For anyone using apps like Google Drive or Dropbox to share information at work, and possibly outside of the company’s network, you’ve probably not given much thought to where the data lives, am I right?
While doing research, I realized how jealous I am of people like you. At one of the places I used to work, there was no network sharing with a home computer. If you wanted to work on something at night or over the weekend, you had to print it out or send the file to yourself.
But are Google Drive and Dropbox safe enough to use both inside and outside the company to send proprietary information back and forth?
Mark Leary, vice president at The Aldridge Co., an information technology company in Houston, said it actually less about security and more about policy.
“The general perception is that apps are insecure, but they are not,” he said. “Most companies aren’t going to have a security team like Google has.”
That question is still valid, though because it addresses where information lives and who is controlling it. It began as soon as there was a service you could buy with your credit card, Leary said.
“Any company with a budget-autonomous manager had a problem,” he added. “The marketing guy said he wants functionality for the company website, so he purchases something that will do it. Then the guy who used to host the website wonders what happened.”
As a result, the job of the managed service provider has totally changed, Leary said. To assume that all apps are centrally controlled is not entirely realistic anymore, he added.
There are apps for even tiny, simple tasks. Take, for example, processes. Leary referred to a website called Sweet Process that helps create checklists for processes. Traditionally, people would write out the process and how to manage them, get IT to spec them out, which could take six months.
With a credit card and a willingness to pay $99 a month, you could be using Sweet Process, enabling 20 users in your company to be creating updates in real time.
“Why wouldn’t you do that?” Leary said. “Companies need to embrace that, make sure executives and IT staff assume people are doing it and need to understand who governs it.”
Apps like Google Drive and Dropbox are going to be different, he said. Those are putting data directly into the cloud. If you log in, security will be OK if used properly.
However, what changes is when you are using it outside of that secure zone, say at home. If you are impatient about having to log in each and every time, you probably will set the computer to remember you. That means your spouse, your child and your weekend guests can click on Dropbox and see your files.
“Tech is secure when it is used securely,” Leary said. “My only hang-up over security is that people assume the technology is flawed and vulnerable. It’s the usage of the technology that creates the vulnerability.”
The solutions programs like Google Drive and Dropbox are solving aren’t new, but need to be solved in a certain way, he said.
There are enterprise solutions for companies that have 50 or more employees that need the information to be available at certain hours and a data trail. Just let your MSP know your needs and concerns, Leary said.
For a company with 10 employees, that kind of investment may be too much trouble, for which those aforementioned tools work just fine — as long as the company knows where the data lives and gets out in front of the usage.
“You have to get a hold of the process and put a policy in place,” Leary said.
Curious about cloud storage for backups? Learn about StorageCraft Cloud Services.