April 24, 2013

Data In Distress

I am constantly making a case to the SMB community for proper security around file sharing and collaboration. Choosing the best method and a trusted partner is just as important as making the decision to incorporate the technology in the first place.

Case in point, I recently read the following article by Michael Kassner of TechRepublic.com called "DropSmack: Using Dropbox to steal files and deliver malware" in which he explained how forensic scientist Jacob Williams from the CSR Group discovered a backdoor into corporate and personal networks using Dropbox! Williams was able to use the Dropbox service to access unsecured networks. What's scarier is that I have seen SMB entities that have actually used Dropbox as an inexpensive backup for files and critical data. Dropbox should NEVER be used in this manner because it isn't designed for data retention nor is it secure enough to keep your files from prying eyes.
The bottom line is you can't assume that any public cloud-based file share service is enough to keep your data (and access to your network) protected. Talk to a local trusted advisor and see what is available within your budget and comfort level for both file sharing and more importantly, for backups and disaster recovery/business continuity.

No comments: