By Mark Edge, UK Country Manager, Brainloop
Financial data is some of the most lucrative data to hackers. Therefore, it comes as no surprise that recent research, that looked at data loss across various sectors, has revealed that theft of finance sector data has almost doubled in the past year. The financal sector saw a sharper rise than any other sector which will likely come as a worrying warning to both the industry and customers alike.
One of the most notable examples of data loss occurred when it was revealed that Barclays lost the data of 2,000 customers after a USB stick was lost by an employee. However, it isn’t just attacks from the outside that are causing headaches for financial organisations. Figures released by Kaspersky revealed that accidental data sharing by staff in organisations poses a greater risk than software vulnerabilities. In fact, 29 per cent of respondents to the Kaspersky study reported they had suffered accidental data leaks by staff during 2014.
Although the study doesn’t specifically single out consumer-file sharing apps like Dropbox and Google Drive as the reason behind this, their ever-increasing use in the enterprise cannot be denied. Employees turn to these well-known apps because of their ease of use. With the majority of them being free to use and easy to install, they are creating a headache for organisations.
Those responsible for IT within financial organisations are anxious about losing control of files inside and outside the workplace, especially as compliance requires knowledge of and control over the data’s location. With no centralised management or security, these consumer-grade file-sharing platforms can be a nightmare for IT administrators.
Consumer file sharing tools such as DropBox typically use the public cloud to store data being shared. Sharing high-value confidential and sensitive data on these public platforms creates serious security and compliance risks.
Financial organisations must keep data secured or face paying a high price. If personal is compromised the Information Commissioner’s Office (ICO) has the power to fine the offending organisation up to £500,000. Personal data has a wide definition and includes any information that can be used to identify an individual. Financial organisations who don’t alert data loss to the authorities run the risk of being caught out and could face large financial penalties.
Secure file sharing and collaboration is achievable and doesn’t require complex processes. The challenge for IT departments is balancing access to confidential data to those who need to view it, but also keeping it protected from others who aren’t allowed access. The trick to succeeding is to have the right levels of control in place to ensure workflow runs smoothly.
It is likely that financial institutions will soon start to impose bans on the use of consumer storage platforms in the workplace. With this in mind why not tackle the so-called ‘Dropbox Dilemma’ in your workplace now? Here are a few pointers to putting the right level of control in place to make secure file sharing work in your workplace.
- When looking to implement an enterprise-ready file sharing and collaboration solution it is imperative that it is all encompassing. It needs to be intuitive and integrated into an organisation’s workflow so as not to cause bottlenecks and backdoor leaks
- Workforces are now more mobile than ever and for this reason the solution must allow employees to securely manage and collaborate on confidential documents and other information both within the local IT infrastructure and also remotely
- Don’t be caught between a solution that gives you convenience and one which gives you security. The two, along with an intuitive interface for less sophisticated users, should go hand in hand.
- Data leaks are usually down to either careless, clueless or malicious actions. If you take this into account on your security protection, you are eliminating the majority of risks that affect most companies.
- Introduce a clear document security policy in the workplace and make certain that all employees understand it.
- Data which is considered to be highly confidential should be secured and accessed only on a need-to-know basis.
- Implement security options that prohibit alternations from being made to documents unless the user is authorised.
- Despite trying to expel consumer file sharing programmes, employees may still look to use them. To protect against this it is important to monitor and audit your network on a regular basis. Unauthorised activity on the network can be picked up by scanning activity logs on a daily basis.
- Having secure file sharing in place can improve your bottom line. It considerably reduces the risk of sensitive financial information being compromised as well as financial vulnerabilities linked to failing to comply with laws and regulations.
By introducing the level of security you need in place for file sharing and collaboration, you can stop worrying about security threats. Financial organisations should select the best systems and services to enable their policies. In some cases, it could be as easy to be secure as it is to send a file. All it takes is one click. This will allow you to focus on what’s really important – maintaining a successful business that can take full advantage of growth opportunities.