Security software maker Symantec announced that online file sharing poses a risk to small and medium sized businesses (SMB) who adopt this business practice. Symantec’s security team looked into the issue with its 2011 SMB File Sharing Survey and saw that SMB employees use their company’s file sharing solution to store and share personal-use files and applications without the knowledge or permission of their IT team.
This behavior exposes the company’s IT infrastructure to malware and hacking attacks — and potential data loss. More and more SMBs are adopting file sharing services for use on personal mobile devices as well as for remote access to the company’s servers.
With 1,325 SMBs (5 to 500 employees) surveyed worldwide in 2011, Symantec generated the following data:
- Employees influence adoption of file sharing solutions internally SMB stakeholders recognize that file sharing helps drive productivity among employees. Seventy-four percent of respondents said they adopted online file sharing to bolster their own productivity. Also, 61 percent of respondents reported employees to be somewhat-to-extremely influential when it comes to adopting file sharing solutions internally, on par with mobile device usage (63 percent), PC/laptop/tablet usage (64 percent) and social media usage (53 percent).
- Security and data loss are potential file sharing risks Many respondents recognized the potential risks that poorly managed file sharing practices can bring into their organizations. Among respondents, risks cited as potential concerns included sharing confidential information using unapproved solutions (44 percent), malware (44 percent), loss of confidential or proprietary information (43 percent), breach of confidential information (41 percent), embarrassment or damage to brand/reputation (37 percent), and violating regulatory rules (34 percent). Moreover, the lack of policy enforcement also enhances risks for many respondents as more than one-fifth (22 percent) of respondents have not implemented policies restricting how employees can access and share files.
- File sharing behaviors could expose SMBs to risk Employee behaviors around file sharing indicate further potential for security risk. When asked what employees might do when they need to share a large file, respondents indicated they would either ask IT for help (51 percent), use a solution suggested by a customer, contractor or partner (42 percent), utilize the IT system in place (33 percent), or search online and download a free solution (27 percent). Furthermore, 41 percent indicated damaged brand reputation was a concern when it comes to file sharing.
- Files are getting bigger Many of the files shared internally and externally are significantly increasing in size. One in seven (14 percent) respondents reported the average size of files currently shared by their organization to be more than 1 GB while three years ago, only 6 percent reported the average file size to be more than 1 GB.
- SMBs are more distributed Respondents indicated the number of employees working remotely and/or from home has gradually increased over the past three years, and the number is projected to increase. Respondents predicted that one year from now 37 percent of SMB organizations will have employees working remotely (up 22 percent from three years ago and 32 percent today), and 32 percent will have employees who work from home (up 20 percent from three years ago, and 28 percent today).
Rowan Trollope, Group President for SMB and .cloud at Symantec expressed his concern for the SMBs that unknowingly make their companies vulnerable to cyber attacks.
A staggering 71 percent of small businesses that suffer from a cyber attack never recover – it’s fatal. As the fastest adopters of cloud technologies, such as file sharing, SMBs need to use safe practices, especially when using a solution that might not be built for (their) businesses. As employees increasingly adopt consumer cloud services at work, the risk to SMBs only grows.
Symantec recommends SMBs should implement the following best practices to help ensure employees share files securely:
- Centralize file storage and management with a secure web-based system that is accessible regardless of device or location so that companies protect data outside the office walls.
- Implement access controls and permissions to keep private files safe and separate from work content.
- Maintain oversight into how and when business files are shared.
- Implement a scalable system that can grow with the business.
February 4, 2010
March 14, 2012
June 11, 2012
August 11, 2010