As an architect, whether you’re storing large design files, sharing them with colleagues, syncing files to your tablet to show clients in meetings, or filing away confidential patent documentation, the benefits of the cloud are increasingly on your side. Because the architecture industry relies so heavily on collaboration throughout the course of a project, it seems like a natural fit for using the cloud but nonetheless, many architecture firms generally dissuade cloud adoption, largely due to concerns about security and the necessity of protecting intellectual property.
To be fair, these concerns are not entirely unfounded: After all, nearly a quarter of cybercriminals are intellectual property spies, hoping to sell your designs to a competitor or release confidential plans to the public. So when you work in an industry where intellectual property is your bread and butter, it’s essential to regularly address security concerns and maintain strong contingency plans.
Consider an all-too-common scenario. Say you’re working on a building project with a high-profile client, who flies your colleague out for a meeting to discuss the project. Your colleague puts the specs, designs, and some sensitive budgetary information into Dropbox on his work computer and syncs them to his phone and tablet to review the presentation on the plane. It’s a fantastic way to get work done, but as mobile devices increasingly become central to business, it’s all too easy to misplace your most important data. And sure enough, your colleague leaves his phone in the cab on the way to the meeting.
On one hand, the cloud proves to be a boon: You still have your files on your tablet and can still make the presentation, possibly clinching a killer project for your firm. On the other hand, if someone finds your colleague's phone in the cab, they could seize an opportunity to get your designs, detailed budgeting, building inspection reports, or environmental assessments into the wrong hands, which could cause you, your firm, and your client untold financial, legal, and reputational headaches.
For some people, the danger of precisely this kind of hypothetical possibility is enough to cut the cloud out completely, especially for work. But widespread adoption of the cloud is inevitable.
Fortunately, there are ways to ensure security and protect your sensitive files, without sacrificing the ease and convenience of using the cloud. Taking a few extra precautions can make a world of difference—and doing so will let you focus on what’s really important at work, rather than on worrying about whether your information is safe. Here are a few things to keep in mind when using the cloud to store, share, and sync your files.
Trust your colleagues—but not blindly
Keeping all files accessible to everyone you work with can be useful, but it can also be risky. It’s also largely unnecessary. It’s no secret that people make mistakes, and employee negligence is often cited as the primary culprit when it comes to data breaches. Limiting access on a need-to-know basis is a good practice, because it decreases the risk that, say, someone will stumble upon a file that they shouldn’t see and accidentally email it to someone who shouldn’t have it. If you’re storing your files in the cloud, this is just one place where encryption can come into play. By granting access only to authorized users, you are always in control of your files, and only the people you actually intend to share information with are seeing it. Maintaining an audit trail is also important: It lets you monitor which users are accessing your files when, so if something suspicious starts to happen, you’ll be able to curb the problem before it’s gone too far.
Revoke access when it’s necessary
The flip side of sharing files with authorized colleagues is recognizing when it’s time for them to stop having access. This comes into play when an employee leaves the company, for instance, or if a team member switches to another project. If you’re running your own firm or your own team, being able to revoke access swiftly is crucial, especially when sensitive designs are at stake. When you use the cloud to house your files, you can stop individual users from having any access, anywhere. It’s also possible to revoke access remotely to specific devices, and with more than 800,000 laptops, tablets, smartphones, and USB drives lost or stolen annually in airports alone, it’s easy to see how that simple ability may be able to have a huge impact.
Encryption is essential
Encrypting your files before they reach the cloud is the single most important precaution to take. File-level encryption in the cloud consistently protects your files, regardless of where they reside. In other words, encrypting at the file level within your Dropbox folder, for instance, means that your files will stay encrypted if they are synced to another device or even if they’re shared. And if you make sure you’re using an encryption service that separates the encryption keys from your content, you’ll guarantee good security hygiene; neither the cloud provider nor the encryption service will be able to read your files, and only you and the people you authorize will be able to decrypt them. So if hackers infiltrate your cloud storage provider or if you lose that phone, no one will be able to access your files because the encryption will remain in place. Your high-profile design details will appear as an incomprehensible jumble, and you—and your clients—will breathe easy.
Share files securely
In an industry that relies so heavily on communication and collaboration, architects need to be able to share files without hesitation. Email was never designed to be a particularly secure method of information transfer (nevermind the file size limitations!), and hackers have an easy enough time getting around email security with malware and other methods. So if you’re working on a sensitive project or sharing IP, you’ll want to rely on a safer approach. File-level encryption allows you to share files among authorized users without fear of decryption or interception along the way. But even if you’re working with someone who doesn’t use your same cloud service, some encryption providers will allow you to send secure links to encrypted files through email. Alternatively, you can even have an outside user deliver a secure file directly into your encrypted folder in the cloud. However, not all programs enable this kind of seamless, encrypted sharing, so read the fine print and make sure your encryption provider and your cloud service work in tandem to keep your files secure even when they’re being transmitted from one user to another.
With the inevitability of the cloud looming, it’s not a bad idea to start thinking about making the switch to an easier and more seamless way of working. If you’ve already got your head in the cloud, then establishing a smart security system should be your top priority. Data breaches happen, and it’s best to be prepared.
Asaf Cidon is the co-founder and CEO of Sookasa, a cloud security and encryption company that enables safe adoption of popular cloud services such as Dropbox to store sensitive information.