On a daily basis and without the approval of their employers, public and private sector employees secretly transfer various forms of confidential information to cloud-based file sharing services.
This alarmingly common practice subjects a growing number of organizations to the imminent risk of a data breach. Although "rogue file-sharing" is a phenomenon that would cause chronic insomnia for any C-level executive, most are unaware that this activity is occurring within their networks.
Simply put, rogue file sharing occurs when employees utilize cloud-based file sharing accounts, that are not managed by their employer, from the workplace. Although technology professionals have known of and condoned this type of "shadow IT" for several years, many organizations have failed to recognize the associated risk or implement substantive measures to address it.
The Risk
Given that a rogue file sharing account is not centrally managed by the employer, access to the application is solely controlled by the employee who created it. Therefore, these individuals are capable of surreptitiously transferring documents containing intellectual property, trade secrets, protected health information, financial data and other forms of high value data to these accounts without their employers knowledge.
In a 2013 survey of 2,000 file sharing users by Egnyte, 27% acknowledged that they continue to access former employers' documents through cloud based file sharing accounts.
As an example, consider the following sanitized case. A researcher at a high profile technology company is part of a team responsible developing a precedent application. Shortly after this employee received a negative performance review, he created an unmanaged file sharing account to which only he had access. Although management had informally cautioned employees on the risk associated with these accounts, the employee knew that the company does not monitor use of rogue accounts.
Therefore, while at work, the employee methodically transferred hundreds of highly sensitive documents into this private repository. Each evening, he accessed the account from his home and transferred the sensitive documents onto a flash drive, which he eventually anonymously mailed to a competitor. Are there any employees within your organization that may be similarly inclined?
Mitigation Strategy
Although there are various automated solutions to mitigate this growing threat, a practical approach combining awareness and network monitoring is a proven strategy that you may adopt within your organization.
Through the implementation of a clear acceptable use policy and ongoing workforce training, organizations should prohibit employees from using any form of unmanaged cloud-based storage or file sharing medium from the workplace. Use a clearly written directive and a corresponding training curriculum to reinforce the prohibition, and employees will continue to deploy these types of technologies as they see fit.
The access of rogue file sharing services from the workplace is detectable through basic network monitoring. Organizations should create a mechanism that generates a network alert, in the form of a text message or email to a system administrator or cyber security analyst, each time a user attempts to access an unmanaged service. A simultaneous notification of the employee who attempted the access, in the form of an email or automated telephone call, should occur to inform them that their activity has been detected. This proactive process will allow for the enforcement of the policy prohibition and eventually deter the activity.
The introduction of cloud-based file sharing has provided a wide range of options to both individuals and enterprises. However, as with all evolving technologies, the potential for misuse will continue to expose organizations to varying degrees of risk and offer ongoing challenges to the cybersecurity community.