Guest blog from Globalscape’s Chris Thacker, looking at the issues surrounding Dropbox security
Working for Globalscape software for over 10 years now, I’ve met with hundreds of clients and potential clients regarding secure file transfer. Especially in the last few years the topic of Ad Hoc or self-service person-to-person file transfer has moved to the forefront. The need to meet the demands of the business, to be able to quickly and easily exchange large or sensitive files over the internet, has become paramount and with the continued adoption of mobile devices the requirements to trade files continue to expand.
Over the last few years we have seen the emergence of many new offerings in the file trading arena. Offerings such as Dropbox, SugarSync, Box, and a host of others appeared on the horizon. Most of these new offerings were targeted towards the consumer market. According to recent Dropbox postings, they now claim over 100 Million registered users. One of the big reasons for this adoption is ease of use. Dropbox and some of the other players are very easy to set up and use. But is Dropbox security really suitable for the Enterprise?
Obviously, an organization can’t afford to throw their governance, risk, and compliance policies out the window.
As with many technologies there is often a trade off. Ease of use versus security. The solution has to be usable, or the user community won’t use it. I often hear IT administrators complain that they find individuals in their organization using some file trading technology that hasn’t been approved by IT security. Many times that technology is Dropbox. Are these rogue users out to do the company harm? No, they are just trying to get their job done. Remember that most file trades are somehow tied to commerce. Files need to flow so business gets done, but IT teams are tearing their hair out at the Dropbox security risk.
With each passing day, the need to secure data becomes more and more important. The virtual world has changed our physical world. Cyber-attacks are common place and loss of data can have serious repercussions.
Online service offerings provide a bigger target for hackers in general. Last year saw a number of online service based technologies experience breaches of some kind. LinkedIn, EHarmony and Dropbox come to mind. Recently Facebook had problems with their file trading service. Read more about the Facebook problems in HANDD’s January 7, 2013 blog posting.
There are economic alternatives to these SAAS based file sharing solutions. As an organization you may wish to consider another approach. Perhaps a private cloud hybrid or on premises deployment model provides the additional security and lowers risk.
At Globalscape we have been developing secure file transfer solutions for over 10 years now. Our customers span all vertical markets. Our customers have a strong desire for security coupled with easy to use software. We continue to see file sizes get larger and demand for faster file trades as well. Whether it be person to person file trading or automated file exchange we have solutions to meet the requirement.