enterprise file sync and share (EFSS) computer worm
Tip

10 common file-sharing security risks and how to prevent them

IT administrators must understand the top file-sharing security risks and how to ensure they don't create vulnerabilities for the broader organization.

File sharing is one of the most common activities of daily life online, but if users aren't careful, they can expose themselves and their organizations to a wide range of security risks.

Whether a single image or a complex computer program, file sharing underpins our professional, consumer and personal lives on the internet. This pervasiveness creates several potential attack vectors for anyone with malicious intent. The best defense starts with an awareness of the possible threats.

The importance of file-sharing security

The availability of different options to share and secure content shows that the market and vendors recognize file sharing's importance to modern productivity. Additionally, even when file sharing is completely blocked, people find a way to share files that creates more problems.

While organizations need to determine their required level of security, they should implement security that is easy to apply and does not interfere with people doing their jobs. Security options must be smart, effective and simple.

10 file-sharing security risks

Explore the 10 most common file-sharing security risks and key considerations users and IT administrators should keep in mind to mitigate danger.

1. Malware

File sharing can enable bad actors to install or bundle viruses, worms, spyware, Trojan horses or other malicious code into files. Peer-to-peer (P2P) networks are more likely to host this harmful content, as users struggle more to verify the trustworthiness of a source. Still, the risk can penetrate organizations. If an employee opens a file containing malware on an enterprise network, it can expose the broader network to attack.

Teams should understand how to recognize malware and raise awareness of related social engineering threats, such as phishing or offers for free software, so they can mitigate these threats. With the rapidly changing nature of attacks, the risks of malware are always evolving, so all devices and networks should have the latest security updates.

The 10 types of malware
Unsecured file sharing can open a computer or network to several types of malicious code.

2. Sensitive and prohibited content

Whether intentionally or not, sensitive data exposed through file sharing can have dangerous consequences, which can go unnoticed long after the breach. Sensitive and proprietary information within an organization, such as competitive product plans or financial data, can easily become vulnerable.

To mitigate this threat, everyone must exercise great vigilance and discretion in what they share. Organizations should train all employees to distinguish and safeguard sensitive information and implement policies for sharing with external parties. IT teams can also implement strict access privileges on the back end that limit read/write access, so users can't share a file or folder if it's accidentally shared with them.

3. Personal data and information

An individual's personally identifiable information (PII) comes in many forms, such as biometric data, geolocation and behavioral data. If the wrong parties access it, it can have terrible consequences, including identity theft and financial or reputational harm. In personal and sensitive data cases, it's often very difficult to know how far it's spread once unauthorized parties have gained access.

To follow general data privacy best practices, teams must protect personal data while file sharing.

To follow general data privacy best practices, teams must protect personal data while file sharing. Along with practicing vigilance, strong passwords and authentication, IT teams should make sure their file-sharing services encrypt data and protect encryption keys. Additionally, IT teams should also set defaults to restrict access and require reauthentication. When designing UX, teams shouldn't be afraid to temper ease of use with security friction to force users to consider the risks.

4. Approvals, controls and access

Sharing is inherently a two-way or multiway street, and several file-sharing security risks arise around who or what is involved. For example, do employees rely on enterprise-grade or unapproved, consumer-grade file-sharing tools? Shadow IT, in which employees use tools unbeknownst to the IT department, limits visibility and risks information loss through file sharing. Are recipients verified before sharing? It is always possible that one party has a compromised device or network, and an unauthorized agent could have intercepted information while files were in transit.

Safeguarding against these kinds of threats requires a wide-angle view, sometimes called ecosystem security. This means incorporating security tactics and defense across the entire landscape of the organization, including, but not limited to, the following:

  • Identity access management (i.e., credentialing, permissioning, authentication, mapping).
  • Asset inventories (i.e., software programs, computers, devices, IT/OT/IoT, endpoint, remote work and BYOD infrastructure).
  • Security orchestration (i.e., analysis, response and automation of updates, certificates, patches and traffic patterns).
  • Third-party risk management (i.e., vendor evaluation, compliance adherence, app marketplaces, APIs, data lifecycle management).

5. Disabling firewalls

Some file-sharing services require users to disable or bypass firewalls to upload or download files. While momentarily opening a firewall port may seem benign, it risks hackers accessing the device or network, a distributed denial-of-service attack, and other penetrations. For instance, man-in-the-middle attacks happen when an attacker gets between two parties who think they are communicating directly.

IT teams should install firewalls and make sure they are always enabled. In addition to reducing the risks outlined above, firewalls also help block unwanted network traffic and phishing attacks, reducing the likelihood that someone could install malware or malicious code.

6. Susceptibility and supply chain attacks

While file-sharing security risks often affect individuals, they can also be a vector for third-party or supply chain attacks. Distinct from an attack that directly targets an individual node, such as an executive's email account or the IT admin's device, this kind of susceptibility refers to when a malicious actor penetrates third parties that provide services to an organization and infiltrates it that way. If the attack successfully embeds malicious code or malware into a third party's services, it's more likely to exploit more victims, namely the third party's customers.

Organizations should collaborate with employees to forge a security-minded culture. Invite mutual risk assessments where partners openly participate in risk mitigations and proactive measures. Develop communications and knowledge sharing among security analysts from multiple sources to learn the latest best practices. Finally, an organization can limit the potential fallout from a cyberattack by not relying on a single vendor for all mission-critical services.

7. Prosecution

Files don't have to be infected with malware to wreak havoc. They could also include content with major legal ramifications for downloading, such as copyrighted materials or pirated software. Data sensitivity and privacy are also relevant, considering the growing number of data regulatory policies, such as the GDPR, CCPA and countless other data protection laws. Who is liable if customer information or intellectual property is exposed through file sharing? Without visibility into data flows, organizations cannot adequately monitor files and comply with internal policies or with external mandates and agreements. A lack of visibility also raises risks of penalties, fines and threats to company credibility.

Though these risks are far more likely on unregulated P2P file-sharing applications versus an enterprise-grade system, they speak to the role file sharing can play amidst broader and rapidly evolving legal questions.

To avoid potential legal threats, make sure the file-sharing service offers strong security and encryption. Key features include access controls, expiring file access and e-discovery and statements for compliance reporting.

8. Data leaks or theft

Dangerous actors can easily identify and take advantage of poorly secured file sharing links. In addition to scanning the file-sharing system for openings to exploit, they can intercept emails to capture the information and links contained within.

Authentication can defend against this threat. If the file-sharing service can grant access to only fully authenticated users, hackers cannot take advantage of the identified file-sharing locations. Hackers must then overcome the authentication system to access the files.

9. Prolonged content exposure

Once a user shares content, it tends to remain shared. People rarely revoke shared file access. This results in files remaining exposed past their use. This is especially dangerous if users share a folder rather than just a specific file, as future users might add files that others should not see.

File sharing should always have a time limit. There will always come a time when an organization forgets about shared content. If documents require collaboration over an extended period, limit access to a single file and routinely renew the sharing permissions. For shared folders, move older content to a secure permanent location.

10. Insider threats

Insider threats are a challenge across the security spectrum for organizations. File sharing increases the threat posed by insiders. Emailed links are harder to check for validity. Once the receiver clicks on the link, that person gains access to the files, regardless of size.

To combat the threat, many organizations use AI to check email for content, using computer vision to flag content sent to inappropriate entities. AI tools can also block emails from leaving the organization without human review.

IT teams should ensure employees receive security training so they can recognize when a colleague may be on the verge of becoming an insider threat. When paired with algorithms to watch for abnormal email traffic and excessive file shifting into central locations, IT teams can catch insider threats early.

Best practices for file-sharing security

The capabilities and convenience of file sharing create countless advantages and accelerate collaboration and innovation. But organizations can't overlook potential file-sharing security risks. Organizations can mitigate threats if they follow best practices, take an ecosystem-wide inventory and choose a file-sharing tool that prioritizes security.

1. Use vetted tools

Use an enterprise approach to file sharing. If users choose their own tools because they have no other choice, problems can arise. A unified enterprise approach to security creates an easier ecosystem to manage, secure and regularly update.

2. Do not allow general authentication

Using links that allow access for anyone with the link is a large security hole. That option only suits public information shared externally in a read-only mode.

Shared files and folders must require authentication to access. There should be no exceptions. If a future security exploit allows anyone with a read-only link to grant them full access to an entire repository, not requiring authentication speeds up the data breach.

3. Enforce multifactor authentication

Multifactor authentication (MFA) has become critical to access internal systems at home and work, but sharing files outside the organization requires even more scrutiny. MFA for external users helps secure shared files.

When designing the MFA implementation, enrollment in MFA should not presume pre-existing software and should be clearly documented. When a situation introduces uncertainty or complexity, internal users could email the files if the external user complains, which brings sensitive content outside the organization's control.

4. Share with intent

Users should always share files with intent. All dialogs should default to not sharing a file. People -- not AI, automated business rules or habit -- should decide whether to share files. These decisions should consider the file and the receiving party. If a new version of a file contains more PII than before, the user sharing must consciously decide whether to share it.

5. Close old shares

Scan for old shares that are not in use or have been around for too long. AI tools can make this process easier. To find unsecured file shares, IT teams could use the same tools that hackers use to find vulnerabilities. Automatically locking down those shares and possibly causing a momentary inconvenience to the people who created the file share is preferable to a data breach.

Editor's note: This was originally written in 2022 by Jessica Groopman. It was updated by Laurence Hart.

Laurence Hart is director of consulting services at CGI Federal and has more than 20 years of IT experience.

Jessica Groopman is an industry analyst, current director of digital innovation at Intentional Futures, former founding partner of Kaleido Insights and emerging technology advisor.

Dig Deeper on Content collaboration