Is that a safe way to transfer a file?

Software business DVS Soft said that while recent high-profile incidents had highlighted the dangers of posting data on discs, other methods frequently used by staff - such as third party web transfer services, instant messaging and even social networking sites - were "equally insecure".

It claimed that sending information in this way was not only putting organisations at serious risk of "data leakage", but also of possible "malware contamination".

The company said that restrictions in data transfer methods imposed by employers were sometimes behind the problem.

DVS Soft's Andy Hansen said: "Restricted by email attachment size and even file formats, ever resourceful employees are finding other ways to transfer large files and most of them are even more insecure than email.

"Granted, the average business may not be transferring vast quantities of customer information, but it's still likely that typical files will include sales information, market projections, confidential pitches and competitive analysis. Not the sort of information most businesses want in the open."

'More professional'

DVS Soft claimed that most employees used such "external services" in the genuine belief that it was helping them be more efficient, and that they were not intentionally putting their organisation at risk.

However, besides the increased risk of information theft or a delivery mistake, there was also the possibility that the file, or the site it was being hosted on, could be compromised by malware - malicious software designed to infiltrate or damage a computer system.

"One of the problems is that businesses have restricted the employee's ability to send large files over email, without recognising that they still need to be able to get that information to partners and customers," said Andy Hansen.

"Consequently employees just look for the easiest and most familiar method out there, and that's often social networking sites and web 2.0 tools such as IM (instant messaging)."

He added: "Reputation is often underestimated in business, until you’ve lost it of course. Companies need to ask themselves – which looks more professional a dedicated, fully encrypted, password protected file system that can be accessed via the web, or sending your best customer to www.acme-toobigtosend.com to download a file?"