The essentials of secure collaboration

Paula Skokowski

Today’s communication and collaboration tools deliver a wide array of capabilities, but inherent in most is the ability to share files. In fact, the real value of collaboration almost always involves file sharing, as this is where users often have the greatest need and this is where the information of most value is stored. 

While file sharing enriches collaboration, it also creates risk for government organizations since it significantly increases the potential for loss of confidential data. If a data breach does occur, the consequences for a government organization can range from creating a national security embarrassment, such as WikiLeaks, to compromising individual citizens’ privacy when personal information data breaches create opportunities for identity theft and fraud. 

The opportunities for data breaches from unsecure file sharing exist at all levels of government, from municipal to federal agencies. While government organizations are subject to the same federal, state and local regulations as corporations, the expectations for protection of data are higher. If a citizen can't trust the government to keep confidential information protected, who can they trust? 

With the increasing use of collaboration tools for information sharing both within the organization and remotely, it is essential for government organizations to implement best practices and safeguards to ensure enterprise data security and compliance. 

So how can organizations realize the many benefits of collaboration while mitigating data security and compliance risks? 

Start with encrypted file transfer and file storage -- Encryption is an essential best practice for ensuring data security. Files should be protected wherever they are -- in transit or stored on a server. Collaboration solutions must apply encryption that is rigorous enough to survive brute force attacks and other attacks commonly used by hackers. 

Authentication -- Verifying the identity of users before granting them access to content is critical. To enforce authentication consistently, the collaboration solution should integrate with existing enterprise authentication systems, such LDAP. 

Compliance and auditing -- Another way to mitigate risk is to create comprehensive file tracking and auditing features that enable IT and security teams to demonstrate compliance with regulations to monitor user behavior and to quickly spot anomalies that could signify a potential breach.

Ease of use -- Keep collaboration tools easy-to-use and consistent with how employees usually communicate. Data security should follow the natural flow of collaborative conversations, which typically span cross-boundary communication. Collaboration offerings should streamline workflow, allow users to review, comment, update, send messages, upload and download files, and subscribe for notifications of changes to the workspace. This means enabling communication with all authorized users, both internal and beyond the firewall. Users also want easy access to information anytime, anywhere, with the ability to view, comment on and share files on a laptop, smartphone or web-enabled device, including mobile access on iPhone, iPad, Android and BlackBerry. 

Large file support -- Another key to ensuring that employees don’t use unsecure file sharing practices to get their work done is to offer support for all file sizes and formats beyond traditional limits of email, including files that are100 GB or more in size. File sizes are increasing dramatically, thanks to the growing popularity of high-resolution graphics, video content and other specialized content, yet organizations typically are lagging in providing employees the ability to easily share these large files securely. By accommodating files of all sizes, a collaboration solution removes the temptation for users to seek an unsecure alternative for sharing very large files.

Simply put, an enterprise collaboration solution should enable users to share files of any size securely with the people with whom they’re collaborating, regardless of whether those people are local or remote, and all collaboration activity should be monitored and controlled for compliance with organizational policies and industry regulations. These capabilities are the security essentials for an effective file sharing collaboration solution for today's government organizations.