Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

The whys and hows of safeguarding sensitive data through secure sharing

Hjalti Magnússon _Sharecurely_
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
November 21, 2023

Most of us don’t think twice about sharing sensitive data and files with our colleagues and clients through Email or messaging platforms such as Slack or Teams. Afterall, that’s how we communicate these days. Why would we not shoot an API key to a colleague via Slack or send a contract to a client via Email attachment or, like Toby, send a confidential and sensitive document to our boss?

toby.png

The reality is that the cyber threat landscape is evolving. Email, for example, is a common first point of entry that threat actors use to gain a foothold in an organization. This is done through attacks such as phishing and credential stuffing. It allows them to gain access to accounts linked to the email address, and emails also contain a wealth of information that can be extracted from old messages.

The good news is there’s a simple way to protect your data, and yourself, through a bit of education and tooling. Let’s dive into why these methods of sharing sensitive data are no longer safe, and what you can do instead.

The risks of sharing sensitive data through insecure methods

The typical methods of transporting sensitive data and files such as Email and messaging tools pose a number of risks to the security and privacy of, not only the shared files, but the organizational data as a whole. One of the main concerns is that these files can live on servers long after they have served their intended purpose. This persistence of data increases the likelihood of exposure, especially in the event of a breach or unauthorized access. 

Data storage 

But let’s set the security aspect aside for just a moment. The concerns regarding how the data is stored alone is enough to warrant being extra safe in how you share it. For example: 

  • Who is responsible for managing the Email server of the sender? 
  • What about the receiver's email server? 
  • Are these servers cloud-based or located on premises? 
  • Who has access to the data stored within these servers? 
  • Are there any backup systems in place? 
  • If so, where are these backups stored? 
  • Are these backups securely stored? 
  • Additionally, if an email is deleted from the inbox or outbox, are the backups also erased? 

These are just a few examples of crucial issues that must be addressed when considering the security and privacy of sharing sensitive data. 

More on security

Breaches happen, and unfortunately they’re becoming increasingly more common. As mentioned above, Email is a common first entry point for attacks. If sensitive information can be found there, then that can provide the attacker with a foothold to penetrate sensitive organizational data further.

For example, in October 2022 STG International’s employees were targeted by a phishing attack, which resulted in unauthorized access to email accounts between October 2022 and January 2021. The information exposed included driver’s license and passport numbers, financial information, social security numbers, payment card information as well as usernames and passwords. For more on this topic, check out our blog.

So how do you ensure sensitive information is shared securely?

Educate your team

As with many problems that face organizations today, the first step to remediating this one starts with people. It’s critical to educate your team, from the CEO to the receptionist – and everyone in between – about the risks of sharing data insecurely and providing them with the tools they need to do it correctly. 

Unfortunately security awareness and compliance training tends to use scare tactics to get their employees to change their behavior. Such tactics are not only uncomfortable for your team members, they’re rarely effective. But the reality is that, with a little awareness,  the solutions to these problems are often very simple, as long as the tools to help your team are also simple.

Use a tool to share your data securely  

This is where Sharecurely comes in. We offer a secure way to easily share sensitive documents, without leaving copies of the document anywhere along the way – directly from Jira or Confluence. When files are sent using Sharecurely, they are encrypted on the sender’s device before being uploaded to our servers and remain encrypted during transit and storage. 

This process of end-to-end encryption ensures that only the recipient and no one else, not even Sharecurely, can access the contents of the shared document.

The recipient simply receives an Email with a link to download their document. 

email-pam.png

Balancing security and usability 

Historically, when processes or systems have been made more secure, the user experience tends to suffer. This results in people sometimes not following the process, because it’s either too tedious, time consuming, or both. Or perhaps an organization needs to on-board an entirely new tool including getting all of their users set up with accounts. Sharecurely strikes a balance between the two, focusing on usability without compromising on security.

Simply drag and drop or upload a file and send to the recipient, just as you would with an email attachment. No further steps necessary. Documents can be shared from within Jira or Confluence to any recipient within or outside your Atlassian organization.

share-empty.png

Sharecurely is available for both Jira and Confluence and includes the following features.

  • Secure sharing of text snippets and files up to 512 MB. 
  • Sharing documents with users within your organization.
  • Sharing documents with users outside your organization (documents accessed through the Sharecurely standalone app).
  • An inbox and outbox to provide an overview of received and shared documents, helping you keep track of sensitive data sharing.
  • Sharecurely keeps track of when documents are downloaded, ensuring you can verify that recipients have downloaded documents.

inbox.png

Try it out

Ready to start sharing your sensitive files and data securely?  

Try out Sharecurely for Jira or Confluence.  

About Sharecurely

Sharecurely is a reliable and easy to use solution for secure document sharing, minimizing the risk of data exposure. With an emphasis on usability, Sharecurely strives to streamline the sharing process, steering clear of unnecessary complications such as implementing an entirely new tool, promoting organizational-wide adoption of secure sharing methods.

By prioritizing the security and privacy of your sensitive data, Sharecurely provides a valuable tool in a world where data protection is of utmost importance.

https://sharecurely.com

0 comments

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events