Translate

Monday, June 2, 2014

Do File Sharing Sites Provide Enough Security?


Whether you are a consumer or a business you must carefully consider what you are willing to put out in the public arena. Even if you believe your data is encrypted or protected by the provider, once it leaves your control, you have to accept the fact that you are relying on someone else to deliver the same level of care to your documents. On May 6th this year, ARS Technica published the following article, “Dropbox disables old shared links after tax returns end up on Google, Vulnerability that may also affect Box sent shared documents to Google AdWords.”

 For most consumers, these file sharing sites are an easy way to share pictures with friends and families, but, more and more users are using these sites to store personal data. In fact, file sharing sites are expected to host more than 36% of personal data by 2016. While Dropbox did resolve the aforementioned issue, the question is not whether it is good enough, but rather when will the next vulnerability occur?

 As more and more businesses move to increase collaborative efforts between their employees and trading partners and utilize public File Sharing Sites, the Security Team has to be concerned with what data is leaving the firewall. Even with encryption at rest and encryption during transit, vulnerabilities will always be identified. Sometimes they are even trivialized until it becomes wide spread. Box.com, one of the larger file sharing sites for businesses posted the following on their Box.Com blog“Once someone has access to the user's auth-token they are able use that for browser login. This is a known issue and was a product decision to leave in for Box Sync.”

Is it fair to ask a company to protect data the same way for all customers? Does a large Enterprise require more security than a Small Enterprise and does a consumer need the same level of security? More security means more complexity and greater overhead for systems and bandwidth transfers. In reality each person and business needs to decide what data is relevant for file sharing services versus on premise solutions. If you are not comfortable with the data being exposed then you must look long and hard with keeping your sensitive data on someone else’s “secure” environment.
Posted by at
Labels: , , ,

5 comments:

  1. UnknownApril 21, 2016 at 8:30 AM

    Virtual data room security is enforced by sophisticated encryption software, multiple firewalls, powerful virus detectors and geographically dispersed secure servers, accompanied by our zero-downtime network guarantee.
    vdr secure file sharing

    ReplyDelete
  2. UnknownJuly 13, 2016 at 6:30 AM

    Very nice article, it's seems that a lot of people is already using data rooms, and it's awesome, because future of cyber security is coming.
    security online

    ReplyDelete
  3. AmbraresAugust 27, 2018 at 6:34 AM

    The Security Team has to be concerned with what data is leaving the firewall. Even with encryption at rest and encryption during transit, vulnerabilities will always be identified. Sometimes they are even trivialized until it becomes wide spread.
    virtual employee

    ReplyDelete
  4. AmbraresAugust 27, 2018 at 6:36 AM

    You are willing to put out in the public arena. Even if you believe your data is encrypted or protected by the provider, once it leaves your control, you have to accept the fact that you are relying on someone else to deliver the same level of care to your documents.
    outsourced equity research

    ReplyDelete
  5. AmbraresAugust 27, 2018 at 6:38 AM

    In reality each person and business needs to decide what data is relevant for file sharing services versus on premise solutions.
    outsourced portfolio manager

    ReplyDelete

Subscribe to: Post Comments (Atom)