At first glance, transferring files looks like a fail-safe operation. Users just attach files to an email, drop them in a shared folder, or upload them to a server via FTP. It’s easy, and people at your organization have done it the same way for years.
Unfortunately, these familiar file transfer methods lack security protocols that protect corporate data and can have damaging business consequences that are difficult – and expensive – to amend. A recent Osterman survey of 162 North American IT professionals offers telling insights about the use of these unmanaged file transfers (UFTs) in the workplace. Here, we’ll consider that data with respect to four of UFT’s most common negative implications.
1. Unauthorized data access
According to the Osterman survey, 68% of organizations use FTP as a mainstay file transfer method. This shouldn’t come as a surprise – FTP is a useful way to move large files from one place to another.
But being useful doesn’t make FTP secure. Content often lives on servers for years after it’s sent, making it relatively easy for unauthorized individuals to access sensitive information undetected.
Cloud-based file sharing raises similar concerns. Numerous organizations have unwittingly exposed their data to unauthorized parties by using “free” cloud services like DropBox and SkyDrive. If you still rely on these services to share files with colleagues or business contacts, you should consider who else you might be sharing files with.
2. Intellectual property (IP) loss
More than just a footnote to the problem of UFTs and unauthorized data access, IP loss is a serious issue worth considering on its own.
Managers who believe cloud services are “safe enough” for sharing or storing IP could find themselves regretting their complacency down the line. Sadly, many won’t realize their IP has landed in the wrong hands until it’s too late to undo the damage, and long-term competitiveness could suffer as a result.
Not convinced? Let’s see what IT thinks. No fewer than 81% of IT professionals in the Osterman survey reported being “concerned” about the use of cloud services for sharing corporate documents. That’s an overwhelming majority, and it should come as no surprise that those tasked with controlling corporate governance also harbor fears about their inability to manage content, such as an organization’s IP, that users share with one another via cloud services.
3. Regulatory non-compliance
Ready for your next audit? Organizations where UFT use is rampant might not be. When it comes to compliance, the Osterman survey reminds us of two crucial facts:
- At least two US states require the use of encryption for certain kinds of file transfers.
- A majority of US states now have data-breach laws on the books.
Regrettably, many industries increase their non-compliance risk by allowing UFTs for sensitive data. To maintain compliance, you should be able to produce a comprehensive audit trail with logs of who accessed what content and when the access took place. That’s the information auditors will ask for, but UFTs are unable to provide it.
4. Efficiency limitations
So far, we’ve focused on FTP and cloud services as file transfer solutions enterprise should avoid. But what about email? A whopping 99% of IT professionals surveyed by Osterman report email being used for file transfer at their organizations, and that’s a problem.
In addition to being unsecure, using email for file transfer can hinder organizational efficiency. Consider these stats from Osterman:
- 59% of respondents report that email attachments are getting larger.
- 54% report that files sent by email are too large.
- 51% have dealt with “email storage bloat” due to attachments.
- 48% have experienced increased email backup times.
- 42% have experienced increased email server restoration times.
All of these problems burden IT with time-consuming, expensive troubleshooting activities. UFT, it seems, doesn’t just lack security features, it imposes crippling efficiency limitations, too.
Given the gravity of these consequences, how much longer can your organization continue to tolerate UFT? What appears fail-safe and free could really be a ticking time bomb – and it could go off before you know it.