Securing document flow: Exploring exposure and risk
There is a widespread and growing need to improve security practices surrounding confidential documents in most organizations today, according to a new study by the BPI Network. In a global survey of managers and information workers, 6 out of every 10 respondents said they or someone they know have accidently sent out a document they shouldn’t have.
Some 89 percent of survey takers believe document security risks are growing in their organization due to increased connectivity and the proliferation of mobile devices. The accidental sharing of confidential documents with a wrong party is by far their biggest concern.
- 95 percent of respondents express concerns about the security of documents in their organization
- 75 percent say their organizations create confidential documents on at least a weekly basis
- Less than one-third said their company has security solutions that are being effectively used in protecting document security
- Some 43 percent report that their company does not have widely understood policies for document security of which they are aware.
- Only 16 percent say their organization is “very effective” in stopping the loss or accidental distribution of confidential digital documents.
“Most companies are clearly not doing enough when it comes to protecting the security of high-value information contained in documents,” said Dave Murray, head of thought leadership for the BPI Network. “Our study indicates that a wide range of information that could compromise businesses is vulnerable to inadvertent leaks, as well as intentional theft. Organizations need to do more to set explicit document security policies and educate employees on available tools and best practices in securing the confidential information they handle.”
Accidently sending a confidential document to the wrong party was by far the biggest area of perceived risk, identified by 61 percent of respondents. Other top concerns were cyber breaches of critical documents (37 percent), intentional leaks by employees (33 percent), and sensitive documents shared without permission by outside partners (31 percent).
Information at risk
Confidential documents are created in a wide range of departments within an enterprise, resulting in numerous types of high-value, at-risk information, according to the report. Survey participants ranked their concern for a wide variety of confidential, at-risk information.
Top concerns in ranked order included:
- Financial data
- Employee records
- Legal documents
- Business contracts and agreements
- Trade secrets and intellectual property
- Business, marketing and sales plans.
The survey also asked people to identify the most likely consequences of breaches related to confidential documents. The top five were:
- Reputational compromises
- Customer, employee or partner lawsuits
- Job loss or reprimand
- Lost time seeking to fix the problem
- Competitive risks.