Security in the cloud: how to oust medieval file-sharing strategies

For decades, IT professionals have delivered enterprise file security in much the same way that medieval guards protected castle ramparts: by digging a deep moat around their perimeters and scanning the horizon for approaching threats. Today, the IT versions of crocodile-filled moats and crossbow-equipped soldiers are as outdated as King Arthur's roundtable. Perimeter security was adequate at one time, but cloud-based file sharing has changed the landscape, and IT teams need to arm themselves against risk that originates inside their own walls.

Mobile-enabled workers want access to enterprise data from inside and outside the enterprise, and on desktop, laptop and mobile devices. For that reason, files are ending up in a lot more places than they once could. The greatest risk to the fortified enterprise is no longer the direct assault, but rather, the difficult-to-detect loss of sensitive data via insecure, uncontrolled file sharing. IT teams might have the widest, deepest moats, but those protections are irrelevant when risk walks in over the drawbridge.

As bring-your-own-device (BYOD) practices outpace enterprise file-sharing capabilities, employees are turning to consumer-grade options for easier access and collaboration with internal and external parties. Without a viable, IT-approved offering, workers can easily tap into unsanctioned cloud services, which fail to protect files in transit or beyond enterprise walls and devices.

The problem of unsanctioned public cloud file-sharing

Mobile devices are changing the way enterprise employees work. Now that work happens anywhere, at any time, on any device, the user experience matters more – especially since enterprise IT is competing with commercial-grade cloud services. Employees are attracted to the broad capabilities and ease-of-use available in public app stores, but these apps hinder IT visibility and security.

This is a persistent and widespread problem. Recently, the Association for Information and Image Management (AIIM) surveyed more than 500 of its members about trends in document protection. The group found that many organisations realise employees are using cloud-based file-sharing services – even though such services are officially off limits. Nine per cent of survey participants said their employees access "business-grade" file sharing via the cloud, and 16 per cent said their employees use "consumer-grade" services via the cloud.

Both the so-called business-grade and consumer-grade cloud services should raise alarms among enterprise IT leaders, since neither flavor of public file-sharing can adequately protect sensitive documents. As employees share and collaborate over this information, enterprises need to be able to track, limit and revoke access to files as customer and partner relationships evolve, or when employee devices are lost or stolen.

File-level protection for a mobile future

The era of perimeter-based security is over. With the rise of post-PC devices, enterprise IT must offer cloud-based file sharing and collaboration that protects critical enterprise data. Public cloud services don't deliver secure mobile productivity, even when enterprises boost their castle-and-moat-style security.

To protect collaborative workflows, IT leaders can't just raise the drawbridge to ward off file sharing via mobile devices. Instead, they should adopt solutions that meet employee demand for easy document sharing and syncing while also delivering file-level security that lets them protect, track and revoke files, even after those files have been shared and downloaded outside the fortress walls. By moving their document security practices into the modern era, enterprises can foster collaboration, strengthen security and meet the needs of an increasingly mobile workforce.

Moti Rafalin is the co-founder and CEO of WatchDox, a provider of secure access, file sync and collaboration solutions that enable the confidential sharing of important or sensitive documents in an easy and secure way.