If things seem a little backward in the BYOD era (bring-your-own-device), it's because in some respects they are. And BYOD is causing problems for small and midsized businesses that put a premium on data security, according to Symantec's latest SMB File Sharing Survey of organizations with five to 500 employees.
In the past, IT staffers typically delivered the last word on technology decisions such as which devices to deploy and which applications to allow. Today, distributed workforces, a wealth of cloud computing services and the consumerization of IT have shifted some of that power to employees.
Anthony Kennada, senior manager of product management at Symantec, tells Small Business Computing, "Employees are influencing the adoption of these tools." Worse, he adds, those tools are often thrown into the mix without IT's blessing.
When tasked with sharing a large file, some workers take a decidedly do-it-yourself approach. Although a slim majority of SMBs, 51 percent, say their workers would ask IT for help, 27 percent report that they are more likely to search on Google for a free solution and download it. Twenty-nine percent of respondents believe their employees would download a file-sharing app without ever involving IT.
Productivity Up, Data Security Down
Of the 1,325 organizations surveyed, 64 percent admitted to adopting online file sharing services – such as Dropbox or Box.com, to enhance productivity. This closely parallels the number of SMB owners who said their employees were "somewhat-to-extremely influential" in adopting file sharing services.
It's a win for productivity, but a potential disaster for data security. The ease of sharing files on unapproved, consumer-grade online services has a tendency to overshadow some security pitfalls such as inadequate access permissions. In many cases, their use can conflict with regulatory compliance and confidentiality policies.
Forty-four percent of those polled expressed concerns about sharing confidential information across unapproved services. The same number feared that malware may infect their systems. These were followed closely by concerns about losing confidential or proprietary information (43 percent), suffering a breach of confidential information (41 percent), and enduring damage to a company's brand or reputation -- or the sheer embarrassment of it all – (37 percent).
Oddly, all those concerns ranked higher than the one lapse that can really land an SMB in hot water with the authorities. Only 34 percent were worried about violating regulatory rules.
A sizable number of SMBs have reason to be concerned. Twenty-two percent of respondents haven't placed restrictions on how employees can access and share files.
Taking Back Control
Sobering statistics aside, there's no reason that small businesses can't wrest back control of their data from employees without negatively affecting productivity. The trick is striking a suitable "balance of end user delight and IT confidence," says Kennada.
He suggests that when it comes to online file sharing services, businesses should strive to "find a secure business-grade alternative and sanction it." Additionally, they should centralize their file stores and provide secure Web-based access.
Kennada also advises that SMBs implement access controls and permissions to ensure privacy is maintained, and that data is shared and viewed only by the appropriate parties. Finally, it comes down to oversight and consistency. Organizations are also advised to use file sharing services that provide visibility into how data is being shared and that offer granular controls to enforce consistent file-sharing policies.
|Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!|