Friday, December 13, 2013
Discouraging Dropbox should be a security priority
To dissuade personnel from utilizing Dropbox, business leaders must provide high-quality secure file sharing alternatives
Secure File Transfer
As businesses strive to improve the quality of their security, there are a large number of relatively obvious steps they must take, such as investing in high-quality antivirus, antimalware and firewall solutions. These resources can significantly improve a company's defenses, reducing the risk of a data breach.
However, it is important for decision-makers to realize that there are many other, less obvious actions that need to be enacted in order to truly maximize their organization's defenses.
One such action is discouraging the use of Dropbox among employees. Dropbox is extremely popular, and understandably so. Yet when deployed by workers, it poses a serious risk. To dissuade these personnel from utilizing Dropbox, business leaders must provide high-quality secure file sharing alternatives.
Dropbox is a cloud-based, consumer-grade file sharing solution. It is easy to use and ensures that an individual's documents and other files remain accessible at any time and from any location, so long as he or she has a working Internet connection.
This makes the solution extremely popular for employees who travel a lot or occasionally work from home. By storing corporate files in Dropbox, they can remain productive even when working outside of the office.
The problem for businesses is that, because it is consumer-grade, Dropbox does not feature the level of data security that firms need to ensure their information remains protected. It may be fine for a person's private records, which are less likely to be a target for cybercriminals. Business data, on the other hand, is far more likely to attract the attention of cybercriminals, as obtaining a single organization's records may allow for wide-ranging fraud or even corporate espionage.
Cybercriminals are well aware of the vulnerabilities inherent to Dropbox, and they will eagerly leap at any opportunity to steal a business's information stored in this environment. Allowing employees to use Dropbox does not guarantee a data breach will occur, but it certainly increases the odds.
All of these factors should persuade business leaders to disallow their employees to utilize Dropbox for work-related purposes. However, such a policy in and of itself is unlikely to prove successful. In addition to forbidding the use of Dropbox, decision-makers must also ensure that workers have a satisfactory alternative, secure file sharing solution at their disposal.
After all, many workers have become accustomed to enjoying the level of information access enabled by Dropbox and other consumer-grade box file sharing offerings. Losing the ability to easily send and receive business-related documents will be seen by these employees as extremely damaging to their productivity and effectiveness, and they will likely be unwilling to acquiesce to such a policy. Instead, they will probably continue to use Dropbox, prioritizing their job responsibilities over corporate security.
To avoid creating such a conflict of interests, business leaders must deploy and popularize secure file sharing solutions that achieve the same level of convenience offered by Dropbox, but without the accompanying data integrity issues. If such tools are made available, employees will have no reason to resort to the riskier programs.