I recently attended SecureWorld Detroit and engaged in two days of conversation with top security, IT and risk management professionals.
There was a single theme that I heard the loudest and clearest from the security community:
There is growing concern for how employees transfer files in an ad hoc manner to those outside the organization. Employees are quick to turn to DropBox or YouSendIt to step outside of file size limitations or email speed issues, without realizing the consequences of their actions.
We heard this consistently across multiple industries – Retail, Healthcare, Financial Services, Banking, Government, Automotive.
We heard this from organizations large, medium and small with requirements to manage file transfers with partners, customers or vendors, and in some cases with international and global reach.
It was said in different ways but it came down to the security teams seeing significant risk for leakage with their current situation today. Some soundbites:
- “We need a person to person file transfer solution”
- “My users want to send large files through YouSendIt. Right now I just keeping saying ‘No’, I’d rather have a solution to offer them.”
- “We need to support an ad hoc file transfer requirement for our users”
- “I have people using DropBox today. It is absolutely unacceptable from a security standpoint, but we need to offer them an alternative.”
This risk around person to person file transfer is not going away, it’s getting worse by the day as more and more employees rely on personal email and cloud based services to transfer data. The potential for leakage is amplified when you consider other data transfer devices such as USB drives and personal email use.
We have done extensive research in this area and we have a Research Report summarized in a graphical eBook which will be published later in October. Titled “Are Your Employees Putting Your Company’s Data at Risk?”, this report helps bring the current problems to life with a picture of how users are behaving today.