Collaboration tools such as Dropbox, Box and Microsoft OneDrive for Business have been a boon for business productivity. These easy-to-use cloud services provide intuitive file sharing to help untether workers from their office PCs and enable integration with productivity solutions such as Office 365 and SharePoint. With features like integrated version control, file discovery and digital signatures, these tools are more than a repository for shared information; they enable business processes and ensure that organizations always work from a single version of the truth.
But there’s a catch: Sharing documents and files over the internet creates a number of challenges, particularly in the area of data loss prevention (DLP). And for many organizations — especially larger ones — these data protection concerns become regulatory compliance worries. A medical office that relies on a cloud-based storage service to enable access to patient information must be sure it’s doing so in a way that complies with the Health Insurance Portability and Accountability Act (HIPAA), or it faces the risk of hefty fines.
Organizations can take a number of steps to preserve and improve DLP and regulatory compliance within the context of cloud collaboration services. One of the most important is to prioritize security during the first stages of a rollout, so that compliance and DLP are both addressed at the ground level. Among other things to consider:
- IT teams should implement and tune policy templates in Office 365, SharePoint and other applications to flag sensitive information in documents and prevent this data from being shared outside the organization. Organizations also can leverage available templates that address compliance regimes such as HIPAA, the Sarbanes-Oxley Act and the Payment Card Industry Data Security Standard.
- Organizations can minimize exposure by creating data retention plans that control the disposition of shared data and by training users to employ expiring links (like those in OneDrive for Business) so documents are only temporarily available.
- User engagement is essential. Robust communication and ongoing training ensure that users are fully versed in the collaboration environment and that they follow best practices for securely sharing data. IT teams should work with line-of-business leaders to create an intuitive user experience so users will be less inclined to try to work around the system.
- Organizations should integrate cloud storage services with productivity software and mobile device platforms to add value, boost engagement and further secure information flows.
- IT leaders must understand that shared documents will be accessed from personal devices, including smartphones and tablets, and implement mobility management solutions to ensure that client devices are properly configured and updated.
Cloud collaboration services are helping organizations transform the way data and documents are accessed and shared. Through careful planning and commitment, these tools can minimize the risk of data leaks and compliance shortfalls, while improving productivity.