Rarely a day goes by without news of a data breach involving corporate documents.
Sometimes, these breaches are unintentional and can simply be chalked up to bad luck. Other times, however, the data breach comes from an intentional, illegal act. If the company experiencing the breach is in a regulated industry like banking, financial services and insurance (BFSI), or healthcare, the financial penalties associated with the breach can be severe.
But the negative financial impact is not just limited to organizations in regulated industries. According to the Ponemon Institute, when adding in factors like damaged company reputation, customer churn, and increased customer acquisition costs, the average cost of a data breach has increased to $158 per record. If an organization has thousands of records to manage, the financial risk of a breach can be millions of dollars.
The good news is that data breaches, both intentional and unintentional, can be prevented. If you’re looking for real-world examples on how to protect corporate data while enabling programs employees have to come to expect, like BYOD and mobility, look no further that ShareFile customers.
Lockton is the world’s largest privately owned independent insurance brokerage firm. Lockton’s dedicated team of 5,600 associates works with their 48,000 clients, providing unparalleled access to experts around the globe.
Lockton had a file sharing system in place, but it didn’t meet their requirements for ease of use or security. Additionally, they needed a solution that would allow their associates to access their data on the device of their choice while still meeting those security requirements.
“Our IT Managers from across the US worked together to determine the requirements from the solution we wanted to put in place,” said Jamie Lucker, Technology Advocate at Lockton. “ShareFile was the solution that met all of those requirements.”
Lockton was particularly impressed with the level of oversight that ShareFile provided. With it, they are able to get insight into file access, sync, and sharing activity down to the user level. ShareFile is even able to provide the date, type, place, and network address of each user event.
With tools like the Outlook plugin, sharing files is a snap. Just because a file was shared once, though, doesn’t mean they want it accessed forever. Lockton regularly uses the link expiration feature to ensure that files can’t be accessed in perpetuity.
“Being able to expire a link after a certain amount of time, validate who has access to files, get notified when someone downloads a file, and track to see if a file had been opened is why ShareFile provides much more flexibility than our previous solution,” said Lucker.
Children’s Hospital of Philadelphia
Founded in 1855, the Children’s Hospital of Philadelphia (CHOP) is the nation’s first hospital devoted exclusively to the care of children. With 18,000 employees in 60 locations, CHOP needed a simple, secure way for its healthcare providers and administrators to share patient records, images, business information, and other data. CHOP wanted their employees to stay away from personal file sharing services like Dropbox and Box, both of which present the potential for security breaches and data leakage.
CHOP already had a close relationship with Citrix and relied on Citrix XenDesktop and XenApp for virtual app and desktop delivery, as well as Citrix NetScaler to optimize application delivery, performance and security. When they learned that the Citrix ShareFile enterprise file sync and sharing solution had been certified under the Sword & Shield HIPAA Compliance Program (HCP), the hospital’s decision became a simple one.
CHOP now makes ShareFile available through its enterprise app store as a service enabling users to share and store all types of data, from clinical files, such as patient data images, to the Microsoft Excel spreadsheets used by business personnel. With security and compliance top of mind, CHOP also chose to store their ShareFile data completely on-premises, an option not available through other vendors in the industry.
The value of the solution’s security and ability to share files quickly and easily was made clear during a visit by Pope Francis to Philadelphia. “Our executive leadership used ShareFile during the Pope’s visit to closely collaborate, making sure everyone had the latest updates on what was happening in the city. It was very successful,” said Sean Kilmer, Manager, Platform Engineering.
According to a study from Osterman Research, 70% of organizations have employees using unauthorized file-sharing services like Dropbox or Box. These organizations are at high risk of a data breach through the loss of corporate documents. To determine your level of risk, ask yourself the following questions:
- If my employees are using an unauthorized file sharing service, corporate data is living on their personal device. How do I ensure they don’t take it with them when they leave the company? How do I protect my data is they lose their device?
- How are we sharing large files internally, with vendors, and with partners? Are unencrypted FTP sites, USB sticks that can get lost or stolen, or paper documents secure enough for my business?
- Are my employees e-mailing sensitive documents that are only intended for the recipient? If so, how do I make sure the recipient doesn’t forward it to someone that isn’t supposed to see it?
Read the ShareFile Security Whitepaper to learn how we are helping organizations develop a strategy to combat all of these security risks.
Be sure to check out our other ShareFile security blog posts on National Cyber Security Awareness Month and how ShareFile Addresses Data Security Using the Data Breach Triangle.