It is crazy to think that just five years ago no one had heard of Dropbox. Now I struggle to think of anyone, either friend or colleague, that does not use the service - or one of its equivalents - for sharing files.
Many used to use these cloud storage services to access and synchronise documents, but with the proliferation of mobile devices and the innovations made by these companies, users are now sharing every type of file between laptops, tablets and even on their smartphones.
However, as with every new technology, there are the good and bad sides.
Sharing data through these cloud services makes life easier for those who work from home or those who have to travel with business, keeping them productive and with access to all their necessary data wherever they are in the world.
But for corporations big and small, security is an issue. As with any public cloud service, these files are stored in large multi-tenant datacentres, but unlike signed contracts with established cloud providers, there are no SLAs and little information as to what security is put in place.
This, of course, puts fear into the IT department. Files containing data confidential to the business could be flying around over the internet without the company’s knowledge, and if those are leaked, all hell could be unleashed on those with the responsibility of keeping data safe.
The traditional approach to this is just to ban the services. Implementing policies to stop employees using Dropbox, Box.net or Evernote - or even blocking the domains on work computers - may allow the security team to sleep easy, safe in the knowledge that they have done all they can to keep the data away from these services, but it no longer fits with the world in which we live.
First, users will break the policy if it means improved productivity for them and allows them to get their job done. Also, coming back to the proliferation of mobile devices, it won’t be hard for users to get round any policies put in place by using Dropbox on their iPad or smartphone.
It is bad enough when people are using these services and you know about it. If employees are doing it under the radar, you have even less control of your data, as it is the knowledge of where data is that gives the IT department the power to intervene.
The point is that IT security professionals can no longer “just say no” when it comes to such services. They have to find a way to embrace them as securely as possible, otherwise they risk being the ostrich with their head in the sand as all those around them continue to use the banned services, whatever the risk.
This does not mean IT teams should panic. Dropbox has created a business version that can provide a lot more comfort to security professionals, while allowing employees to work in a familiar format.
What might bring even more reassurance, however, is that a number of other companies, such as Box and Accellion - which come from a security background and have a lot more enterprise-level experience - are introducing their own versions, providing safe alternatives from trusted names, while also conferring the same levels of usability and productivity employees have become used to with their consumer services.
These offerings are likely to cost slightly more than the freebie consumer titles, but many still work with the pay-per-month-per-user cloud model of pricing and require little set up time or training.
Whether you choose an established security vendor or an internet cloud service, IT departments need to embrace this new way of working. Not only will it give you a more productive workforce, but it will take the risk away of ignoring this growing technology, which, whether you like it or not, will be used by your employees at work and at home.
Andy Jacques is general manager EMEA at Good Technology
• Have security fears stopped your company embracing file-sharing technology? Let us know your views by leaving a comment
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy