Page 18 - CDM-Cyber-Warnings-March-2014
P. 18
$3;2 $ 1$%4+ 43 '$1$ $"41(-& (+$ 1 -2%$12 Common file sharing methods don’t offer enterprise-level protection, but there are other, more secure options available By Tom Scearce, Senior Product Marketing Manager, Attachmate Picture a typical 200-person organization: Five people are IT staff and the other 195 do everything from managing the business to boots-on-the-ground execution. Before the Cloud rolled in, employees collaborated with coworkers, external vendors and partners by sending files through email or via FTP. But since the arrival of cloud services, people collaborate through a tangled mix of email, FTP and third-party SaaS platforms, creating a messy file system that the organization’s five IT experts can’t keep track of. When someone exchanges a file via email, then uploads it to an FTP server and later stores it in the cloud, it exposes vital corporate information assets to a wide range of threats. Users have to share files. That will never change. But when IT isn’t in the loop, it’s a problem. Users should be empowered to share files using tools they’re most familiar with: email, file folders, web browsers, and mobile devices. But when users cobble together their own file sharing systems, IT can’t see where a file is or what happens to it. Let’s look at a few of these tools, and the blind spots they create for IT managers: Email: Who hasn’t sent something through email before? Not long ago, sending a document to yourself was the best—and sometimes only—way to get a file from a work computer to one at home. Email was seen as a convenient and secure way to move files around. But most people know better now. Once you’re done battling file size limits, other issues come up: Is the intended recipient the one opening it? Are they the only person seeing it? IT can’t track the file once it’s gone, so where is it now, and who has access to it if the email account is hacked? These are just a few of the ways email falls short as a file transfer solution. Among the possible places for a security breach is in the sending itself—practically any consumer-level email service will send data through its whole system—where the service monitors it. Who are the people that might be getting a peek? FTP systems: FTP systems are convenient for big enterprises that want a single, central location for their files. But data can sit on FTP servers for years, all the while keeping the door open to potential breaches—from inside and outside. And since FTP is an older technology, it doesn’t employ strong encryption. Therefore, it can’t be trusted any more than sending a file through email. Consumer cloud solutions: A few years ago, industry experts predicted the cloud would change the way we use files forever. No more hard drives. No more worrying about lost laptops. Sure, we’re carrying around a lot less hardware these days, but groups—both legitimate and otherwise—have poked holes through the encryption of various cloud apps, showing that those also lack proper encryption to prevent data breaches. Consumer cloud solutions are great for sharing family pictures, e-books and other personal files, but for corporate data and information, " # % " $ " # ! !
