The issue: Dropbox in becoming increasingly popular. They claim 100 million users and many workers including IT pros use it at the office. This trend should be cause for some concern to IT departments because of the increased chance of critical data loss and security breaches.
Why: Many users enjoy the convenience of using Dropbox to store and share business documents rather than send them around as insecure email attachments.
According to new research by an organization called Nasuni (the organization specializes in enterprise storage management), one out of five of a total of 1,300 business users surveyed said they use the consumer file-sync-and-share system with work documents. Surprisingly, one half of those Dropbox users do this even though they know it’s against the rules.
Many of the offenders of corporate security policy includes senior VPs and directors.
It seems they are in some cases most likely to use Dropbox despite the documented risks and despite explicit corporate policy prohibiting the use of Dropbox at the office. A parallel may be drawn between
C-level and other executives as the people who brought their personal iPads and iPhones into the office in the first place and demanded they be supported. For many it has become a case of personal convenience at the expense of corporate security.
Dropbox users have come to enjoy the service to store and share photos, files and other documents such ar word, excel, and pdfs. They are also one of the types of cloud services that have been called “shadow IT” or technology that is brought inside an organization by employees but is beyond the control and tracking of corporate IT departments.
Dropbox popularity is driven by the exploding use of smart phones and tablets to send, sync and share documents. The BYOD trend is a cause of concern for corporate IT departments as they struggle to
lock down and secure corporate data resources. The problem with many corporate file-share-and-sync solutions, is they aren’t as easy to use as Dropbox and don’t necessarily support personal smartphones or tablets.
The real issue for CISOs and IT security administrators occurs when corporate workers put sensitive internal files in the Dropbox cloud. Documents stored in this manner are just not entirely secure.
According to the survey:
“The sensitive data stored in Dropbox is not secure and just as importantly, not controlled by IT. This means that if an employee leaves the company, the information that [a] user has stored goes with them, creating a significant risk of data loss or exposure. Furthermore, as the amount of sensitive corporate data stored in Dropbox increases, the online file-sharing service will become a more attractive target for hackers and other malicious groups.”
Cross Posted from myITview.com