Protecting sensitive documents with secure file sharing
May 29, 2014
More organizations are putting their priorities into protecting their sensitive information, which is necessary as breach costs rise rapidly. Many small- to medium-sized businesses do not have the resources to shell out for dealing with a massive compromise, making security essential to continuity efforts and overall success. As threats become more sophisticated, companies will need to integrate secure file sharing programs and other safety measures to guard important documents.
When it comes to file transfers, organizations often warn about using personal accounts and the potential security complications that consumer-grade solutions will add to the mix. Dropbox, for example, has admitted its lack of security capabilities and the fact that employees are able to access metadata when required. Network World contributor Linda Musthaler suggested that in these cases, businesses should ask how “rare” these circumstances are, as it is not the same as never being able to view critical files. With the authority to view sensitive information, the provider could potentially leak the data and cause substantial damage to the subscriber. In order to mitigate this possibility, decision makers need to integrate enterprise-grade file sharing solutions for maximum flexibility without compromising file integrity.
“[W]hile end users are interested in ease of use, enterprises are more concerned about data security,” Musthaler wrote. “In response, the providers of these services have enhanced data privacy and security capabilities; for example, by using SSL to secure a file during transmission to the cloud and by encrypting the file at rest in the cloud.”
Using encryption to break the security code
Protecting critical documents can be challenging for many businesses, but with the right security capabilities, they can ensure that unauthorized parties cannot view the data. In a recent article for Cloud Computing Journal, security advocate Gilad Parann-Nissany outlined seven steps to cloud migration, three of which dealt with the need for encryption. With this much emphasis on the safety of the environment itself, it shows how much IT relies on tools to keep files safe. Online file sharing services such as Memeo C1 offer a degree of encryption and remote wiping abilities to deter unapproved individuals from compromising the information. By using split key encryption and homomorphic key management, organizations can secure their critical assets and prevent costly breaches.
“The only way to truly protect yourself from this scenario is to maintain control of your encryption keys,” Parann-Nissany wrote. “And the only way to maintain such control in the cloud is with split key encryption.”