Figuring out how to protect your own personal files online can already be a challenge. But when you have to protect business information that can be accessed by multiple users, the difficulty can increase by orders of magnitude. How will you protect information from unauthorized access, yet make it available to users who may be using their own mobile computing terminals? Can you make data only viewable, but not downloadable? And what happens if employees lose mobile devices that were used to access confidential information – or leave the organization with those mobile devices because they owned them in the first place?
Balancing Online Benefits and Challenges
The potential benefits of online file storage are attractive to many organizations. Making files and data available to employees when they are working on a project site or customer premises means increases in productivity, efficiency and ultimately profitability. By using an online service provider, organizations can often also higher levels of reliability and accessibility. And financially, it’s far more palatable for many companies to pay from one month to another for only what they really need, rather than go to the expense of buying and running their own additional servers and storage. The challenge is maintain data confidentiality in the face of possible data snooping, unauthorized retransmission or theft.
For data physically stored in a mobile device, a remote wipe function now present in many smartphones and tablets allows a user or an IT employee to erase data at a distance. This ‘mobile kill switch’ can be used if the device is lost or stolen, and can prevent both company and personal data from falling into the wrong hands. Variations of this functionality include:
- A full wipe of information that resets a device completely
- A selective wipe that removes only company information
- A local wipe that deletes the device’s data if a certain number of failed login attempts is reached and/or if the device moves out of a particular physical perimeter
Remote wipe technology also exists as an add-on for laptop and desktop computers.
Turning the Problem Around
It may be smarter however to avoid data from being physically downloaded from online file stores in the first place. Then users won’t be able to transfer the information as email attachments and thieves won’t be able to acquire the files either.
- Some online file storage software lets you limit user access to files to simply displaying them on screen, without ever storing them in the device’s memory.
- A virtual desktop solution runs just a small or ‘thin’ client application in an end-user device to access a central server. All the files are stored on the central server and so are the applications used to work with them. The user simply has a window onto what is happening, but nothing is stored locally.
Good Behavior as Well as Good Technology
Technology can do a lot to help enforce data protection and confidentiality. But an important part of proper use of online file storage is awareness by users of its limits. Having a clear definition of levels of confidentiality (public, internal, confidential and secret, for instance) lets you specify which types of information can be reasonably stored online and which ones must not. By fostering the right attitude, you can achieve an even more effective combination of the right user behavior, virtual desktops or limited downloads, and device wipes if necessary.