With data growing exponentially and individuals within organizations using personal endpoint devices for business use it makes sense that secure file collaboration is now one of the top priorities for IT admins. For organizations that enable file collaborationwith sensitive documents — especially large governmental organizations that are still reeling from the sting of WikiLeaks — secure file collaboration is essential.

As InformationWeek writer Mathew J. Schwartz recently pointed out in his piece “10 SharePoint Security Mistakes You Probably Make”, some of the damage from the leak of hundreds of thousands of sensitive government documents might have been mitigated if the government’s SharePoint deployment was made more secure. As Schwartz notes, many security pitfalls can be easily avoided, though the process may not exist, or be intuitive or workflow-friendly.

In fact, when it comes to security, what makes sense for IT rarely makes sense for end-users. IT’s need for access and control can be perceived as rigid and complex by end-users, which can result in them circumventing a secure system. However, if the organization is aligned on a holistic security strategy across all departments, the chance of a major security leak is greatly reduced. But what factors make secure file collaboration software successful across an organization?

  1. Start with organization-wide education: Secure file collaboration can only happen when people are educated about file security. Even with a secure collaboration tool, there is always the prospect of human negligence. It’s not enough to deploy security measures and expect people to adopt them if the process and reasoning is not explained. IT gets security, but not everyone (including CEOs) understands how data leaks can happen and how they can be prevented. Stressing the ‘why’ makes the ‘how’ much more relatable. It’s also important to know exactly who is responsible for data access and management because even though security breaches affect everyone, according to a Cryptozone survey on SharePoint security, 13% of workers believe that protecting company data is not their responsibility.
  2. Ensure physical data security: It’s a given that data should be safe in its physical location and something simple like an open door to a data center has the potential to undermine security. It’s generally more challenging for organizations to ensure 24/7 datacenter security if their data is stored on-premise and if there’s a secondary datacenter that replicates data for disaster recovery, it’s twice the challenge. Alternatively, most cloud storage providers like Rackspace offer secure facilities with restricted access and 24/7 monitoring for maximum physical data security.
  3. Secure the network: An unsecured network can be an easy single point of failure for organizations. All passwords should be a complex set of letters, numbers and symbols. Be sure that there are advanced firewalls with a protected perimeter and regularly carry out penetration testing to ensure maximum network security. If using cloud providers, make sure that files are encrypted to and from the cloud with 256-bit SSL.
  4. Application security: No matter how you collaborate with files, administrative control and oversight is important. Know how files are being used and by which applications and keep in mind application compliance. Permissions for files and applications help to ensure that only the appropriate individuals have access to data that is relevant to them and avoid overly inclusive access rights.
  5. Ease of Use: By far the biggest hurdle for a successful secure file collaboration strategy is ensuring ease of use. The best security strategy is rendered useless if users find it easier to bypass the system in order to get work done. In the Cryptozone survey, nearly a third of people were willing to bypass security measures if it helps them get the job done. This demonstrates that workers are naturally hesitant to change their familiar workflow, so it’s important to carefully choose processes and solutions that keep end users and existing workflows in mind. Take mobile device strategy as an example: due to iPads and iPhone popularity as consumer devices, organizations that ban their business use may encounter a backlash: users use their unsecured devices anyway, so be prepared to put a strategy in place and avoid putting data in jeopardy.

In a post-WikiLeaks world that is experiencing an explosion of all types of data, file security has never been more critical and keeping these five principles in mind will help secure file collaboration in your organization & help you make better purchasing and process decisions as you develop a file security strategy.

We’re interested to hear your feedback. How are you securing files at your organization and have you experienced any security threats?

Alastair Mitchell

Co-founder


Request a Demo

© 2006 - 2019. All Rights Reserved.