Cloud storage is a wonderful thing. It gives IT a central place to manage, secure, and back up company files. It lets users work on their files anywhere, from practically any authorized device, so the days of having to keep multiple copies of files synced across devices (work computer, home computer, mobile devices) are over.
But there’s a potential security gap in cloud storage that means you’re not getting the data security you expect, or you’re forcing users to walk through hoops to get their jobs done. And there’s no elegant solution to the problem today.
Here’s the scenario: IT encourages or requires users to store all work documents in their corporate OneDrive, Dropbox, Box, or Google Drive. Basically, to use it instead of the My Documents folder in Windows or Documents folder in MacOS. To do that effectively, and to maintain usability with users’ computer software, users are running the local virtual disk client for OneDrive, Dropbox, Box, or Google Drive. No more need for thumb drives, emailing of documents to themselves, and the other practices users invented to get their work done wherever, whenever.
Here’s the risk: A Windows PC or Mac running the virtual drive software is stolen or accessed by an unauthorized person. Even if IT cuts off access to the cloud storage service, and to any cloud-subscribed apps like Microsoft’s Office 365 or Google’s G Suite, those virtual drive apps have made local copies of the user’s documents on that computer. So, a data thief could get those local copies of the nominally cloud-stored corporate documents.