Leveraging Technology to Mitigate Risk Part #3: Clean Up Your File Shares

August 13, 2018
Part 3 of our blog series discusses how organization-wide file shares pose one of the biggest security and compliance risks to organizations. 
File Drawer
Technology provides a powerful platform allowing organizations to innovate at a rapid rate. Technology is so entrenched in our work-lives, we take for granted how things like email services, smart phones, video chatting, and computers have revolutionized the business world. However, with technology progressing and changing so quickly, it has also made organizations vulnerable to risks like cyber-attacks and data breaches, putting their clients’ privacy in jeopardy. Over the next few weeks, our blog will cover some of the top ways you and your organization can protect yourselves from the increased risk associated with the daily use of technology. 
Clean Up Your File Shares
Organization-wide file shares are the electronic equivalent of that junk drawer everyone has at home. You know there is a lot of stuff in there, but you don’t know exactly what’s in there, and you can’t remember the last time you cleaned it out. However, unlike your junk drawer at home, the electronic “junk drawer” in your organization's file share can pose a huge risk. On average, only 31% of data in an organization’s file share is necessary to keep. Necessary files include records that are needed for business operations, files that need to be stored, files that are on hold, and files that need to be collected. This means that 69% of your organization’s file share is comprised of eTrash; and Redundant, Obsolete, and Trivial (ROT) files—i.e. files that should be deleted and destroyed. This problem is not occurring in isolation, either. In 2014, 84% of IT professionals reported that their organization experienced security problems from the use of file sharing services. 
Why are file shares such a breeding ground for security risks? One reason is that the people doing the file sharing are regular employees who may not be sufficiently trained to recognize security risks, nor knowledgeable enough to know how to properly protect their files and their access to the file sharing site. (Learn more about the importance of employee security education in our other blog post.) Another reason is that many popular file sharing services, like Dropbox and Google Drive, are so user-friendly that it is easy to accidentally upload or share a file that was not meant to be shared if an end-user is not careful. 
With the increasing popularity of employees working remotely and the productivity that file shares allow, the use of file sharing services will only continue to rise. Dramatically reduce your security risks by doing some spring cleaning on your organization’s file share by using software to gather all the eTrash and ROT so an administrator can approve it for disposal. In addition to this, make sure your file sharing service has the following:
  • Encryption of files during both transit and at rest
  • Integration with corporate authentication services, like Active Directory, and use of 2-Factor Authentication
  • Easy to use, so end-users don’t try to find a work-around
Storing data that is not used anymore is a massive security risk. It only takes, for example, one employee to accidentally change permissions on a classified document, or one piece of un-disposed sensitive data to expose your organization to litigation.  Don’t cost your organization millions, and don’t risk your clients privacy and peace of mind.