining the speed and flexibility they need for high productivity in a mobile world.

3 out of 5 users with a personal mobile device resort to using their own device to access work files because the company does not provide the tools they require. Dropbox usage is prevalent in the mobile world as well; after e-mail, it is the most common tool used for accessing work files on a mobile device.

As the number of devices grows, the use of Dropbox and Shadow IT will simultaneously increase to meet the demands of new users. 1 out of 4 survey respondents plan to have an additional smart phone or tablet before the end of the year. This rapid growth of mobile devices will naturally drive demand for accessing work files; 73% of respondents who are planning to acquire a new device say they will use the device to access work files.

Policies for Protection

A critical part of implementing an effective IT policy is raising awareness of the policy among users. The survey data shows that almost half of all respondents do not know the company policy on accessing file-sharing services, indicating that these companies either do not have policies or have not effectively communicated the policy to the users. However, companies that have educated their users about corporate IT policies have not fully addressed the problem with Shadow IT either. Our survey suggests that 49% of users do not follow IT policies even when educated about the policy.

An effective IT policy requires both education and participation. Without sufficient knowledge and user participation, IT will continue to face challenges with Shadow IT.

Conclusion

As smart phone and tablet usage grows in adoption, the growth of Shadow IT will likely continue, fueled by users’ requirements for anytime, anywhere access to files. Furthermore, policy and education alone do not address the emergence of Shadow IT and resulting unmanaged file sharing and data exposure. In order to fully address this issue, organizations must consider providing the tools that deliver the convenient and flexible access to information that users want. Without the proper tools provided, managed, and supported by IT, users will continue to find alternative solutions and work around existing policies, leaving IT in the dark.

Source: Associated Press

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Information

This entry was posted on February 13, 2015 by in BYOD, Data Storage, Privacy, Security and tagged , , , .
%d bloggers like this: