More SMBs using unapproved file sharing technologies

Small businesses must walk a thin line between encouraging innovative new productivity tools while introducing policies to improve security.

Symantec is the latest company to point a finger at data showing that SMBs are putting themselves at risk by using online file sharing and collaboration services -- usually services that were deployed behind the backs of their managers or those with influence over technology usage.

The company's 2011 SMB File Sharing Survey found that 74 percent of small and midsize businesses are opting for file sharing services for one big reason -- it is helping boost productivity.

In 61 percent of these organizations, employees are the ones making the decision about which file sharing services are being used. This is, of course, an extension of the bring your own technology movement. Or, as some people have suggested, the rise of "bizumers," workers who are brining consumer technology sensibilities into the workplace.

Symantec's survey reflects the opinion of 1,325 SMB organizations with 5 to 500 employees.

Other highlights of the survey:

  • 44 percent believed that file sharing services could lead to the inappropriate sharing of confidential information
  • 34 percent were worried that it breached regulatory policies
  • Email is still the preferred way to share files, with about two-thirds of the respondents citing this as the many sharing method
  • At least 14 percent of the respondents said the average size of files being shared was at least 1 gigabyte (which means it isn't just simple documents that are being circulated)
  • 37 percent of the respondents predicted that they will have employees working remotely one year from now (up from 22 percent three years ago and 32 percent currently)

The dilemma for small businesses is how to police this behavior without getting in the way of productivity, said Anthony Kennada, senior manager of emerging cloud products for Symantec. "We know it's not going to stop, but IT needs to provide a better mousetrap."

The best thing to do, for now, is to figure out what IS being used within your organization and to assess whether there are better business-grade alternatives -- or whether policies could help make existing solutions more secure.