Just about every organization has someone who indulges in the following illicit behavior. Because the e-mail system is not capable of supporting large file attachments, certain individuals will find a way to get those files where they need to be by any means necessary.
The most common way is to either use a public file-transfer service such as YouSendIt.com, or to take an entire USB drive or some other storage mechanism and drop it into an overnight mail service such as Federal Express.
Obviously, from a security and compliance perspective, neither of these solutions to the problem is all that satisfactory. What makes this situation even more troubling is that if somebody just took the time to set one up, there are plenty of options for setting up an internal FTP capability and, between organizations, access any one of a dozen secure file-transfer services.
One of these secure FTP services, Axway, even went so far as to integrate a data loss prevention (DLP) capability into a service that can handle files as large as 50GB.
Of course, the next generation of your e-mail system can handle much larger files. But nobody really wants to fund an e-mail system upgrade, along with all the new servers and network hardware required, just so they can send larger file attachments.
But that all said and done, it's only a matter of time before something valuable gets lost in transit. So just maybe the time has finally come to look into secure FTP services before some very serious people from the internal security department come around asking some very unpleasant questions.