External File Transfers – Should They Be Risky Business?

Hybrid work, although it is a recently evolved work model, is here to stay for the foreseeable future. Yet how secure is file sharing?

We speak to Nicole Lin, MD of Synology UK to get her opinion on this very topical issue for business owners. While some business owners debate the longevity of this model, it makes sense for SMBs to make sure their cybersecurity processes are fit for this new way of working. There are many benefits to hybrid work that small businesses are best placed to capitalize on, but there is also an increase in risks.

While setting up and maintaining secure IT systems should be straightforward for SMBs, the plethora of options combined with the exponential growth rate of IT services has made it a minefield for many business owners. Day-to-day tasks, such as sending files to external partners, vendors, and customers, need to be straightforward and yet, too often, this is where many businesses fail at the first hurdle.

We know that external file transfers create a security challenge, but the transfer of sensitive data to external end users is also an essential business process for every business, including SMBs. So how can SMBs minimize risk when it comes to file transfer?

Today, several on-site storage solutions are already in place, including Synology C2 Transfer, which were created to empower businesses and individuals to solve their data management challenges. These challenges typically involve connecting remote teams, enabling file sharing and collaboration between people.

But until recently, the last part of the puzzle had not been fully solved for SMEs. That is, how can teams securely send important and potentially sensitive files to customers, partners, and suppliers without putting the business at risk?

End-to-end identity verification and encryption

We know that most file collaboration solutions, including cloud or on-premises solutions, protect data through permission management and audits of individual account activity. However, deliverables should always be sent to external parties who do not have accounts.

In an ideal world for SMBs, transferring sensitive data should be kept simple for all parties involved while ensuring that files are always delivered to the right person, even if a link is accidentally posted or shared with the wrong person. Our recommended approach to ensure files are transferred securely is to verify identities by sending a one-time password (OTP) to an address or phone number specified by the sender to ensure that only the intended recipient can access the files.

Business disruptions caused by supply chain issues have grabbed the headlines recently, but cybersecurity, IT failures and data breaches remain a major concern in 2021 for UK small businesses according to the report. Allianz risk barometer.1 The pandemic has fundamentally changed the way many organizations work and this has fueled concerns about cybersecurity for a variety of reasons. It’s important to remember that businesses, especially SMBs that have the ability to be nimble and react to change quickly, can help employees reduce the risk of cyber attacks, data breaches, and computer outages.

The five key areas UK SMEs need to address are:

  1. Adopt and deploy end-to-end identity verification and encryption when transferring files to customers, partners and suppliers to reduce business risk
  2. Encourage the use of strong passwords and have a clear and robust process for reporting a security breach
  3. Enable two-factor authentication methods and the use of one-time passwords (OTP) to ensure that only identified recipients have access to data you share outside of the organization
  4. Make sure security settings like watermarks and number of downloads before link expires are enabled so you can audit and track security breaches
  5. Deploy a training and awareness program to all staff so that they fully understand best practices in preventing cyber attacks, data breaches and IT failures.

As we emerge into new business models and ways of working in a post-Covid world, understanding and managing risk within a business remains important. While risk management has always been a part of the success of an SME, the risk landscape has fundamentally changed.

Understanding what this new landscape looks like, along with the solutions available to small businesses in the UK, will help business owners and management teams navigate safely. We are unlikely to be able to eliminate all risk to business, but what we can do is provide you with the knowledge you need to prevent and significantly reduce the risk.


Cherry Martin

Cherry is Associate Editor-in-Chief of Business Matters with responsibility for planning and writing future articles, interviews and more in-depth articles for what is now the UK’s largest print and online source of business news.


Comments are closed.