Dropbox Hack Highlights Need for BYOD Security
A recent confession by Dropbox that their system was hacked should make every CIO’s blood run cold, not to mention validate IBM’s recent ban on the file hosting service.
In the absence of an enterprise data access strategy that extends to tablets and smartphones, BYOD users are turning to free consumer services like Dropbox to retrieve and share needed files. Hello, data. Goodbye, security, governance and compliance.
Everyone knows the pitfalls. IT has no control over data stored by these services. The encryption keys are held by the service provider. Even though the data is encrypted once it gets to the cloud, the lack of client-side encryption exposes data in transit. In effect, use of these services blasts a gaping hole in the wall you have built to guard against data leakage and regulatory violations.
The need to plug this hole is sparking new interest in Managed File Transfer (MFT), a technology originally developed to protect data exchange in the pre-BYOD era.
MFT not only encrypts data transfers at the point of origin but also requires authentication of both the user and device. It enforces corporate policies on who can send what to whom. It provides an audit trail of all file sharing activities for compliance and forensics purposes.
While most vendors offer a public cloud option, the technology can also be deployed on-premise in an installed or virtual private cloud scenario so that the stored data never leaves the enterprise. Files are downloaded from a central server on an as-needed basis and then deleted from the mobile device. IT can maintain complete control.
The technology also overcomes email file limitations that force users needing large Power Points, CAD drawings or other oversized files to turn to unsafe web services in the first place. And it simplifies IT administration because the same password can be used for desktops, laptops and BYOD devices.
Whether with MFT or another solution, CIOs need to find a way to bring tablets and smartphones under their security wing. Otherwise, it will continue to be a BYOD Wild West out there. No company can afford that risk.
To learn more about MFT and the solution that SEEBURGER offers, visit http://www.seeburgermft.com