The Dangers of File Sharing
File sharing applications such as DropBox, Google Docs, Smartsheet, and OneDrive are being used more frequently in today’s working world. These file sharing applications are designed to make it easier for you and colleagues to edit presentations and documents with teammates without emailing back and forth. With these applications, you can edit a file in a shared folder and everyone gets the update automatically.
Although these applications are very convenient, they can also create additional risks for your network. In some cases, these file sharing applications can be used to distribute malware and other forms of attacks from hackers. As a rule, you should treat every file sharing program with the same suspicion and caution that you do to treat emails.
Here are a few tips to keep in mind when using these file sharing programs:
- Make sure that your company use policy permits use of such applications.
- Only share files with parties you trust to avoid mistakenly downloading a virus, malware or helping a data security breach.
- Before opening a shared file, ensure that you know what the file is and why it is being sent to you.
- Verify that email addresses before sharing documents. It is important to pay attention to the email addresses in the ‘Reply-To’ and ‘From’ fields. If you notice that an email address looks fake or you don’t recognize it, then most likely it is a form of malware.
- Avoid sharing regulated or sensitive data altogether. For less sensitive information make sure that the permissions are restricted only to those who need them.
- Frequently file sharing sites such as Google Docs are used for phishing attacks. If you receive a request via email, make sure that the link leads to a legitimate site. In a phishing attack users are presented with a site that looks like the original in an attempt to collect user credentials.
- If a file sharing initiation seems out of the norm, double check with the person sending the invite or verify with your IT team before opening.
These are just a few things to consider among many more. It is very important that whenever you are sharing documents, emails, or having any interactions with others via technology platforms that you always be aware of who you are interacting with and what you are sending.
The Logically Security team promotes user education and awareness training as the top security control for any organization. If you feel like your organization is not where it needs to be in order to protect sensitive information, contact our security experts today for education and training on how to establish a secure culture.