The research, “Achieving Security in Workplace File Sharing,” found that nearly 50% of organizations believe that popular cloud-sharing services such as DropBox, Google Docs and Box are not suitable for business use. Key concerns highlighted by respondents included the inability to determine if sensitive data was lost or stolen due to a data breach in the cloud and fears over the negative consequences of public cloud tools due to the potential loss of intellectual property.
“The results of this study definitively illustrate that organizations are highly concerned about the security risks posed by both public cloud and on-premise file sharing tools, and they’re absolutely right to be wary of them,” said Larry Ponemon, chairman and founder of the Ponemon Institute, in statement. “We’re acutely aware of the potentially catastrophic consequences that can occur as a result of security breaches of these tools. However, it’s our hope that these findings encourage organizations to take a close look at their security strategies related to file sharing, and in turn implement a comprehensive set of policies and technologies to help ensure the secure transfer of sensitive information across their workforce.”
The study also found that 89% of organizations are highly unlikely to know if sensitive or confidential data was lost or stolen due to a data breach in the public cloud, even though 80% said that they are concerned about the negative consequences of public cloud tools due to the potential loss of intellectual property.
A full 69% are not likely to know whether employees are using unapproved and risky file sharing tools, but similarly, 66% rank file sharing high or very high risk to their organization.
“In recent years, employees have been increasingly adopting public cloud tools, such as DropBox, Box and Google Docs, to exchange and share documents and company information in the workplace,” said Dave Butcher, senior director, product portfolio management, Axway. “These tools provide a great user experience, but there are serious question marks about their enterprise-class security credentials, illustrated by the fact that many financial and healthcare organizations block their use. This survey highlighted those concerns and points to the need for a solution that can address the usability, security and policy management requirements of users and IT departments.”