In today’s business environment, sharing data as part of efficient collaboration and productivity is mandatory. However, without clear data sharing policies and knowledge in place, the worst can and will happen.
What are we talking about?
Ill-versioned files being shared and over-written on servers…
People incorrectly being exposed to sensitive data…
People’s passwords being exposed to massive breaches…
The likelihood of these things happening are not rare. In fact, I’m sure that someone, possibly even yourself, have been exposed to something similar.
Today, we are going to cover secure file sharing. As well, we are going to look at do’s and don’ts of proper file sharing. How many issues are you currently doing well? How many are you still doing that are causing your data to become ‘unsafe’?
Don’t Use Email for File Sharing
Email data exchanges result in one key failure: ill-versioned data. No matter the size nor complexity of the organization, email file sharing has been around for a while. However, when you consider multiple versions of one file might be considered ‘the newest’, sharing further versions could cause data faults in your line.
A similar issue with using email for data exchanges involves it being used. Having a piece of data here, there and over there means three separate files that could all be used, incorrectly, as the live version. Backups, archived data and more can easily be corrupted while using email for data sharing.
Don’t Rely On People Alone (employees, managers and owners)
Most breaches, 72% according to a MicroFocus/NetIQ study on security breaches, involved a current or former employee. As well, the average cost of a corporate data breach increased 15 percent in the last year to $3.5 million.
Security is one of the most difficult to teach aspects of business processes. As well, it has proven a second thought to some managers, and even business owners. Leaving the door open to human error, as well as insider intent, is a hole that can be plugged easily.
Don’t Rely on FTP for Reporting
Most FTP clients and systems do not give accurate, nor even good, reports and activity data. Without a second application to assume your log data and then alter it to a more clear and direct output, FTP logs and data just cannot tell you what you want to know.
For this reason, it makes sense to use an FTP replacement that does what FTP should do (upload, access, file sharing and downloading), while maintaining real-time security access and real-time activity and reporting. For instance, with PerfectShare, we track and report on all access and file sharing, in real-time. Search modifiers, filters and other output features allow you to see the necessary file sharing access audits.
Do Use Secure Logins and Authentication
Proper access and password controls are essential to real security. Without a login behind an SSL certificate, anyone on the network, or listening, can see login credentials in plain text. As well, without the ability to “wall” your secure data, the outside public can see it, use it and even hurt your organization with it.
This is a prime reason why email data exchange will not be as secure as an online application. While security methods of email encryption like PGP exist, the process of housing and emailing users still presents a security risk that is easily avoidable.
Do Use Permissions for Files and Folders
According to the MicroFocus/NetIQ study, the two most common insider threat scenarios involve perpetrators taking data to start their own competing company (30%), or to help secure employment with a rival (65%). As well, third parties with trusted access were responsible for 41% of the detected security incidents at financial services organizations.
The way that data is partitioned based on user permissions is a necessity. Allowing for the incorrect users to see data, sensitive or not, can create security issues now or in the long-term.
Do Check for Compliance Standards and Regulations
Compliance standards and regulations are simply a part of online business work. From HIPAA offline and online restraints to PCI-DDS requirements, your data should follow some restraints and regulations that can be reviewed and audited.
While each industry and business must adhere to its own sets of compliance regulations, we at PerfectShare can say that your data with us is secure. We allow for various security settings. Including in these is a setting to break up emails from file data and user data, as well as methods for password changes and encryption.
The Bottom Line On Secure File Sharing For You!
File sharing and data exchange is a fundamental piece of doing business in 2016. While many older methods exist like FTP and email, your best method of file sharing is via a SaaS tool. Not only can your data stay in a central location, but you set business and security rules to match your brand and needed compliance standards.