Shadow IT thus becomes a major problem when employees use it to work with confidential and / or sensitive information from clients or the company. Can you imagine a bank that shares large amounts of sensitive information via WeTransfer? The storage and distribution of this data by employees in different media means that the information is stored at rest without being encrypted by servers without control and external to the organization, with total ignorance of where they are hosted and what, in case cyberattack, theft of credentials or exfiltration of data, will be exposed to third parties, mainly assuming a problem of reputation and public image of the brand (Yahoo! economic sanctions to the organization.
It is essential that the IT teams of organizations have under control the software and tools that their employees use every day to avoid cybersecurity problems and loss of control of data. In this case, it is important:
- Analyze what needs the employees have
- How the tools at their disposal satisfy that need according to the IT and cybersecurity strategy.
In the case of tools for sending and receiving sensitive and / or large files, it is believed that with collaborative environments included in your business suite, such as Google Drive or Microsoft OneDrive, the need is satisfied. But this is not the case, these tools have been developed for internal productivity among employees and do not have specific security settings or advanced end-to-end encryption standards. They have not been developed as a channel with the outside of the organization and put the company’s information in constant danger.
On the one hand, it is important to consider security and on the other, the possibility of human error on the part of employees, the weakest link, who can share confidential folders in a hierarchical way with third parties outside the organization without wanting to do so.
For the cases of secure sending and receiving of corporate files, Tranxfer includes advanced security policies and an easy-to-use user and administrator interface. Along with the integration with SIEM, Tranxfer also offers traceability and audit reports that together with its configuration allows to carry out transfers in compliance with GDPR.