risks of using YouSendIt & DropBox & GoogleDrive

Q1:
Are files exchanges risky (ie data got leaked, data got corrupted or infected with malware) using above mentioned?

Q2:
I noticed that google drive don't allow files zipped with password to be uploaded (not even to attach to
gmail): purpose of zipped with passwd is to protect sensitive data (& convey the password to trusted
party via phone or other channels) but if encryption is disallowed, then we have risks of data leaks
(eg: Wiki Leaks?)
However, if we allow encryption, there's a chance a malware is inside the zip.  So this is a chicken &
egg issue or those tools mentioned provides encryption without risk of malwares being uploaded
/transferred?
sunhuxAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Dropbox is secured by password for access. I have a strong password and no issues at all.

Gmail, and indeed most mail, is encrypted now. I do not think a virus can get into legitimate mail, but you need a strong spam filter to filter out bad emails.

As always, do not open emails from strange people or go to dodgy website.

The tools, Dropbox, Gmail, most Mail, Google Docs are protected, but you still have to keep your wits about you.
0
sunhuxAuthor Commented:
Some of my much older gmail are still using very simple passwords :
I suppose this means the same for my GoogleDrive that are 'tagged' to
my gmail.

Suppose my 'simple' passwords got hacked (ie hacker could go into
my googleDrive) & encryption of attachments is disallowed,  then we
have risks of data leaks

 However, if we allow encryption, there's a chance a malware is inside the zip.

So how do we go about the above?
0
JohnBusiness Consultant (Owner)Commented:
I always use encrypted ports and strong passwords.

Some of my much older Gmail are still using very simple passwords :   Remember I said keep your wits about you.

However, if we allow encryption, there's a chance a malware is inside the zip.  I have not seen this at all, Again, good passwords are a good defense.

If you are not properly secured, anything could happen.
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Serena HsiMarketing ConsultantCommented:
A1 - There is always a risk when users are involved. Malware can come from anyone's system, even from a vendor sharing files using YouSendIt (what I've used before with ad agencies transferring really freakin big digital asset files); on the flipside, there is little risk if there are file upload/download screening tools (Avast, Norton, etc) that are scanning the Zip files coming into and out of the file sharing site.

A2 - Don't use encryption as the only fail safe to protect your digital assets. You could instead use zip tools with password expiration and access time limits; then it might not matter if there is a data breach or not, it'd be a second or third step for a hacker to hack the locked zip file.

If you're using Google Drive with Google Apps for Work, you as the administrator should be able to set user rights on the folders and files that are being shared within and externally outside of your network.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sunhuxAuthor Commented:
>Some of my much older Gmail are still using very simple passwords :   Remember I said keep your wits about you
I was trying to give a scenario that if I could use simple passwords in Gmail, my users could do likewise (for
File Sharing services/tools) & recently we have a case that despite regular educational broadcasts & screen savers
(& we have a policy in place) not to send out sensitive info, users still do so.  Sorry did not elaborate my point earlier

>A2 - Don't use encryption as the only fail safe to protect your digital assets. You could instead use zip tools with
> password expiration and access time limits
Thanks, good point;  I was checking WinZip & 7Zip but did not see any option to set expiration or access time limits.
QuickCrypt could do this (but it encrypt 1 file at a time only).  I'm looking for a tool which could self-destruct the file
if there are multiple (say 3) attempts to crack/brute-force the encryption password and will self-destruct (say 5-
pass secure erase) after the encrypted file has been copied.
0
JohnBusiness Consultant (Owner)Commented:
WinZip has good encryption (I use it). Email encryption is a must-have even if not the only thing you depend up.

Common sense remains (by yards) the very best defense.

My Windows 3.1 machine in 1994 came with a simple virus from the vendor which was easily cured. I have not have any virus since in over 20 years.
0
sunhuxAuthor Commented:
Right, WinZip & 7zip both have encryption feature.

I'm looking for a zip tool that "could self-destruct the file if there are multiple (say 3) attempts to crack/brute-force
the encryption password and will self-destruct (say 5- pass secure erase) after the encrypted file has been copied"
0
JohnBusiness Consultant (Owner)Commented:
I have not seen such a Zip tool. So far only Apple will wipe out a phone after 3 (or 5) attempts at logging onto the phone. I have not seen self destruct files. Good encryption will keep most anyone at bay.
0
sunhuxAuthor Commented:
Quick Crypt will sort of self-destruct or expire after a specified amt of time but not upon being copied or
failed attempts to decrypt it
0
JohnBusiness Consultant (Owner)Commented:
I have not seen what you want and truly I have no need . I make sure files and connections are secure
0
JohnBusiness Consultant (Owner)Commented:
In addition, I just got an email from a (likely) legitimate company that I do not do business with and who said I requested an invoice from them. I did not.

Giveaway: The email was addressed to several unrelated people all with the same "invoice".

Delete immediately. Virus document for sure .
0
JohnBusiness Consultant (Owner)Commented:
Thanks, and be sure to keep your wits about you :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
File Sharing Software

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.