One of the largest potential security holes facing most companies today is employee use of Cloud-based storage services. If your employees are using services like Dropbox and Box even for temporary, intermediate storage of potential trade secrets and other valuable corporate data, they are opening a chasm through which bad actors can retrieve your vital data.
One of the problems with trying to get a handle on this kind of potential security problems is that there are so many Cloud-based services, with more coming online all the time, that it’s all but impossible to institute an IT policy banning access to all of them. They may use different protocols and gateways that make a blanket ban impractical.
This means you should institute a collection of related techniques across the Internet, in-house servers, and database access mechanisms to lock down such access. Providing employees with ready, secure access to your own databases and storage locations may significantly reduce the perceived need to use third-party storage sites for corporate work.
Another potential security hole related to Cloud-based storage involves employee tracking services. Studies suggest that less than 7% of corporations block such services, which makes it trivial for bad actors to find out where your employees are storing potentially lucrative information. Instituting a policy of tight restriction of tracking services will go a long way toward preventing theft from the Cloud.
As in so many areas, it’s essential that your IT department stay on top of new developments in these areas. It may also be appropriate for you to incorporate language in employment agreements and related documents making your policy on off-site storage of corporate data clear.