Are you one of those “if it is free then it is for me” people? Does that attitude only apply to your consumer behavior or does it permeate into the workplace? It is certainly a feasible and cost-effective solution to allow your employees to use Dropbox, Box or other free file storage providers however, as an article on Help Net Security clearly stated:
“While there is no inherent flaw with free file storage services such as Dropbox, these services cannot be trusted to actually secure files. As such, any firm looking to make use of such solutions should first carefully consider the associated risk of storing sensitive data in an insecure environment and the detrimental effect that this could have on the organization in the long term. In addition, the terms of service of such solutions usually also specify that data integrity and availability are not guaranteed either.”
Remember that your employees outside of IT may not necessarily share your views or understand the reasons for the security measures set up inside your organization. Firewalls and user policies may be viewed simply as things that get in the way of users getting things done.
Another key point brought up in the article was around securing the perimeter vs layered security defenses. Data stored securely in your organization means that you have layers of protection via user and group-level policies that help minimize damage should you incur a data breach. With free solutions you may be getting what you pay for. At a minimum you need to understand the potential risks you are inviting.
Consider this final quote from the Help Net Security article:
“While a free file storage solution, on face value, may appear like a viable storage option for firms, it is not a solution for any organization that truly appreciates the value of its data.”