What does your business need to do in order to ensure file sharing and collaboration activities are fully secured against the threat of unauthorized access?
Ensuring employees are able to share files and collaborate on projects digitally is clearly a vital part of managing any IT network, and this is becoming an even more critical factor as workplace habits and user expectations evolve.
Trends such as flexible and remote working, a greater use of multiple platforms such as cloud and social channels, and the arrival of Generation Z workers, are changing the landscape for collaboration and communication. As poor performance in this area could cost as much as $11,000 per employee every year in lost productivity, according to 2017 research from Mitel, this is not an area businesses can afford to neglect.
However, at the same time, worries over security are also higher than ever. While the threat of attack from external hackers is still a very real one, poor data management and sloppy internal practices are still the leading causes of data breaches.
So what must companies do to ensure that they are acting properly when sharing files and collaborating on projects? Here are a few key best practices that must be kept in mind:
Keep control of your application environment
Like it or not, the days when corporate data was only ever stored in secured, on-premises data centers are long gone. The cloud revolution means almost every business will find itself needing to access and share data that is stored outside of its IT environment, so it is essential that IT managers take control of this in order to ensure security.
If done correctly, cloud file sharing should not be any less secure than on-premises solutions - and in fact, may be even more secure if it allows enterprises to take advantage of advanced protection features that may otherwise be out of their budget. But this depends on what services are being used.
The likes of Dropbox and Google Drive may offer a convenient solution for file sharing, but if users are dependent on consumer-grade services such as these, they may not have all the protections they require. If businesses are to rely on the cloud, they must therefore ensure they adopt enterprise-oriented solutions that have the highest security and encryption defenses.
Enterprises must then make sure their employees actually use them. Many businesses are still struggling with unmanaged 'shadow IT' environments where individual teams or single employees adopt their own collaboration solutions without the approval or knowledge of IT. This can be a major security risk, so IT managers must ensure there is a convenient, authorized option in place, and make it clear to employees the potential consequences of straying from this.
Put in place clear, straightforward permissions
Even the most secure file sharing tools won't be much use if just anyone can access them, which is why it's important to keep a close eye on your permissions strategy. Whether you're using on-premises or cloud collaboration tools, it pays to have a clear process in place for this.
If permissions are granted on an ad-hoc basis, it's likely firms will end up with a complex web of hybrid permissions, where individuals may have access to certain files in a directory, but not others, and it can be hard to keep track of who has access to what.
Writing for Varonis, David Gibson recommended adopting a binary model, where folders inherit either all or none of the permissions from its parent directory, to help standardize the environment.
"You should only have group permissions. They are far easier to manage than having individual permissions," he continued. "Is it acceptable to have a group of only one? The answer is yes, since it is likely that the group will eventually grow."
Don't overlook ongoing monitoring
Ensuring sensitive documents are fully encrypted and locked down to only those with the correct privileges should not be the end of the task. IT managers need to be constantly monitoring their file sharing and collaboration tools so they have full visibility into what is going on and can identify any suspicious behavior.
There could be any number of issues that result in unauthorized personnel being able to access secure files, such as successful phishing efforts that expose user credentials, poor password practices or even malicious former employees who have not been removed from permissions groups.
Robust monitoring strategies need to look for patterns such as unexpected spikes in activity, access attempts from unfamiliar IP addresses or at unusual times, or permission levels in existing folders being changed.
Mr Gibson also noted:
"IT should also analyze shared activity as a way to tighten up permissions - for example, users and groups that have folder access permissions that are never used - or to spot whether sensitive data is accessible and/or being viewed by non-authorized employees."
The penalties for failing in this area are getting tougher. Aside from the reputational damage a breach can cause, the EU's forthcoming GDPR rules - which apply to any company handling the data of EU residents - could see companies face fines of up to €20 million or four per cent of global turnover if they fail to protect sensitive information. Therefore, in a more collaborative environment, it's never been more important to ensure file sharing activities are secure.
Insights for Professionals provide free access to the latest thought leadership from global brands. We deliver subscriber value by creating and gathering specialist content for senior professionals. To view more IT content, click here.