Dropbox exposes companies to risks of data theft, data loss, corrupted data, lawsuits, compliance violations, loss of accountability, and loss of file access. Considering all these risks, it’s no wonder that Dropbox is the No. 1 blacklisted application by IT and business owners.[1] However, simply blacklisting applications that employees consider vital to their productivity is rarely effective or constructive.
Here are four practical steps to prevent Dropbox use in the workplace:
- Create a formal policy against applications like Dropbox
Communicating that Dropbox is not acceptable on work devices is the first step in protecting your data. This communication needs to take multiple forms, especially written, so that employees have no excuse for continuing to use Dropbox. Creating a formal, written policy, with specific consequences, communicates that “Dropbox is strictly prohibited.” Remember, if it’s not written, it doesn’t exist.
- Communicate this policy from the top level of the company
Lead by example. Schedule internal meetings with managers and subordinates to make sure that they understand why Dropbox is prohibited. By arming senior employees with the education and resources that they need to quell the problem, you will avoid embarrassing conversations and nip problems in the bud. More importantly, by taking a top-down approach, you ensure that the individuals with the most access to sensitive data are aware of the problem first.
- Block applications with the company firewall
Most companies use a corporate firewall to protect their employees and data. Today, company firewalls can also be set to detect and prohibit certain types of applications and websites. While this functionality was typically reserved for leisure applications, the focus has now shifted to applications that can be used to transfer data. Fiberlink, a company that specializes in mobile device management, conducted a survey of 4,500 corporate- and employee-owned devices and found that the top blacklisted iOS and Android apps included Dropbox, SugarSync, Box, Facebook, and Google Drive, in that order. System administrators should consider blocking these applications to protect sensitive data.
- Replace Dropbox with a business-grade file sync application
The best way for businesses to handle the “Dropbox problem” is to deploy a company-approved application that will allow IT to control the data, yet grants employees the access and functionality they feel they need to be productive. A business-grade file sync service – besides replacing Dropbox – will include features that make the business more secure and employees more productive. For example, unlike Dropbox, a business-class file sync service can cloud-enable the file server so that employees can sync files and folders between the company’s file server and their mobile devices and computers, without the need for cumbersome technologies, such as VPN and FTP.
Any piece of software that your employees use should not jeopardize your organization’s security and credibility. Communicate openly and formally with your employees, take the steps necessary to protect your business, and provide an alternative that empowers all parties involved.
Pearl Solutions Group can design and implement a solution for secure file sync that is compatible with the rest of your environment.