Four Common Data Sharing Methods that Provide a False Sense of Security
Security gets a lot of attention in business today, but there are still some common practices that provide people with a false sense of safety when sharing sensitive data and files with others. Review these practices and make sure that everyone in your organization knows that these practices are dangerous and should not be used.
1. Password protecting zip files
Password protecting a zip file offers very little protection to the data contained inside. Scores of free and low cost tools exist that make quick work of cracking passwords on zip files. This is akin to putting a lock on a screen door. It’s better than no protection, but just barely.
2. Sending two separate email messages
On a regular basis someone will send me an email that contains something sensitive, like a username, accompanied by a note that the person will send me a second email that will contain the password. This is virtually no safer than sending the username and password together in the same email. If someone has gained access to my inbox or to my web-based email account, then they’ve got access to all of my email messages, including the first and second email. Even a hacker with a single digit IQ will be able to find both messages to put together the puzzle needed to gain access to the secure system.
3. Uploading files to a standard FTP server
Standard FTP servers are great for sharing large amounts of non-sensitive data with others, but standard FTP does not provide protection for sensitive data like that common in banking, financial services, insurance, medical and legal fields. Usernames and passwords are transmitted in plain text so they’re easily stolen, especially on wireless or public networks.
4. Sending CDs or DVDs by mail or parcel carrier
Sending data by mail or parcel carrier is actually highest on my list of most dangerous methods to share sensitive data with other people. The potential for the package containing the data to get lost in route is high. The ability to track who has accessed the data or has potentially had access to the data is low. Besides a name on the outside of the package, there is little else to help limit who receives the data. If this is your only option, at a minimum the data should be encrypted using a strong encryption method, such as PGP, that allows you to encrypt the data to a specific person’s key.
Secure File Exchange™ - A Safer Method to Share Files
We’re in the business of building useful software and selling it. Since our blog is a business tool, I’d be doing a disservice to you and my company if I didn’t use this opportunity to introduce you to Secure File Exchange, a web service that we created to overcome the issues above. Like it’s name implies, Secure File Exchange lets you send and receive messages and attached files safely.
Key Secure File Exchange highlights include:
- Your data is encrypted using SSL and military grade encryption
- Secure File Exchange sends you an email when your recipients open their file
- Requires no special software to install. All you need is a web browser like Internet Explorer or Firefox.
- Bypasses firewall and email attachment restrictions that often prevent sending or receiving files
- No third-party storage providers, all data is stored in InetSolution’s banking grade data center
- Free 30 day trial and extremely low cost monthly subscriptions
- Dedicated telephone and email support