How to Solve Shadow-IT for File Sharing Without Compromising Compliance and Governance Objectives

Posted by Anand Kekre on November 3 2015

Shadow IT is becoming a serious risk for businesses and a pervasive problem for IT leaders resulting in not only huge cost endurances for the company but also in serious threats of security, data leakage and (most importantly) compliance risks. The shadow IT in enterprises has significantly increased over last few years because of proliferation of freely available cloud services (like Dropbox) and mobile applications.

shadow it mitigation

If you ever discover Shadow-IT in your organization, the best way to handle it is not by giving a knee-jerk reaction and banning it outright, but understanding the end-user needs and provide them an alternative. The alternative should be as “cool” as what they are using currently, but at the same time should give you enough control and visibility over corporate documents to meet your compliance and governance objectives.

So, before you decide on an alternative solution best suited for you as well as your end-users, understand the roots of Shadow-IT – what, how and why end-users are using a particular unsanctioned file sharing solution. The reasons may vary between the companies but these are the popular ones:

  • Email attachment size limits

Most enterprises limit the size of attachment on corporate emails. So, if somebody has to share a large file (it is quite normal these days to have office documents in tens of MBs), or a number of files, exceeding this limit, she ends up sending those files to a consumer cloud or her personal email as a quick and easy way - without bothering about the security, compliance and data loss risks.

  • FTP is too complex

The traditional file sharing solutions like FTP/SFTP are complex to use and manage – for both IT and end-users - and more importantly, they have old generation interfaces. In absence of a better alternative to FTP, end-users resort to consumer file sharing solutions.

  • Use of personal devices
Most enterprise users carry smartphones and tablets that come with consumer cloud storage and file sharing solution (like Box and Dropbox) installed by default. With the increased demand from end-users, many enterprises have embraced Bring-Your-Own-Device (BYOD) policy allowing their employees to use personal devices for official work by implementing an Enterprise Mobility Management (EMM) solution. But relying only on an EMM solutions for BYOD – without a secure file sharing and Mobile Content Management (MCM) solution – has resulted in people using their own personal cloud for sharing work-related files.
  • Anytime/anywhere access to work files

Workforce mobility and home office culture have increased over the last few years. Employees are resorting to consumer file sharing apps so that they can work from their own devices without having to connect to office network through Virtual Private Network (VPN). They keep the files that they may need while on the move on personal clouds for easy access.

So, if you embrace these end-user requirements and choose the right enterprise file sync & share (EFSS) solution that meets your compliance and governance objectives, you will be successful at reducing the risks from consumer file sharing solutions and make your employees more productive. A secure enterprise file sharing solution should have a seamless, user-friendly interface along with robust encryption capabilities, granular access rights control, mobile content management, enterprise digital rights management (EDRM aka IRM) capabilities and flexible deployment options that you can fine-tune to your unique requirements that may include FTP Replacement, Virtual Data Room, VPN-free anywhere access to file servers/NAS, Outlook/Lotus Notes attachment replacement and Endpoint Data Protection (endpoint backup, endpoint encryption and remote wiping).

You can learn how Vaultize helps you mitigate Shadow-IT risks. Enterprises are using Vaultize Enterprise File Security platform to have full control and visibility on corporate files for compliance and data governance, but at the same time fulfilling the employees’ requirements like anywhere/anytime access, large size attachments (through Microsoft Outlook Plug-in and IBM Lotus Notes Plug-in), BYOD, sync & share and mobile collaboration

Whitepaper 5 Ways Enterprise DRM Helps The BFSI Sector Avoid Costly Data Leaks - Download Here

Topics: Mobile Content Management (MCM), Compliance, File Sharing, BYOD, Enterprise File Sync & Share, FTP Replacement, Dropbox Alternative, endpoint data protection, Secure FIle Sharing, enterprise digital rights management, Shadow-IT, VPN-free access, Outlook Plugin, IBM lotus notes, data governance, data leakage

Subscribe To The Blog