IT teams are responsible for mission critical applications, services and systems that businesses depend on to ensure success. On top of this, already over-worked IT pros are responsible for protecting corporate data in a world where data is moving across borders, systems and people. And itโs not an easy job. Although thereโs a lot of technology that enables business integration, security is still an issue, and teams often struggle to protect data end-to-end even as they implement solutions to respond to heightened cyber security threats.
[easy-tweet tweet=”Thereโs lots of tech that enables business integration, but security is still an issue” hashtags=”tech, security, IT, cloud”]
In a recent survey we carried out, nearly 600 IT pros working in organisations across the globe with greater than 500 employees were polled about their data security and compliance issues. In the UK, 78% of respondents rated their ability to transfer and share files as very important securely and 70% already prohibit individual file transfer solutions through company policies.
Other European findings included:
- 59 percent of respondents have policies in place that prevent certain file transfer technology or services for sensitive data, while 35 percent of companies in regulated industries such as healthcare, finance and government donโt allow it at all
- Only 31 percent of respondents believe that their organisationโs processes in mitigating risks in file transfer operations are very efficient and only 28 percent of respondents believe that their organisationโs processes in identifying risks in data transfer operations are very efficient
- 47 percent of those surveyed organisationโs have or may have experienced a significant loss of data resulting from a breakdown in the file transfer process
- 55 percent of respondents that did experience a significant loss of data said it was due to human or processing error
As the external threat of hackers causing cyberattacks and breaches continues to rise, security problems caused by employees making innocent mistakes or in rare cases looking to maliciously steal corporate data is also increasing. An effective way to prevent both innocent and malicious insiders from causing cyber security issues is to stop them from using unsecure public cloud file sharing solutions such as Dropbox or Box. Transitioning to a more secure Managed File Transfer(MFT) solution that offers extra layers of security and protection can make all the difference in an increasingly complex and unsafe world rampant with cyberattacks.
The use of cloud-hosted applications has led to more IT teams battling a new kind of data security gap in their organisation. And as shadow IT permeates most organisations, non-secure file transfers can often be at the bottom of a long list of security gaps that need attention.
[easy-tweet tweet=”Cloud-hosted applications lead to more IT teams battling a new kind of security gap” hashtags=”tech, IT, data, security”]
Filling cloud data security gaps can pose a unique challenge for IT teams because they have no visibility into these data transfers. Additionally, IT teams struggle to meet compliance standards, whether internal or external, because they donโt have a record of what files have been shared, who they have been sent to, or where the files went. This lack of control can weigh on IT teams and as cloud applications evolve and the work force becomes, even more, tech savvy, the threat and the consequences will only continue to grow.
To address these security gaps, IT teams can look to adopt secure MFT solutions that send files securely with complete tamper-proof audit logs, reports and dashboards to gain visibility into the movement of their companyโs data and a sense of control. Additionally, IT teams can:
- Prohibit most, if not all, EFSS and insecure/unsanctioned file transfer solutions
- Continuously educate employees on secure file transfer best practices and policies
- Train all staff on the MFT solutions in place for both person-to-person and person-to-system transfers
- Leverage workflow and automation tools included in MFT solutions to reduce the possibility of human error
Implementing an MFT solution and embedding it into a companyโs workflow is just the first step in addressing security gaps that occur from the rise of the cloud. IT teams should also set best practices for themselves to help prevent other gaps from forming. For starters, they should classify documents and implement content inspection practices around sensitive information including PII and intellectual property.
IT teams are on a long road to protecting their companyโs data against breaches, attacks and careless employees, and there are bound to be a few fumbles along the way. Based on results from the previously mentioned survey, not even half, only 40 percent, of respondents working at global companies in regulated industries have even adopted best in class and more secure MFT technology. But with the cloud data security gap only looking to widen, this number needs to rise significantly. By implementing these tips to fix many pressing issues presented by non-secure file transfers, IT teams will be well on the way to closing the cloud data security gap and prevent future ones from appearing.
Michael Hack, SVP EMEA Operations, Ipswitch
Comments are closed.