Online file sharing technologies are pervasive, as mobility and collaboration continue to increase. This means unprecedented exodus of organization's data through consumer file sharing services. But hackers have also begun to use services such as Dropbox and Box to exfiltrate sensitive data, or even as command and control mechanisms for malware.
How and why these threats are effective against most defenses;
How to identify threats in your own organization;
How proactive enterprises are taking action to mitigate their risks.
File synchronization and sharing is a hot technology category - Forrester has even called it "the hottest since social networking". According to Forrester, usage has quintupled from 2010 to 2012 and over 25% of IT workers now use an FSS technology to do their jobs, whether provided by their employers or not. Some of the risks from these services are obvious: they serve as a firehose to get data from IT-managed devices and infrastructure to unmanaged mobile devices, home computers and third parties. But other critical risks are not immediately apparent.
The first type of risk is exemplified by a breach at an aerospace firm that received a call from the file-sharing service's sales team asking if it wanted to upgrade its accounts to Box's enterprise service. The problem was they had never signed up for Box: hackers created accounts for the company on the cloud service. From there, the attackers uploaded and downloaded data. The second type is illustrated by a clever piece of malware called DropSmack - using Dropbox, an attacker can sync files from home PCs onto computers on protected networks, and can even use that sync functionality to have Dropbox serve as the command and control for the malware itself.
There are several techniques that organizations can leverage to identify and counter these threats, which rely on enterprise networks not blocking cloud file sharing services that can be used in these sort of attacks. However, blocking these services only solves part of the problem, as employees often continue to use shadow IT until a corporate-sanctioned FSS tool can address their needs. In addition, given the propensity of users to move files elsewhere en masse, data-centric security plays a key role in mitigating the risk from these threats.
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Kalember has worked on protecting information since his undergrad days at Stanford, and is responsible for WatchDox's product and marketing groups. He focuses on making sure as many organizations as possible can use WatchDox to access, control, and collaborate with their information on any device.
Prior to WatchDox, Ryan ran solutions across HP's portfolio of security products, was director of products at ArcSight, and held a variety of positions at VeriSign, including EMEA regional manager and senior product manager. Ryan was a founding member of Guardent's consulting practice, helping build many of the world's leading security organizations.