SnapChat, Google Docs, Dropbox, Evernote – these names haunt IT admins in their sleep. At this point, it’s practically a given that employees are going to use consumer cloud apps and services to work remotely and collaborate with co-workers.
Companies are aware of this ‘shadow IT’ problem, but despite the real risks and vulnerabilities of cloud-based, file-sharing services, in particular, many IT admins have adopted a look-the-other-way policy. They know that employees require an effective way to store, send, and share large files. However, email attachment size restrictions mean that the company network can’t provide what employees need to collaborate effectively, forcing them to leave its safety and turn to a risky alternative.
Free Cyber Security Training! Join the revolution today!
This has resulted in a free-for-all: one in five employees now use Dropbox to store contracts, financials, and other sensitive work documents. It is also ringing true from the top-down, with executives and directors using Dropbox most of all. Now, compliance and risk officers are joining their IT team in losing sleep.
The organizations that do try to keep a process in place to manage shadow IT often rely on solutions that can provide a more secure option for file sharing but require employees to create new profiles and learn a new system. In the end, of course, many employees will bypass these enterprise-grade solutions because they require extra time and work; they’ll choose the easiest and most efficient solution (the consumer, public cloud option) not the most secure. Every employee could be guilty of making this choice, whether an entry-level account executive, a sales manager, or a CEO.
Organizations shouldn’t have to choose between opening themselves to significant risk and hampering employee productivity. A balance needs to be struck, allowing employees to exchange the information and files they need, when they need to, without compromising IT’s ability to maintain control, security, and visibility over company information.
But simply allowing employees to continue using public, cloud-based, file-sharing services is not the answer. It is fraught with danger. All it takes is one leak for the company’s reputation – if not, product offerings or finances – to be crippled. IT wants a better view of where all the company data is moving, but it can’t access every single USB drive and Dropbox account that’s being used at any given time.
To really encourage employees to use a more secure option, it means using a solution that’s even easier than a public cloud service.
The Usability Hurdle
To be successful, an enterprise-grade, file-sharing service has to be as intuitive and as easy-to-use as consumer-oriented services like Dropbox. It also has to be so tightly integrated with commonly used programs such as Outlook that employees may not even notice that it’s in place.
In fact, employees would be happiest if they could just depend on email alone to archive and transfer files of any size and complexity, and they would never have to bypass IT in the first place. And that’s the real solution – forget about cloud storage options and focus on improving cloud email solutions.
Email, Revisited
Organizations need to turn their attention back to the original reason that employees are relying on so many methods to share files in the first place: email isn’t working. Outlook limits the size of the file attachment and often makes collaboration a disjointed, disorganized experience.
The ideal file-sharing application shouldn’t be another portal for employees to visit when they need to share files. Instead, it should easily integrate into the email provider that employees already use every day. An application that can work within Outlook to ensure secure and seamless file sharing offers the best of both worlds. Employees get to share what they want, when they want, and IT teams ensure that all data is kept within the policy control and risk management requirements of their enterprise. Better yet, security teams can oversee all of that activity and immediately identify any suspicious user behavior or potential leaks.
As organizations evaluate solutions for cloud platforms and file-sharing services, it’s crucial to keep in mind that usability is the top concern for employees. After all, they turned to other solutions because email wasn’t getting the job done. By empowering email capabilities with cloud scalability and IT controls, all of that can change. If organizations can offer employees the right alternative, they will happily forgo the Dropboxes and WeTransfers of the world when the in-house solution is easier to use, better integrated, and more secure. In other words, when it is part of something they already use and are incredibly comfortable with: their email.
By Dan Sloshberg, Product Marketing Director, Mimecast
About Mimecast
Mimecast is a leader in enterprise cloud services for the security, archiving and management of email and corporate human generated data. The company’s email security and cloud archiving services are built on Mimecast’s world-leading secure cloud platform and optimized for Microsoft Exchange and Office 365. Mimecast Email Security protects against inbound and outbound email-borne threats, deliberate or accidental data leaks and email service outages. Mimecast Cloud Archive unifies email, file and Instant Messaging into a single archive. Mimecast’s end-user productivity tools include Large File Send which allows users to send large attachments from within Outlook. For IT teams, Mimecast gives them a single administration console that provides centralized management of security and content protection as well as retention policies to support compliance and eDiscovery requirements.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.