End users have become accustomed to sharing files using social networks and file sharing platforms like Drop Box and others. Many of these are free or inexpensive enough that end users will use these to make their jobs easier, or even view their use as making themselves more productive when sharing data with other employees or third parties that do business with your organization.
Unfortunately, this use leads to uncontrolled silos of electronic documents outside of the organization. Sometimes these documents contain sensitive data that should be managed under compliance efforts. The security and access to these documents is often made open to facilitate “easy” transfers of information to others by end users that are simply unaware of the compliance efforts in place used to control access in the company operated networks.
Since the social networks and other file sharing services are not under the control of the organization, their use should be restricted for company data or at least for data that needs to be secured. It would be in the interest of the company and the employee to have explicit policies in place and communicated to end users.
