Skip to main content
close search
site logo
Dive Brief

Federal tech team accused of 'data breach' for connecting Slack, Google Drive

Published May 16, 2016
By
Contributing Editor
Flickr; USCapitol

Dive Brief:

  • An inspector general report released Thursday said the federal digital services team, 18F, was found linking workplace applications, which could have potentially exposed sensitive data and constitutes a "data breach."
  • The 18F team connected workplace messaging application Slack with Google Drive, which allowed users to preview hosted Drive files through chat.  
  • 18F, however, said that though integrating the apps was a "mistake," the result was neither a data breach or a hack. 

Dive Insight:

18F is a prominent Obama administration tech team, and part of the General Services Administration, tasked with providing high-level tech services to federal agencies. 

"Due to authorizations enabled by GSA 18F staff, over 100 GSA Google Drives were reportedly accessible by users both inside and outside of GSA during a five month period, potentially exposing sensitive content such as personally identifiable information and contractor proprietary information," the inspector general’s office said in its alert.

Primarily of concern was how the two apps connected. 18F said by automatically allowing Slack to create previews for the files, they were also giving it permission to automatically upload it to its servers. 18F admitted connecting the two applications was a mistake, but denies the issue should be characterized as a data breach.

"Our review indicated no personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property was shared," the 18F team wrote.

Linking the two apps is an example of shadow IT, where the apps were used in an manner unauthorized by federal tech department. Shadow IT has become a growing problem, and it comes with potential risks to both company and customer data. A report released by Cisco in January found that shadow IT in enterprises was up almost 70% from just six months prior.

While CIOs estimate their organizations use an average of 91 cloud computing services, Cisco said, the true number averages around 1,120. Many analysts agree that shadow IT is an issue for companies, and that few CIOs or corporate technology departments have a good idea of shadow IT's scope. 

Often without the knowledge or permission of the IT department, the average employee uses 17 cloud apps at work, according to research by Adallom. 

Recommended Reading

Filed Under: Security, Software

Editors' picks

Company Announcements

View all | Post a press release
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell