Selecting Secure File Sharing
With recent events like Snowden and NSA, it’s no wonder corporations are taking another look at their security portfolios and asking questions around control over online file sharing and data storage. Companies are starting to define security requirements and take control of the consumerized technology within their organizations. Active steps are being taken to solve the security gaps around file sharing, mobile access, and data storage.
According to the 2014 Forrester Market Trends: Secure File Sharing and Collaboration in the Enterprise, 97% of information workers regularly communicate or collaborate with others within their company as part of their daily jobs. Additionally, 76% of informations workers collaborate with external clients on a regular basis. So according to Forrester, a majority of your employees are sharing information and collaborating with others inside and outside of the company. With this volume of sharing and collaboration occurring, there needs to be a way for IT to monitor and control the type of information being shared regardless of the device being used.
Who should be able to access and share data outside the corporate firewall?
The first step in taking control of the file sharing problem is for an organization to define who needs to be able to access and share files outside of the office or organization. Although the ESG Market Landscape report has found that 70% of IT managers believe that their users are leveraging personal file sharing and sync accounts for work, not everyone needs to be able to access corporate files outside of the office. And it is the business’ responsibility to identify who falls under this category. According to Forrester this identity decision is not for the technology group to define, but should be defined by the business as a whole. Once users have been identified, they need to be provided with a simple and secure way to share files. Forrester also mentions that based on use cases and business requirements that a business may find that they require more than one solution to support their business needs. Currently, there are a number of options that exist, but it is up to the business to decide which one is right for the business.
Some organizations provide users with VPNs or virtual desktops to access their content outside of the office; however, this is costly and has a poor user experience is poor. Other users will resort to email, USB, CDs, and unsanctioned file sharing platforms like Dropbox. However, IT can step in and take control of the situation.
What type of data is allowed to be shared?
Forrester recommends the next step to take is to close the security gap that exists from file sharing, mobile access, and data storage is to define policies around the type of data allowed to be accessed and shared outside of the organization. Forrester says that the data belongs to the business and all those who create and use it. In IT, you need to understand this data that is being created and used so that you know what it is that you are protecting. Once you have identifies the type of data you are looking to protect, you may want to set data-aware polices that prevent sensitive information from being sent outside of the organization to reduce the risk of data loss.
What regulations do I need to adhere to around data storage?
After access groups and data policies have been defined, companies need to look at industry regulations around where their data can be stored. As we have seen with the NSA, data that is stored on a public server is subject to the rules of the region it resides in, and can be silent subpoenaed without the owner’s knowledge. Forrester suggests considering compliance obligations, access control rights, data storage policies, or key management requirements your organization must adhere to. On the other hand, is there anywhere a file sharing system should not be able to connect to? Also, you should consider factors like risk tolerance, technology roadmaps, corporate culture, and storage costs when selecting a file sharing and sync solution for your business.
How does it integrate with existing business applications?
Finally, Forrester urges companies to look within their organization to see what systems already exist and how they can be leveraged. Most file sharing solutions offer extensions for mobile device access and plugins for business applications. These additions will enable your users to leverage the file sharing solution from within their normal workflows and will increase overall user adoption and can increase the ROI on your existing technology investments.
All-in-all, before investing in a secure file sharing and collaboration solution you need to know your business and its needs. File sharing and collaboration is something that should be enabled for organizations and it can be monitored and regulated. To find out how Workshare can help your business answer these questions contact us or visit our IT Professional page.
- H. Shey, 2014. Market Overview: Secure File Sharing and Collaboration. Forrester
- C. McKinnon, 2014. Market Overview: Information Governance for the Microsoft SharePoint Ecosystem, Q1 2014. Forrester
- H. Shey, 2014. Market Trends: Secure File Sharing and Collaboration in the Enterprise, Q1 2014. Forrester
- T. McClure, K. Kao, J. Oltsik, 2013. Market Landscape Report: Corporate Online File Sharing and Collaboration Security and Governance. Enterprise Strategy Group