The more online sharing becomes a common business practice the more small- and medium-sized businesses (SMBs) are at risk of malware or a security breach, Symantec Corp’s 2011 SMB File Sharing Survey suggests.
SMB employees are increasingly adopting unmanaged, personal-use online file-sharing solutions without permission from IT, part of the broader trend of the consumerisation of IT that includes the adoption of online services for use on personal mobile devices, the survey says.
These early-adopter behaviours – like those driving the use of file-sharing technology – are making organisations vulnerable to security threats and data loss.
“A staggering 71pc of small businesses that suffer from a cyber attack never recover – it’s fatal,” says Rowan Trollope, group president, SMB and .cloud, Symantec.
“As the fastest adopters of cloud technologies, such as file sharing, SMBs need to use safe practices, especially when using a solution that might not be built for businesses. As employees increasingly adopt consumer cloud services at work, the risk to SMBs only grows.”
Productivity behind file sharing
SMB stakeholders recognise that file sharing helps drive productivity among employees. Seventy-four per cent of respondents said they adopted online file sharing to increase their own productivity.
Many respondents also recognised the risks that poorly managed file-sharing practices can bring into their organisations. They cited as concerns sharing confidential information using unapproved solutions (44pc), malware (44pc), loss of confidential or proprietary information (43pc), breach of confidential information (41pc), embarrassment or damage to brand/reputation (37pc), and violating regulatory rules (34pc).
Moreover, the lack of policy enforcement also enhances risks for some respondents, as 22pc of them have not implemented policies restricting how employees can access and share files.
Symantec recommends that SMBs implement best practices to help ensure employees share files securely:
- Centralise file storage and management with a secure web-based system that is accessible regardless of device or location so that companies protect data outside the office walls.
- Implement access controls and permissions to keep private files safe and separate from work content.
- Maintain oversight into how and when business files are shared.
- Implement a scalable system that can grow with the business.
