Is Employee Use of Cloud Storage Putting Your Data at Risk?
Mobility is truly a wonderful thing in the business world. Take this scenario for example: You are at the client’s office when you realize that the document you worked on last week could really help you in the meeting. So, you log into Dropbox, Google Drive or whichever cloud storage service you use, pull up that file and share it with the client. Problem solved, and everyone is happy.
The Dark Side of Cloud Storage
Sadly, all is not rainbows and sunshine in the world of cloud storage. There is a dark side, and it can be more than a little scary. In the days before cloud storage, you stored data on a file server on your local network that was within your firewall. It was nice and safe, protected and secure.
Today, your data is out there in the world, in the cloud. The cloud is outside your firewall. Not safe. Not secure. Sure, your data might be okay out there, but you never know. Cloud storage means you’re relying on someone else’s data center, someone else’s security mechanisms and someone else’s rules. Can you afford to do that with your business data? With your customers’ data?
Consider, too, what kind of data you’re putting in the cloud. If you’re handling sensitive client data or information, there may be legal ramifications to putting that in an insecure area. If you deal with data covered under HIPAA or PCI rules, you could be held liable for noncompliance—all because an employee saved a folder to Dropbox.
Smart Solutions for Business
It’s unrealistic to think that no one in your business will use cloud storage solutions. Instead, work with your employees to create a sensible security policy that allows them to take advantage of the mobility and convenience cloud storage offers but protects sensitive information and complies with the law.
Train and educate your employees. Let them know about your security concerns and help them understand what the business stands to lose if data is compromised or lost.
2. Approved Sites
Keep a list of approved sites that meet or exceed your internal security standards so data is properly protected.
Limit cloud storage services to well-known providers who are unlikely to disappear overnight—and take your data with them to some unknown land where data goes to die.
4. Security Policies
Look for sites and services that share their security policies and have protections in place to prevent unauthorized access of your data.
5. Personal Storage
Make sure your policy also addresses the use of personal storage accounts for company information. What happens to that information if an employee leaves the company?
Ultimately, your goal is to make it easy for your employees to keep your data—and your business—safe and secure, while enjoying the comforts of modern mobility.