Megaupload and the risks of file sharing sites
Posted on Wed, Feb 01, 2012
If you work in IT or data protection, it's highly likely that you're aware of the Megaupload case. The subject is remarkable for a number of reasons, not least because of the 'enigmatic' Kim Dotcom, the company's founder and figurehead who is awaiting extradition to the USA on charges of racketeering, copyright infringement, and money laundering.
However, it is the issues around data protection and data security that are most intriguing.
File sharing sites - a simple solution to moving large files quickly...?
DepositFiles, ORON, Uploading, WUpload, FileSonic, Uploaded, HotFile, ZShare, FilePost, FileServe...
Megaupload is just one of a number free file sharing sites that provide a simple means to upload and share a large file. It's become commonplace for most internet users and, according to reports, 50m users had an account with Megaupload. The challenge to data and information professionals individuals within their organisation will resort to them as the path of least resistance when they are in a rush.
Whilst these file sharing sites offer zero cost, ease-of-use and open access, they don't provide any protection for sensitive data. They should absolutely never be used for anything relating to work, never mind any kind of sensitive document.
Who's in control of the data?
One of the other issues that the case highlights is how much control you have over data placed into one of these sites by someone in your organisation.
The Register reports that data stored on Megaupload may start being deleted from as early as Thursday this week. Whilst there is likely to be a very high proportion of copyrighted material amongst the data on Megaupload's servers, there are also documents, backups, family photos and videos, all of which cannot currently be accessed as the site has been closed (see image above).
We would urge a campaign to spread the message everyone in the organisation, using the Megaupload case as an example. Make sure that individuals in your organisation do not place data on file sharing sites and provide them with alternative solutions that are both secure and easy to use in both everyday and emergency situations.