MSP Blog Logo

BDR

Business Growth

Cybersecurity

Help Desk

MDM

RMM

Sales & Marketing

Subscribe

Empowering Your MSP Business to Grow and Prosper—One Post at a Time

5 Ways to Improve Your MSP Service Level Agreement (SLA)

Featured Post

5 Ways to Improve Your MSP Service Level Agreements (SLAs)

SLAs are the foundation of your MSP business. They are essential to building strong client relationships and must be clear, reasonable and well-constructed.

Read Now

Top 3 Security Flaws with File Sharing Platforms

Posted October 16, 2014by Dee Zepf

sync-facilitateCan you imagine working in today’s business environment without the ability to easily share files across any platform at any time? The days of thumb drives and other physical data transportation means are numbered. While the need for sharing data will always remain, as file syncing and sharing (FS&S) platforms continue to evolve, the methods for how we do so will need to change.

While that introduction paints a rather rosy picture for the world of file sharing tools, like Dropbox, there are inherent issues with this way of sharing files with one another. In fact, this past Monday, news broke that nearly 7 million usernames and passwords connected to Dropbox were compromised. Although Dropbox denies it was hacked, the incident demonstrates the difficulty of striking the right balance of security, collaboration and ease of use in a solution. It’s important that MSPs and their clients are informed of the common issues with today’s FS&S platforms so that they’re not putting data at risk and ultimately damaging a business’ bottom line and/or reputation.

Here are a few of the potential trouble spots for FS&S platforms that you should be aware of as an MSP and as a business owner.

1. Cyber-security

Nothing online is ever 100% secure. We’ve seen this many times over with Target credit card breach, Heartbleed Open SSL vulnerability, Cryptolocker ransomware, as well as others just reported in the last year. However, there are proactive measures that can be taken to help minimize these risks.

That said, the very open nature of services like Dropbox carry security risks that should make most businesses a bit leery of using these services for company files, especially those companies who must be HIPAA compliant. Passwords in personal Dropbox accounts are not monitored like those on a corporate network and can be more susceptible to hackers.

It’s a serious risk that needs to be fully vetted. Under the harsh light of cyber reality, services like Dropbox may not make the grade.

2. Increased Endpoints

In the new age of BYOD (bring your own device), the number of access points to company data has increased exponentially. Employees can now access company files from their personal devices, which has many benefits and helps increase employee productivity.

The problem is that not all companies have proper tracking and management over these devices. What if an iPhone is lost or stolen? Who now has access to those confidential files?

With many FS&S platforms, all it takes is a link to view a shared folder. If an authorized person sees that link in an email, they have full access to that data.

In addition, an employee landing on a malicious site on their smartphone could again expose any passwords to the FS&S platform. And on top of that, it’s much easier to shoulder surf and steal a password just by watching on mobile devices because there is a preview of the hidden characters when typing on a touch keyboard.

There are a number of concerns that should be considered when accessing confidential data on mobile devices. Make sure you’ve considered these risks before setting up shared access on mobile devices, and at a minimum, make sure you have an MDM solution in place as well in case devices are lost or stolen.

3. User error

Is there any scenario in any IT environment where user error is not a risk? Once users are off the range (in this case your LAN) the chances increase practically exponentially. Imagine the scenario of a corporate user sharing a link with the wrong contact. It’s very easy to have two contacts named “Mike” in your address book and select the wrong one when sending an email.

Many people in business have friendships with individuals at direct competitors. Something could innocently be shared with another who works for a competitor and suddenly that friendship is less important than the competitive advantage that has been gained.

Make sure that whatever system you’re using to collaborate has security measures in place that can lock down data so no unwanted eyes gain access.

Conclusion

When it comes to choosing a file syncing and sharing platform, education is the first step. It’s important to be aware of all the benefits and risks of the platforms you’re assessing. Striking the right balance of security and collaboration can be difficult, and many times, MSPs aren’t aware of the major security flaws that they end up choosing for their clients.

Be sure you’re doing your due diligence in selecting a collaboration platform for your clients and that you know what to look for.


What other issues might you be missing?

BLOG-Dodging-Danger-bottom-CTA

Dee Zepf joined Continuum Managed IT Services as a founding member of the executive team in 2011, bringing over 20 years of software and product management experience. As Vice President of Partner Success, she provides a broad organizational focus on partner satisfaction, engagement, growth and retention. She is responsible for ensuring that Continuum partners get the absolute most out of the company’s platform.

RMM 101: Must-haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus