Sharing files within and outside of an organisation is a large and important part of any data management. With the growing amount of data that companies collect, process, and share on a daily basis, it’s vital that this part of corporate data security doesn’t get overlooked.
There are a couple of ways to ensure secure file sharing within your company:
- A secure intranet is a good way if all your employees are located in the same premises and don’t need to share any files outside of an organisation.
- Build your own software. With the number of security threats appearing every day, this is no longer a viable long-term solution as it will require continuous investment into improving your software to keep up with the new risks.
- Use a secure file sharing vendor. Probably, the best option for both SMEs and large enterprises. Depending on your needs, you can find a file sharing product or plan to cater to your unique requirement. The contemporary file sharing solutions go beyond simple data transfer tools, include antivirus and additional security options (SFTP, PIN protection, encryption, and so on), and offer a number of integrations for better business productivity.
However, if you’ve decided to go with the third option, you need to verify that your file sharing provider is as secure as they can be. The first thing to check is whether they have a valid ISO 27001 certification or their information security management systems are audited by a reputable business assurance provider.
Here are the main aspects that ISO 27001 covers:
1. Strong security policies
2. The organisation of secure information
3. Asset management (inventory and classification of information assets)
4. Human resources security (governing how employees join or leave an organisation)
5. Physical and environmental security
6. Communications and operations management (technical security controls in systems and networks)
7. Access control to networks, systems, applications, functions and data
8. Information systems acquisition, development and maintenance
9. Information security incident management (anticipating and responding appropriately to information security breaches)
10. Business continuity management (protecting, maintaining and recovering business-critical processes and systems)
11. Compliance with information security policies, standards, laws and regulations
Maytech Security and Compliance Statement outlines Maytech’s corporate statement regarding our data security program, and a review of the process we follow regarding our commitment to information security and compliance.
Maytech Statement of Applicability (available on request) details the controls specified in ISO 27001: 2013 and is a cross-reference to the Maytech Security and Compliance Statement with the Information Security Management System which implements the requirements of each control.
Maytech File Sharing Certifications and Compliances
As a trusted file sharing provider and a global leader in secure file sharing for businesses since 2006, Maytech is compliant with all key international standards governing file sharing security:
- ISO 27001 certification
- HIPAA compliant file transfer
- PCI DSS compliant data transfer
- GDPR compliance