IT and Security leaders work to identify and mitigate potential vulnerabilities, yet files shared with private email accounts aren’t prioritized sufficiently.
This poses challenges such as:
- Employee data theft
A study found that 72% of employees admit to taking organizational data during their offboarding - usually by sharing files with their private email accounts. The files might contain intellectual property, personally identifiable information, or anything else of critical matter that could put your organization at a disadvantage (e.g. GDPR).
- An entry point for hackers
Hackers know organizations share files with external stakeholders (e.g. freelancers) who use their private email accounts for work. Most private email accounts lack strong security measures, making it easier for cybercriminals to penetrate them and infiltrate your organization’s data. Worst of all, a compromised private email account could go unnoticed for a long time due to the lack of security measures.
- Unauthorized access to third-parties
Some stakeholders use private email accounts to access third-party apps or services. However, they often fail to review the service terms and the granted privileges. As a result, third parties might be granted rights to access a stakeholder’s Google Drive, OneDrive, etc., and, through that, the files your organization has shared with the given private email account.
After reading this, you might be tempted to disable or restrict sharing files with private emails. While such practice is good in theory, it could result in your employees bypassing the limitations by using unauthorized file-sharing services, which leads to shadow IT.
Tricent provides visibility into how many files are shared with private emails and lets you remove unwanted access in bulk.
See how you do that with Tricent for Google Workspace
See how you do that with Tricent for Microsoft 365