May 10, 2017

    Credible Data Security Policies Include File Sharing Software

    The secret’s out: data is the key to business success. Well, maybe it wasn’t much of a secret. But the way some companies “protect” their data, it’s as if this information isn’t nearly as critical as it truly is.

    All of your employees need consistent access to different parts of your data. But to protect it and help it flow seamlessly between users, you need file sharing software to support and compliment your data security policy.

    The rapid growth in the use of mobile devices has coincided with a rise in employees working on unauthorized devices and unprotected applications. But these practices lead to a laundry list of issues – from unsecure data transfer to a lack of control and visibility in the data transfer process.

    To adapt to changing times and keep their data secure, companies have frequently adopted file sharing solutions.

    The Modern Employee is Often a Remote Employee

    For a lot of us, our work follows us far from the office. Whether employees are occasionally working on the road or consistently working from home, remote work is an increasingly common practice. But employees often (unintentionally) handle the same data they use in the office with little care outside of it. It's simply easy to forget that company data requires the same level of care even away from the structure of the office.

    To communicate and collaborate more efficiently, many employees forego email and use consumer-intended file sharing solutions to share information. But these tools are grossly inadequate from a data security perspective.

    These services may help your employees work more quickly, put they also put your data at risk, leaving it susceptible to breaches and data leakage. And without an company-wide file sharing solution, you don’t have visibility and control over where your data is located.

    A business-grade file sharing solution gives your employees a platform to maximize their efficiency and productivity. And most importantly, it gives you visibility and control of your data security.

    Limit File and Data Access

    Does every one of your employees need universal access to all of your company data? Does an intern need access to your financial statements? It’s virtually never the case.

    You need to protect your information not only from external threats, but internal risks as well. After all, user error can wreak havoc on your business.

    Access to data should depend on each employee’s specific role at your company. Generally speaking, files that contain valuable data should have very limited access. Data visibility should be classified based on the sensitivity of the information.

    Without the ability to restrict file and data permissions, anyone in your company could read or change any document. But the right file sharing solution allows you to define access levels based on company role and file type. Administrators should even consider managing file access at an individual level.

    At minimum, file sharing solutions should allow you to:

    • Create private and shared folders
    • Set unique permissions per user, per folder
    • Deny access to certain files based on employee

    Data Protection, Even if You’re Hacked

    Considering the publicity hacks receive, it’s unsurprising that many companies take a “perimeter-centric approach” to security. But if you focus solely on keeping unintended users out, what would happens if a hacker were still able to break in? Your data would be ripe for the taking.

    Instead, you need to take a more comprehensive approach with your data security policy. Assume no user is safe and encrypt all of your files. That way, if hackers break your perimeter defenses, they could only pull encrypted documents they wouldn’t be able to read.

    Standard FTP Doesn’t Cut It

    Speaking of encryption (or lack thereof), File Transfer Protocol (FTP) predates many modern cybersecurity practices. It transfers files and user credentials in plain text.

    FTP has since been transformed to include Explicit FTPS, which is SSL-encrypted. But even if you use FTPS to transfer files, you must ensure that your FTP server application can force users to conform to using FTPS and thereby disallow FTP use.

    Conversely, SFTP (Secure SFTP) will not accommodate unencrypted file transfer. SFTP is also more firewall friendly on the end user side than FTPS. It’s why SFTP is the solution of choice for many banks and similar institutions, or for anyone automating file transfers securely.

    Like SSL, SFTP encrypts files and supplying login credentials using AES (Advanced Encryption Standard) or other standard encryption ciphers. SSH key encryption can also be used instead of password authentication, giving you an additional security measure if need be.

    Clearly, you have options when it comes to file transfer. Which you incorporate as part of your data policy should depend on the level of security your business and data need.

    Complying with Modern Data Regulations

    Protecting confidential information is not only a matter of safeguarding your competitive advantage, it’s also your legal duty. The U.S. government passed several laws to protect Americans from the dangers data breaches that expose their personal information.

    Federal and state privacy laws are enforced by a booming list of:

    • Regulatory agencies
    • Federal prosecutors
    • State attorneys general
    • Private plaintiffs and more

    HIPAA, ITAR, GLBA, DSS and SOX each require specific, strict guidelines for protecting consumer data. And the consequences of noncompliance could put your entire business in jeopardy.

    Your data security policy must address these detailed compliance mandates, which include how your files are stored, accessed, shared and distributed. And a suitable file sharing platform can be your foundation to securing this precious information.

    A Data Security Policy Fit for Modern Business

    Many companies are slow to adapt to changes in the business landscape. With data privacy and security, the sheer number of breaches and leaks is a sign of universal negligence.

    But with the deserved scrutiny from this system-wide failure, the public pressure has pushed businesses to adopt data security policies fit for modern times.

    From technological advancements to changes in employee habits and increased regulation, file sharing software is now more important than ever. You simply can’t afford to allow employees to use risky methods to share sensitive information. 

     

    Tag(s):

    Martin Horan

    Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

    Other posts you might be interested in

    View All Posts