BetterCloud research insights: Improving SaaS file sharing security

Most end-users don’t give file sharing permissions a second thought. During another busy day, hitting that button on one file is a small, forgettable task – which is precisely the problem. In this BetterCloud research alert, we’re tackling file sharing security. Stay with us as we unpack how top security-first IT teams are strengthening their SaaS security posture through key insights on SaaS file sharing protection.

In this blog, we’ll specifically: 

• Define inappropriate file sharing
• Give some background on BetterCloud’s research
• Review SaaS file sharing security takeaways from those firms who lead the way
• Describe how BetterCloud File Governance can help you reach your file sharing security goals

The costly dangers of improper file sharing 

As everyone knows, an open link for file sharing is a URL that allows access to a specific file or folder stored in cloud storage services like Dropbox, OneDrive, or Google Drive. Links get shared in any number of ways including email, Slack, text, or even social media, so they can go far and wide. Depending on the link’s configuration, a recipient of that link can fire up a browser and view or download the content without a specific account or even the file owner’s prior authorization.

File owners or senders can set permissions to be view-only, editing mode, password protected, or sometimes as expiring access links. All too often, settings are afterthoughts, leaving inactive, yet open links everywhere – potentially giving entry long after a file was first created.

Which, of course, brings to mind a recent high-profile breach at game developer Ateam.

About a year or so ago, the company discovered major data exposure from a single, simple Google Drive misconfiguration. The issue stemmed from setting file permissions to “anyone with the link,” which removed essential access controls. As a result, sensitive personal data— including names, emails, phone numbers, and customer numbers—for one million people, was publicly accessible for more than 6 years. 

This obviously displays the risks of improper file sharing, neglected storage settings,  and the importance of solid SaaS file-sharing security within SaaS security posture management.

53% of Security-first IT teams worry most about publicly shared sensitive SaaS data files

With SaaS management and file security automation becoming more mature, we’re closer than ever to solving some of the most stubborn file security pain points. For instance, a significant share of SaaS security issues come from misconfiguration, something widespread file sharing security automation is close to eliminating. This shift will lead to smarter SaaS file governance, stronger security, and more efficient workplaces and teams.

Within SaaS operations, we’ve been talking about data loss prevention without inhibiting employee collaboration for almost a decade now. While there’s been incremental progress, and automated content scanning has helped, automated policy-based file governance and security is making that vision a reality.

Imagine complete IT control over all SaaS files

Suppose IT has complete control over files and sharing permissions, where employees are free to set their own expiring permissions, and there’s never a concern about long-forgotten, dangerously lingering open links. No worries about tracking who has access or controls files.

That’s not just better security. It is transformation, allowing higher levels of productivity and collaboration without the downsides.

The benefits are clear and compelling, but are organizations already adopting better file governance? Who is leading the way? What technologies are they adopting? These are the kinds of questions we wanted to answer in the most recent BetterCloud security research report, Unlocking a safer SaaS stack: 10 research-backed practices of security-focused IT teams, surveying nearly 600 IT individual contributors and decision-makers.

BetterCloud research confirmed some, but not all assumptions

Like any good research, at BetterCloud, we validated some assumptions while completely challenging others. For example, we expected to learn that the leading organizations, those we’ll refer to as security-first, are a smaller subset of all organizations surveyed, At 30% of IT teams, they come mostly from technology, SaaS, and financial services and banking. We also weren’t surprised that security-first teams tend to be from larger organizations.

On the other hand, while we know that the risks in file storage environments is just one of the prevalent ones associated with SaaS, we were shocked that security-first IT teams work at companies that add headcount at a faster rate than the general market.

We were also surprised to learn that it’s their top concern. Of the 8 security concerns we asked about, security-first IT teams told us that their biggest concern, at 53%, was sensitive files shared publicly.

SaaS file sharing security insights you need to know

In this section, we’ll review the top takeaways from analyzing the storage footprint, and file sharing security practices of security-first IT. 

The file storage footprint is large, stored on hard-to-control shared drives, with unwieldy number of sharing permissions

According to file sharing security insights from BetterCloud internal data, on average, 39% of employees have fewer than 2000 files. Another 21% have between 2000 to 4000 files, and the remaining 40% have more than 4000 files. In fact, 2% of users have more than 100,000 files!

The big conclusion is that even small companies can store many, many thousands of files.

For customers using Google Workspace, they have 70% more files on Shared Drives than on individual Google MyDrives. Overall, half the files have only 1 or 2 sharing permissions. However, another 25% of files have around 3 permissions. The biggest file governance challenges come from the top 25% of files. They have the highest range of sharing permission numbers, from a minimum of 4.3 permissions to more than 35 per file.

As a reminder: out of the multiple thousands of files stored in your SaaS environment, the vast majority are inactive, sitting unmonitored with unknown open links until someone exploits them.

Robust visibility is non-negotiable

Security-first IT teams understand, perhaps better than most, that SaaS file security is the first foundational step in SaaS operations.

Without it, organizations cannot accurately assess risks and implement controls, essentially living with an unknown and creeping risk. That’s why at 21% visibility, file sharing governance, and consistent app configurations is the top security priority.

Visibility provides file sharing security insights like: 

• Excessive external sharing: A complete view helps identify files that have been shared too widely with external collaborators or, in some cases, kept public via an open link.
• Overly permissive access: Granular visibility into file permissions ensures files are only accessed by those who need them. This prevents accidental data leaks by negligent, but well-meaning employees.
• Inactive data shares: Visibility is the first step in revoking access for former employees or contractors who shouldn’t have access to shared files, closing a common security gap.

Once you know where all your data files and folders are located and who owns them, the next important steps to securing your SaaS stack are improving file sharing settings, file sharing governance, and app configuration consistency.

Security-first IT invests in security technologies and processes

According to our file sharing security insights, Security-first IT teams grow their IT budgets and invest in more technology in the IT stack. In fact, 47% say their budgets are growing, which compares to around 30% of the remaining IT teams.

Security-first teams use more tools to secure the SaaS environment

Consider the following insights about the tools to secure files and sharing:

• 85% use Single Sign-On software to protect identities
• 82% use an endpoint protection tool to secure computers, tablets, and phones
• 53% use a SaaS management platform to secure SaaS files, folders, and data

This powerful combination of software tools is now the standard for providing security in depth for the perimeterless SaaS-powered workplace.

Security-first IT also allows external file sharing, but they use software to monitor it

Contrary to what you might expect from our file sharing security insights, Security-first IT teams allow external file sharing more than other organizations. 

In fact, 89% of security-forward IT teams give the green light to sharing with external collaborators, like consultants, partners, and customers. However, the majority of them at 70%, automate file sharing monitoring with software, which is about twice as many as the rest of the companies surveyed.

However, not just any SaaS management platform can provide a high-level of data loss protection to maintain a high SaaS security posture. Organizations need to use a SMP with functionality like BetterCloud File Governance to help IT to:

• Add security policies
• Run content scans to find files with sensitive data
• Get automated alerts for improper sharing
• Run compliance checks
• Enforce policies with automated file permission cleanup cycles
• Get alerts when excessive admin permission thresholds are exceeded
• Continuous visibility and SaaS environment monitoring for maximum security

Secure your file sharing with BetterCloud File Governance

File sharing security posture is now a recognized and critical aspect of organizational cybersecurity. Achieving that strong file security posture requires holistic management with:

• Clear security policies
• SaaS management platforms with data loss prevention capabilities
• Audit trails
• Advanced automated monitoring
• End-user training  

As a 2025 Gartner® Magic Quadrant™ Leader and consistent G2 Grid® Leader, BetterCloud is dedicated to discovering, managing, securing, and automating the SaaS user lifecycle – of all apps, vendors, users, files, contracts, spend, and budgets. Our deep industry knowledge, and the trust of our customers helps us to continually innovate to meet the changing demands of organizations like yours.

Overall, these file sharing security insights validate our vision that unified SaaS lifecycle management must include strong file governance and security capabilities. However, until every IT team is security-first with BetterCloud File Governance, there’s much more to be done.

Ready to learn more about file sharing security insights from Security-first IT teams? Download the report here, join our next live demo or schedule a demo now.