Your organization may already have protocols and procedures for secure file-sharing and storage (and if not, you should). However, now that so many employees are working remotely due to COVID-19, it’s time to revisit these protocols and adjust them as necessary. Here are some key best practices for secure file-sharing in a remote work world.
1- Don’t Use Email to Share Files
Emailing files back and forth is both insecure and inefficient. Cybercriminals can intercept unencrypted emails in transit. Without a centralized place to store files, employees can misplace them, and updated versions of files can get mixed up with drafts and old versions. Instead, implement a cloud-based, business-grade file sharing system.
2- Don’t Use Consumer-Grade File-Sharing Solutions
Consumer-grade file storage and sharing services are designed for personal use, not businesses. They lack the security and compliance controls that organizations need, including identity and access management (IAM), role-based access control (RBAC), shared team folders, e-discovery tools, and file encryption. Many consumer-grade services store files as plain, unencrypted text; if a cybercriminal breaches the file sharing service, they can access any customer files stored there.
3- Create Shared Team Folders for Access Control
Shared team folders make it easier for IT administrators to define both folder and file access permissions based on department and job role. They also make it easier for employees to quickly access critical paperwork when they need it.
4- Develop Standard Folder Permissions & Keep Them Simple
Develop a standard group of permissions to be applied to shared team folders, and keep them as simple as possible. While it may be possible to create dozens of different user roles, a simpler permissions structure will be just as secure, and it will be a lot easier to manage, which makes it less likely that user access will be misconfigured. Custom access roles should be the exception, not the norm.
5- Train Your Employees
The proper procedures for secure file sharing should be part of your organizations’ employee cybersecurity training. Make sure your employees understand the different data types they’ll be handling as part of their everyday work, the risks associated with mishandling it, and what can and cannot be shared with both co-workers and external parties. Once you’ve invested in a secure file-sharing platform, you need to ensure that your employees are trained on how to use it — and ensure that they actually are using it.
Keeper Secure File Storage: The Secure Way to Store & Share Files
Keeper Secure File Storage, which is an add-on to the Keeper password management and security platform, enables efficient, secure, vault-to-vault sharing of stored files with other Keeper users. Just like passwords stored in Keeper, users can set sharing permissions for digital files (read-only, can edit, can share, or can edit and share).
Keeper uses PBKDF2 to derive authentication keys based on the user’s Master Password, then generates individual record-level AES-256 encryption keys locally on the device to encrypt each stored file. Keeper’s cloud only holds the encrypted ciphertext of each file. Sharing between users is performed using PKI to ensure that only the recipient of a shared file can decrypt it. Keeper’s zero-knowledge encryption methods ensure that only the user can access and decrypt their stored files.
For more information, check out our Secure File Storage user guide. Not a Keeper customer yet? Sign up for a free 14-day trial now! Want to find out more about how Keeper can help your business prevent password-related cyberattacks? Reach out to our team today.