Taking back control of your corporate data

As the number of organisations allowing their employees to work from home continues to grow, so too does the need for users to access all of their content on various platforms and at all times.

For this reason, consumer-focused file sync and share (CFSS) solutions have become one of the most popular categories of applications used in the workplace.

While employees tend to think using CFSS solutions are a good idea, the typical use of CFSS solutions can bring a multitude of problems such as a higher likelihood of data breaches, more difficult and expensive compliance, and the potential loss of corporate data.

Osterman Research’s recent study, ‘The Critical Need for Enterprise-Grade File Sync and Share Solutions’ commissioned by Intralinks found that problems with these various file sync and share tools have increased significantly over the years.

Email, the preferred file sharing method

Organisations are slowly integrating a wider range of platforms and technologies to share information than ever before. For most, however, email is still the most commonly used platform.

Email is ubiquitous and based on standards that make content delivery highly reliable and file transfer easy. But while the process may seem easy and effective, it also suffers from significant limitations.

Email file sharing can easily impact bandwidth during peak periods and can cause senders’ and receivers’ mailboxes to grow quickly as a result of storing sent and received files. This forces individuals into spending time on mailbox management, and results in long downtime periods in the event an email server has to be restored from backup due to large mailboxes. Furthermore, corporate or sensitive data information leaks are a huge problem, even for the smallest companies, when files are shared directly through attachments.

Managing corporate content

Among the findings, the Osterman study revealed that 13 per cent of corporate data is stored in employees’ laptops, five per cent is stored in smartphones and tablets and one per cent is stored on employees’ home computers. To get around this problem of having documents stored on various devices, many employees are using CFSS solutions. This means organisations are losing much of their control over corporate content because copies of these assets are stored with a variety of third party providers. IT is less able to control the management of information in their own organisation for purposes of legal and regulatory compliance.

With a variety of these employee-managed tools either installed without the blessing of IT or in some cases even without their knowledge, the concept of “Shadow IT” or “consumerisation” of IT is growing. CFSS tools are both a key component of the problem and the cause of it.

According to the Osterman study, most IT decision makers and influencers understand just how serious this problem is becoming. Only eight per cent of those surveyed in the study give their organisations an “A” grade for their management of information security best practices in the context of file-sharing, and nearly one-half give themselves a grade “C” or lower.

While employees often try to get around IT teams by using CFSS tools, decision makers should focus on enterprise file sync and share (EFSS) to combat the issues with consumer tools in the workplace.

Taking back control of our data

EFSS tools allow files to be shared as secure, password-protected links rather than as attachments. The links can be set to expire after a certain time or even on first download. Moreover, users can audit the links to track who has shared, downloaded and read the file.

A key distinction between EFSS and CFSS tools is where primary control over content is managed: IT with the former and individual employees with the latter. Consequently, it is essential that any EFSS solution under consideration puts IT in complete control of corporate data, while still enabling users to work with data as they need it.

The Osterman study found that a significant majority of organisations agree on certain security traits that an EFSS system should have. Most of them agree that data should be fully encrypted between endpoints, with no intermediate steps where data is not encrypted. Only 19 per cent of organisations have already replaced their CFSS tools with EFSS alternatives however 55 per cent consider it to be a “moderately” or “very” high priority to do so over the next 12 months.

CFSS tools introduce significant legal, regulatory and other risks to an organisation. The bottom line is that IT has less control over corporate content because IT cannot control how content is accessed and managed.

For this reason, replacing CFSS tools with EFSS solutions can provide organisations with the same productivity gains but enables their IT department to regain full control over corporate information.

Todd Partridge, Director of Product Marketing at Intralinks