If you store data in a cloud storage such as Google Drive, you can access it from anywhere via the Internet. This is ideal for flexible working in the home office and on the road. For data protection, however, it’s a completely different story.
The goal: store, exchange and backup data
Working from a home office or on the road sometimes requires creativity, it seems. Many options that exist in the office are not available outside the company. If you want to save important data, for example, storing it on the notebook or tablet alone doesn’t seem like enough. What happens if the end device is lost? Then all the work was in vain.
In the office, you can store your data in a directory on the network. There, colleagues who need to work with the data can also access it conveniently. However, if you are on the road or in a home office, these options for network storage and data exchange are sometimes missing. Regular backups are also not as easy to perform centrally when you are on the road or in your home office. If the company doesn’t offer appropriate support or if you don’t know the intended solutions for data storage and transfer, you quickly become inventive. There are solutions like Google Drive or Dropbox that have already proven themselves privately. Do you recognize yourself? You’re not alone – unfortunately, from a data protection perspective.
The problem: The so-called shadow IT
If you, as a user, select the solutions with which you want to store and exchange data yourself, you are creating so-called shadow IT. This refers to IT solutions that have not been tested and approved by the responsible department in the company. If you use untested solutions that have not been approved by the company, this can involve risks for the data that the IT department in the company is not aware of. And these risks can therefore not be averted with the necessary IT security solutions. This is especially the case with cloud storage, which anyone can use easily, quickly and usually free of charge.
The urgent recommendation: Please do not take the initiative in data storage
Normally, every company is pleased about the initiative of its employees. But when it comes to data security and compliance with data protection, it is neither good nor desirable to look for solutions yourself. Company data may only be stored in and exchanged via company-approved solutions. Otherwise, the data may be put at risk because the security of solutions for private purposes does not meet the high requirements of a company. In addition, with cloud storage in particular, it can happen that personal data is transferred to a country that does not readily offer the necessary level of data protection.
Therefore, only use applications approved by the company, even in the home office and on the road! If you do not know the solution, please ask.