Millions of users, who place documents into the Dropbox storage servers or other Cloud based collaboration solutions such as Huddle each day, are potentially putting their data at risk, despite the belief that it will be safe and secure. This is according to Simon Bain, CTO of Simplexo.
Despite findings from the Cloud Industry Forum, which have highlighted that data security is uppermost in the minds of 62 per cent of businesses in the UK, corporate Britain is seeing a dramatic increase in the use of Dropbox and its competitors, such as Google Drive, Huddle, Box Net and Jungle Disk, thanks to the rise of employee adoption.
Simon Bain stated: “With the glare of security very firmly focused at Google and its new Terms and Conditions for the Google Drive, we should not forget that other players in this market also have similar T’s & C’s.”
“Corporate users need to look more closely at how they are using these services, particularly syncing, which is a really important part of a Cloud storage offering – in other words having all of your files available from anywhere. But do users realise that in a lot of cases their files are physically downloaded to their devices? If you lose a device, or leave it unattended, all of your files are accessible to a third party,” he continued.
In the rush to have documents available everywhere, corporate and data security has been marginalised, often for ease of use for the end user and simplicity of providing the service.
Google has proved over the last 10 years that user data really is king. Most of Google’s profits come from targeted advertising based on their users data – Location, Search Phrases, Blogs etc. – This is exactly the same business model that Facebook and others are trying to emulate. With Facebook it is based on the data that you place on to their social network. With Dropbox and the other Cloud storage providers, they are also looking to monetize the information that you place within their storage. As a corporate user you need to be careful that you do not break your own companies employment policies when you use these services, but also that you are not breaking state or national data protection legislation. As I have said ‘Data is King’ this is true also of your data for you. Sales records, quotations, bank statements. Do not give these away.”
“I am obviously a believer in using the 'Cloud' as a way forward for both personal and corporate life. However there are certain guidelines that I think need to be adhered to before we all start throwing our hard disks away and placing everything in to the hands of others,”
“While security on the Cloud servers is very important overall, document security cannot be overlooked and I think suppliers do have responsibility for this. The likes of Dropbox need to be more open with their users and not hide behind T’s and C’s.”
Some of the questions we need to be asking are:
· Can somebody access our data?
· Is your data only yours? Or does your agreement with your provider actually sign usage over to them. (Check as most providers do exactly this)?
· Are the servers secure that my information is stored on?
· Is my store separate from others? Or is there a large silo that everybody’s files get dumped in to?
· What about the files? Are they encrypted?
· If there is an on-line search capability? Is this secure or does it hold plain text in a database?
· If a hacker gains access to the servers, can they see my files?
· Are my login details and or user credentials held on the server?
Bain said: “Get positive answers to these questions before placing any documents into a store unless the data has no commercial value. Banks go to great lengths to make sure that we are secure during our on-line banking sessions. So why go and drop your bank statement in to an on-line box?”
Tags: ICT, BC/DR