Hidden risks with employee file-sharing practices

by Erik Missio | September 26, 2016 1:04 pm

mika-javanainenHORIZONS
Mika Javanainen
In today’s workplace, collaboration is no longer an option, but rather a requirement—particularly for the construction industry, where project information needs to be shared among internal colleagues and team members, contractors, and subcontractors. Information security is another must-have, with nearly every company having at least minimal safeguards in place to prevent the theft of corporate data. While both needs are reasonable, they can often be in conflict.

Sharing information with members of a project team is not the fundamental problem: employees always find ways to deliver files to external parties. The challenge is to maintain control over the shared content. Obviously, most IT departments are worried about employees using unauthorized and personal cloud services for file-sharing. The motivation to do this is understandable from employees’ point of view—after all, they are problem-solvers by profession. Another member of the team needs information? Get it to her or him as quickly and efficiently as possible. In most cases, employees do not even know they are breaking rules or acting in a risky fashion.

The dangers can include a loss of control of your documents—such as not knowing the location of the latest version of a CAD drawing and wasting time searching for it, or even worse, using the old version in a project. Other common dangers are information security breaches, data loss, and non-compliance. A common risk is a project manager that has stored all the agreements on a personal Dropbox account. When that employee leaves the company, the agreements are gone forever.

The problem is widespread, and many firms have experienced some of the negative consequences. A full quarter of professionals surveyed by M-Files Corp. said their company has experienced some of these challenges related to use of file-sharing and sync tools. The survey further found 63 percent of professionals use Dropbox, Box, OneDrive, Google Drive, or another iteration of these programs. Additionally, 37 percent actually use their personal file-sharing or sync solution to share business documents “all of the time,” while 46 percent say they have done so with documents that would be considered sensitive or containing confidential information.

You May Also Like  BIM for Masonry: The bricks and mortar industry enters the digital age

A 2014 report, “Respond to Employees’ Use of Consumer File Sharing with ‘Easy Content Management[1],” by Gartner, a research/advisory company, backs up this data, noting, “Employees continue to use consumer online file-sharing tools for sensitive documents, even when their company has banned the use of such tools.”

How to regain control

Key activities for regaining control of corporate data, safeguarding information, and keeping employees productive are establishing guidelines, providing tools, and communicating policies. To begin with, construction firm leaders and IT departments must recognize that personal devices and the need to share files are not going away, and they should understand that the only way to monitor which file-sharing applications are being used to share company information is by having specific and enforceable policies in place.

A good place to start is talking with employees about what they need to do—who they need to share information with and how. Then, it is important to discuss what they need—or want—to do that they feel they cannot do with the tools already provided by their firm. This kind of conversation is useful in a variety of ways, from gathering information about employee behavior to educating employees about the risks associated with unsanctioned file-sharing apps and services.

One part of the solution is a formal policy for file-sharing, which should be defined based on employee discussions and the firm’s goals for both information security and collaboration with partners outside the firm. The policy should not only be clearly communicated to employees, but should also be shared with partners with whom they will be collaborating, as this helps support and encourage the new, approved practices.

For the construction industry, collaboration is no longer an option, but rather a requirement—project information needs to be shared among internal colleagues and team members, contractors, and subcontractors. Therefore, information security is critical. Photo © BigStockPhoto
For the construction industry, collaboration is no longer an option, but rather a requirement—project information needs to be shared among internal colleagues and team members, contractors, and subcontractors. Therefore, information security is critical.
Photo © BigStockPhoto

Another piece of the solution is a software tool, such as an enterprise information management (EIM) program with native mobile apps for the most popular devices. These solutions provide the control and security the firm needs, as well as the simplicity, flexibility, and mobility employees demand. Best-in-class EIM solutions offer a full range of security options, including capabilities for data defense, protections against loss, granular access options, tracking, and logging.

You May Also Like  World’s tallest modular buildings top off

Further, leading solutions deliver other functionality from which construction firms might benefit, such as content classification, storage, and retrieval options based on metadata that significantly reduce the time spent searching for documents. Robust version controls ensure the recent copy of each information asset is always what is visible and available; other potentially valuable features include easy automation of project workflows and the ability to integrate with other enterprise systems.

Whether or not construction firms have encountered issues related to information security, given an ever more mobile and collaborative workforce, it makes sense to evaluate current file-sharing practices and determine how the business might be better served with enterprise information management. For many design/construction firms, EIM has become a compelling solution to not only improve the management and flow of corporate information, but also mitigate risks of employee file-sharing practices.

Mika Javanainen is senior director of product management at M-Files Corporation, and is in charge of managing and developing the company’s product portfolio, road maps, and pricing globally. Prior to his executive roles, he worked as a systems specialist, integrating document management systems with enterprise resource planning (ERP) and customer relationship management (CRM) applications. A published author, Javanainen has an executive MBA in international business and marketing. He can be reached via e-mail at mika.javanainen@m-files.com[2] or followed on Twitter at @mikajava[3].

Endnotes:
  1. Respond to Employees’ Use of Consumer File Sharing with ‘Easy Content Management: https://www.gartner.com/doc/2666817/respond-employees-use-consumer-file
  2. mika.javanainen@m-files.com: mailto:mika.javanainen@m-files.com
  3. @mikajava: https://twitter.com/mikajava

Source URL: https://www.constructionspecifier.com/hidden-risks-with-employee-file-sharing-practices/

Copyright ©2025 Construction Specifier unless otherwise noted.