A friend of mine recently shared a link with me to download Dropbox and asked me to share my latest excursion’s photos. So I took a few minutes from my busy schedule and followed instructions to get Dropbox onto my desktop. I heard a lot about cloud storage but never knew it would make my life so much easier when it comes to sharing photos. I dragged all photos into a newly added Dropbox folder and quickly shared a URL with my friend to access those photos through the web interface. Surely the experience of sharing large files so effortlessly and instantly was incredible, but isn’t installing cloud storage at work a potential information security risks?
Cloud based file sharing is file hosting which provides storing and sharing data services, the stored data can be accessed from any internet browser. Dropbox, Google Drive, Microsoft OneDrive, iCloud and Box are some of the more popular cloud storages. The convenience of keeping personal data safe and within reach has attracted the largest corporate crowds ever. A recent survey showed 89 percent of employees have personal accounts on cloud storage services; out of which 70 percent storage is done for work purpose and 22 percent of employees store important company data.
Employees who store data in their personal account face a higher likelihood of data breach. Companies confront critical fallouts because of data breaches from insider data theft and accidental loss by employees. IT professionals believe that cloud storage is one of the biggest loopholes in the data security system, which has fetched many security challenges. Cloud has obscured the data prevention strategies by IT team. Larry Ponemon, chairman and founder of the Ponemon Institute said on cloud sharing services, “We’re acutely aware of the potentially catastrophic consequences that can occur as a result of security breaches of these tools.”
To combat security risks, it is important to stay updated and aware of emerging and existing threats and vulnerabilities in the company. Here are some suggestion to mitigate the gamut of threats and security risks:
- Employee awareness workshops on information security.
- Install Filter content and block certain websites.
- Set Firewalls and use anti-virus software to protect PCs.
- Set up Risk and compliance policies.
- Incident Report team for investigation.
- Regular audits by Risk Management team.
- Monitor employee computer activities regularly.
Implementation of policies, training programs, blocking websites and/or filtering content sometimes doesn’t help in mitigating data breaches. Web Proxy is an alternate option for many employees to surf blocked websites which brings online threats to the information security. Hence it is critical to identify outliers and failure modes for effective analysis to diminish perils.
Hoverwatch is computer monitoring software and an advanced monitoring tool designed to meet the modern workplace’s challenges. You can read Jack Gillman’s hoverwatch review here – its monitoring PC activity feature captures all activity and gives comprehensive details of all activities performed on the computer such as keystrokes, surfed websites, IM conversation, emails, documents, documents location, deleted files and the list goes on. An even more powerful feature is the content filter option which allows blocking unwanted and non-work related websites or content, customized black and white list for safe online experience and more. Hoverwatch helps in recognizing weak links to the data security and helps in managing the workplace more effectively.