Guess what Mr. CIO? One in five of your employees uses Dropbox at work

Note to CIOs: If you don’t think your workers are using Dropbox to store and share business documents, you’ve got another think coming.

dropboxusagedeptOne out of five of 1,300 business users surveyed said they use the consumer file-sync-and-share system with work documents, according to new research by Nasuni, an enterprise storage management company. And, half of those Dropbox users do this even though they know it’s against the rules.

The most blatant offenders are near the top of the corporate heap — VPs and directors are most likely to use Dropbox despite the documented risks and despite corporate edicts. C-level and other execs are the people who brought their personal iPads and iPhones into the office in the first place and demanded they be supported.

These findings should not be news to anyone who’s been paying attention. Dropbox, the popular service that consumers use to store and share photos, files and other documents, has become the proxy for “shadow IT” — technology that comes inside a corporation but is beyond the control and tracking of corporate IT departments.

dropboxtitleDropbox claims a whopping 100 million users — and its popularity is driven by the exploding use of smart phones and tablets to send, sync and share documents. This whole bring your own device (BYOD) movement causes huge headaches for corporate IT departments which are supposed to keep company data secure. The problem with many corporate file-share-and-sync solutions, is they aren’t as easy to use as Dropbox and don’t necessarily support personal smartphones or tablets. So if you’re trying to work and need your document, you take the path of least resistance: Dropbox.

Here’s the problem: if corporate workers put sensitive internal files up there, the door is open to abuse. According to the survey:

“The sensitive data stored in Dropbox is not secure and just as importantly, not controlled by IT. This means that if an employee leaves the company, the information that [a] user has stored goes with them, creating a significant risk of data loss or exposure. Furthermore, as the amount of sensitive corporate data stored in Dropbox increases, the online file-sharing service will become a
more attractive target for hackers and other malicious groups.”

Companies like Nasuni — or rivals like TwinStrata and StorSimple(s msft) as well as companies like BoxOwnCloud and LogMeIn(s LOGM) — pitch their services as enterprise-class secure cloud storage. So, the survey is self-serving for Nasuni, but that doesn’t mean the results aren’t worth noting.