File Sharing Insecurity: Who’s to Blame?

Employees circumventing the IT department to send large and sensitive files is an all-too-frequent occurrence. But is that actually their fault?

November 19, 2013

3 Min Read
File Sharing Insecurity: Who’s to Blame?

By Michael Brown 1

As an MSP, you wouldn’t be surprised to learn that an employee used a file sharing service for consumers to transfer sensitive business data. What might surprise you is that – according to a recent survey – almost 40 percent of employees have done just that. Scary, right?

We thought so, which is why we wanted to offer our take on some of the key findings of this survey currently making headlines. Let’s take a look.

51 percent of employed individuals agree that collaborating on file-sharing services (such as Dropbox and YouSendIt) is secure for business documents.

Frankly, we would have guessed this number to be higher – much higher – considering the widespread use of these tools, but the fact remains that the majority of respondents felt these tools were safe for business use. Why might they think this way? For one, their files might not be all that sensitive. As you know, not every PowerPoint deck is a treasure trove of valuable information. Another reason might be because their personal files have never been compromised through these channels, so why should their business files be any different?

46 percent of employed individuals agree that it would be easy to take sensitive business documents to another employer.

Assuming every respondent was being honest here (and that is a big assumption) this finding is actually somewhat encouraging. The majority of employees think it would be difficult to bring sensitive data to another employer. They didn’t say it would be impossible mind you, but still. Maybe the average employees just isn’t as sinister as we expected, or maybe the concept of sensitive business data is finally being widely accepted in the workplace.

41 percent of employed individuals agree that they could easily transfer business-sensitive data outside the company using a file-sharing service.

This finding seems a lot like the previous one, which makes it hard to account for the 5 percent differential. In any event, the fact that the majority of workers couldn’t easily move sensitive files outside of the approved channels is actually quite encouraging to security advocates, even though they would like to see that percentage closer to 100.

31 percent of employed individuals agree that they would share large documents that are too big for email through a file-sharing service without checking with their IT departments.

As you know, it only takes one instance of an employee going outside the IT-approved channels to cause a disaster. If it happens with any type of regularity – like with 31 percent of employees, for instance – this disaster is only a matter of “when” not “if.” But one could hardly fault the employee in this instance. After all, if their employers provided them with a safe way to send large files, they wouldn’t have to resort to unapproved channels.

Many business leaders will read the headlines from this survey and blame the employee for the state of insecurity, when they should be blaming themselves. A surprisingly high percentage of employees understand the risks that come with sending and sharing sensitive business files. They certainly don’t want to put the company at risk, but without a file sharing solution designed specifically for businesses, they will do what needs to be done – with or without IT’s approval.

Read more about:

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like