Secure Online Collaboration Made Easy
Since the pandemic hit and Work-from-Home (WFH) became the new normal, online collaboration has become a critical requirement for enterprises to function effectively. While collaboration increases productivity it could also introduce unintended data security risks that businesses need to defend against.
According to a recent report, it was found that 97% of remote workers would like to work remotely for the rest of their careers – Buffer 2021
Data security challenges
According to Gartner, 74% of businesses are allowing at least 5% of their previously on-premise employees to work remotely even while the effects of the pandemic settle down. Clearly, while employees are making their way back to the office, many of them will have still need to remotely collaborate with co-workers and other stakeholders who are allowed to work from home.
Let’s take a look at the top data security concerns that businesses should worry about when allowing online employee collaboration.
1. Unauthorized data sharing
Employee negligence causes 62% of all insider breaches - Ponemon’s 2020 report
2. Email based sharing
This is a common problem a number of enterprises face. Email, due to its ubiquity becomes the de facto medium for collaboration. And while email is ok for most daily business collaboration, it is not a great medium for confidential or sensitive data. Many times, documents get sent as email attachments with no access restrictions placed on them. In such cases, the recipient is free to download the attachment and circulate to other parties unbeknownst to the sender. Or an email can accidentally (or deliberately) get forwarded to an unauthorized recipient.
Also, email attachments are an inefficient way to collaborate. Because they are not version controlled, recipients may access an older email by accident and waste valuable time reviewing or annotating a document which is not the latest version the sender has authored.
3. Public cloud file transfer services
Employees also have access to a number of free file transfer services provided as public-cloud SaaS offerings. While these are easy to access and use, their security safeguards could be viewed as inadequate by many enterprises. The type of encryption such services use while data is in transit, or at rest, and whether they have the ability to decrypt the data – are all questions that enterprises need answered. And with public cloud-based services – the answers are usually less than satisfactory.
4. Secure FTP based methods
To get around the above issues, several businesses use SecureFTP for transfer and exchange of confidential data. SecureFTP is indeed secure. But it is basically a free file transfer mechanism – not designed for collaboration. IT teams end up writing home-grown scripts around SecureFTP to fashion basic collaboration – but such solutions don’t tend to be sustainable in the long term. SecureFTP also may not integrate with enterprise namespaces (like Active Directory or Azure AD) making it inconvenient for business use.
Most importantly, SecureFTP solutions require a physical, on-premise server which users need to access – and has therefore become impractical in the WFH model. In today’s world, businesses are increasingly looking for cloud-based collaboration solutions.
5. Lack of centralized policy-based control
When employees use multiple channels to collaborate – data sharing becomes ad hoc and unregulated. It becomes difficult for the business to get a handle on what data was shared, by whom, whether it was shared securely etc. Businesses need to be able to control and manage who can collaborate, what they’re allowed to share, and how (i.e. with what security controls). And post-facto, businesses need to be able to audit what has occurred, look for deviations, and course correct.
Organizations serious about collaboration, one of the best steps to take is adopting an commercial grade Enterprise File Sync & Share (EFSS) solution