June 26, 2012 | Posted in Enterprise, File Sharing, secure file transfer, Security | By

teen-filesharingLast week Symantec posted the results of their 2011 SMB File Sharing Survey, revealing that online file sharing poses the greatest security risk to SMBs. These results do not come as a surprise, as unsecure and unregulated freemium file sharing services (with millions of simultaneous users on a shared platform) have crept onto corporate networks at an unprecedented pace—74 percent of survey respondents said “they adopted online file sharing to bolster their own productivity”.

The problem is that the employees concern for boosting their productivity takes precedent over corporate security. In fact 61 percent, of the 1,325 organizations surveyed, said that employees are the ones making the decision about which file sharing services are being used. The problem is that if IT is not actively managing these services, it is impossible to monitor and track the confidential corporate data being exchanged, which increases security threats including introducing malware into the corporate infrastructure and loss or compromise of confidential and valuable data.

I liken this to a teenager buying her first car—she wants something cheap that she can drive immediately—she’s completely unconcerned about the safety of the vehicle and how its vulnerabilities might ultimately affect those around her. Employees bringing in free file sharing solutions, that can be downloaded and in use within minutes are unconcerned how using it at work might affect the corporate infrastructure. According to Rowan Trollope, group president of SMB and Cloud at Symantec, “A staggering 71 percent of small businesses that suffer from a cyber-attack never recover–it’s fatal.” So how can the IT department help employees understand how their actions might put their organization at risk?

Every organization, regardless of size, should have security policies in place that restrict how employees can access and share files. However, more importantly, IT departments must provide the tools that their business users need by providing secure file sharing and managed file transfer solutions that will increase employee productivity without jeopardizing the organization’s network and information security.



1 Comment

  1. Ian Davin
    July 16, 2012

    Rosella, thanks for highlighting this, the balance between getting things done and security is an ongoing one and the right balance depends on the risk profile of the company involved, as you say it is incumbent on behalf of the IT division to provide a service which enables end users to carry on with their workload whilst seamlessly meeting security policies.