Shadow IT is becoming a serious risk for businesses and a pervasive problem for IT leaders resulting in not only huge cost endurances for the company but also in serious threats of security, data leakage and (most importantly) compliance risks. The shadow IT in enterprises has significantly increased over last few years because of proliferation of freely available cloud services (like Dropbox) and mobile applications.
If you ever discover Shadow-IT in your organization, the best way to handle it is not by giving a knee-jerk reaction and banning it outright, but understanding the end-user needs and provide them an alternative. The alternative should be as “cool” as what they are using currently, but at the same time should give you enough control and visibility over corporate documents to meet your compliance and governance objectives.
So, before you decide on an alternative solution best suited for you as well as your end-users, understand the roots of Shadow-IT – what, how and why end-users are using a particular unsanctioned file sharing solution. The reasons may vary between the companies but these are the popular ones:
- Email attachment size limits
Most enterprises limit the size of attachment on corporate emails. So, if somebody has to share a large file (it is quite normal these days to have office documents in tens of MBs), or a number of files, exceeding this limit, she ends up sending those files to a consumer cloud or her personal email as a quick and easy way - without bothering about the security, compliance and data loss risks.
- FTP is too complex
The traditional file sharing solutions like FTP/SFTP are complex to use and manage – for both IT and end-users - and more importantly, they have old generation interfaces. In absence of a better alternative to FTP, end-users resort to consumer file sharing solutions.
- Use of personal devices
- Anytime/anywhere access to work files
Workforce mobility and home office culture have increased over the last few years. Employees are resorting to consumer file sharing apps so that they can work from their own devices without having to connect to office network through Virtual Private Network (VPN). They keep the files that they may need while on the move on personal clouds for easy access.
So, if you embrace these end-user requirements and choose the right enterprise file sync & share (EFSS) solution that meets your compliance and governance objectives, you will be successful at reducing the risks from consumer file sharing solutions and make your employees more productive. A secure enterprise file sharing solution should have a seamless, user-friendly interface along with robust encryption capabilities, granular access rights control, mobile content management, enterprise digital rights management (EDRM aka IRM) capabilities and flexible deployment options that you can fine-tune to your unique requirements that may include FTP Replacement, Virtual Data Room, VPN-free anywhere access to file servers/NAS, Outlook/Lotus Notes attachment replacement and Endpoint Data Protection (endpoint backup, endpoint encryption and remote wiping).
You can learn how Vaultize helps you mitigate Shadow-IT risks. Enterprises are using Vaultize Enterprise File Security platform to have full control and visibility on corporate files for compliance and data governance, but at the same time fulfilling the employees’ requirements like anywhere/anytime access, large size attachments (through Microsoft Outlook Plug-in and IBM Lotus Notes Plug-in), BYOD, sync & share and mobile collaboration