Poor file sharing practices by employees put corporate data at risk


Enterprises are at serious risk of data loss and compliance violations because of risky file sharing practices, finds a study by the Ponemon Institute and Intralinks, a cloud-based content management and collaboration solutions provider.

Employees "routinely" violate IT policies about file sharing and place corporate data at risk, finds the survey of more than 1,000 IT security pros in the U.S., U.K. and Germany.

Close to half of respondents believe that their company lacks visibility into employees' use of file sharing/file sync-and-share applications. More than half do not think their firms have the ability to manage and control user access to sensitive documents and how those documents are shared.

While a majority of respondents said that their firms have policies in place governing file sharing, these policies are not being communicated to employees effectively.

In addition, 61 percent of the IT security pros surveyed admit that they have "often or frequently" done the following: accidentally forwarded files or documents to individuals not authorized to see them, used their personal file-sharing/file sync-and-share apps in the workplace, shared files through unencrypted email, or failed to delete confidential documents or files as required by policies.

"While most companies take steps to protect themselves from hacking and other malicious activities, this report shows that these same organizations are entirely unprepared to guard against risky and ungoverned file sharing using consumer-grade applications like Dropbox," says Larry Ponemon, chairman of the Ponemon Institute.

"The findings in this report are shocking, and identify the holes in document and file level security, in large part caused by their expanded use beyond the corporate firewall. The goal of senior leadership should be to provide appropriate, secure solutions and enforce policies to reduce the risk created by employees' behaving badly," Ponemon adds.

For more:
- check out the Intralinks release
- read the full study (reg. req.)

Related Articles:
Once an enterprise pariah, Dropbox now courts business customers
Cloud app security exceptions have become the rule, says report
Spotlight: Dropbox beefs up security of its business file storage product