To avoid employee use of risky data transfer options, provide better solutions
Friday, March 01, 2013
Recent years have seen dramatic growth in the degree and frequency of data sharing among and within organizations. The sheer amount of data that companies accumulate, generate, analyze and share has increased exponentially as new technologies and ways of doing business have emerged. For many companies, data is the end-all and be-all of their operations.
This has led to both incredible opportunities and extreme risks. On the positive side, more information availability can help firms to develop new and better operations and strategies, making them better able to meet the unique challenges of their market. However, the way data is handled by firms must always be tempered by the knowledge of the potential risks. Perhaps most notably, organizations must do everything in their power to prevent data breaches, which can cost firms thousands or even millions of dollars and greatly damage corporate reputations.
Unfortunately, many employees do not engage in best practices when it comes to data transfers, as numerous companies have discovered. Instead, they rely on unsecured options, such as Dropbox and basic email platforms, to share information or send and receive files. This data, even if it is not mission-critical, needs to be protected to ensure the organization is as protected as possible.
So how should businesses eliminate this bad habit among employees? Simply forbidding the use of such programs is not enough. Instead, businesses must go further and provide improved secure file sharing options to their workers.
Don't forbid, replace
The shortcomings of free data sharing options, such as those mentioned above, are fairly well known. Consequently, many companies have taken the step of directing employees to refrain from using these options for work-related files.
Yet this tactic often does not work for two reasons. First, company leaders do not make the reduction of these practices a high priority. Placing a line concerning these technologies in the corporate handbook and sending out an email reminder once a quarter will not make employees rethink their data sharing practices. On the contrary, such minimal actions will likely send the message that this is an issue of minor importance.
However, even a more active approach will likely fail to result in substantial improvement in and of itself. This is due to the basic fact that workers who need to share significant amounts of information will usually pursue the path of least resistance. If an employee's two options are either a time-consuming, complicated system that effectively secures data or an easy-to-use, higher risk option, he or she will usually use the latter.
That is why companies must provide their employees with alternative, secure file sharing options that do not present a significant burden. This will encourage employees to actually utilize such solutions, rather than relying on more convenient, less secure systems. Even the highest-security data sharing solution will prove fruitless if employees are not motivated to utilize it.
For secure file sharing, as with so many technologies, decision-makers must always keep the end user in mind to ensure success.