Communicating the Data Security Risks of File Sharing & Cloud Storage

Categories: SRT News

Michael Ryan brings over 20 years of software development and business experience to his role as CEO at South River Technologies(SRT). In 1992, he was a member of the initial start-up team of Maryland-based OTG Software (OTG was acquired by Legato and subsequently EMC). In 1996, he started KnoWare, Inc., where he developed Internet drive-mapping technology. In 1999, Mr. Ryan joined California-based online storage startup Xdrive as VP of Client Architecture. In 2001 he joined John Glavin to merge KnoWare with Riverfront Software to form South River Technologies.

Companies can effectively communicate the data security risks of file sharing and cloud storage to employees by focusing on…

One area that many businesses need to communicate more effectively to employees is the importance of strong passwords and unique passwords for different services and technologies, including cloud storage and file-sharing applications. By way of example, last year there was a Dropbox breach – this was not due to Dropbox being hacked, but another service being compromised and those usernames and passwords, which were being re-used by consumers across different services, were then used to access Dropbox accounts. Passwords should be long: ideally 12 characters or longer, containing upper and lower case letters, numbers, and special characters. Companies should implement systems that require long passwords. Employees need to understand that there are significant risks from passwords being exposed. It is a possible weak link where employee vigilance makes a huge difference.

Here are my general guidelines:

1. Encourage employees to use secure passwords – and explain what this means to them.

2. Use unique passwords for each application or service.

3. Stop the sharing of passwords – each user should have their own log in details.

4. Have and communicate security policies, including no writing of passwords on sticky notes.

5. Consider two-factor authentication or IP address checks for business-sensitive applications.

To read the full article, click here.

Related Blog Posts


No registration required