6 Ways Employees Are Putting Your Company's Data at Risk
With the growth of mobile devices, the ways we connect to the Internet at work has grown significantly. With that flexibility come security risks associated with intellectual property and company data.
Wed, August 07, 2013
CIO — IT walks a fine line between balancing security issues and giving people the tools they need to get the job done. Every day companies move sensitive data around and IT is in charge of securing that data, but what about the little things that tend to fall through the cracks?
According to data from several recent surveys there are a number of things your employees could be inadvertently doing that puts your company's sensitive data and information at risk.
A survey done recently by IPSwitch, an FTP software organization, includes some of the reasons employees are putting sensitive data into places where IT has no control over what happens to it:
- To circumvent file-size limits prescribed for work email
- Third-party mail is faster and has fewer restrictions than corporate email tools
- For use in their next place of employment
- They find it difficult to connect to work email when outside of the office
- IT doesn't monitor what they're sending via personal email
Sanjib Sahoo, CTO at tradeMONSTER says he thinks about security and customer privacy a lot. Working in the online brokerage portion of the financial industry, data is his company's life's-blood and as CTO he puts extra emphasis on the security of his data.
"We have to put measures in place to protect against the loss, misuse and alteration of the information of customer data and any other data which we control. At the same time, we put a lot of importance on our intellectual property, considering that we have numerous patents , granted and pending, for our technology and platform," says Sahoo.
This means new employees who might not be fully aware of risks and data policies need training in regards to the balanced culture of concern, awareness and trust. "We implement a strict security policy and access control policy when employees join [the company]," says Sahoo.
A recent survey done by Harris Interactive on behalf of Fiberlink highlights many of the challenges that today's IT departments are facing. In the survey, 2,064 U.S. adults were asked about their mobile behavior. Many of the behaviors below are done in a benign way in an effort to get the job done but they still could potentially expose sensitive corporate data.
Using Cloud Storage Services: More than 50 percent of people who responded to the Fiberlink survey reported uploading sensitive data to cloud services like Dropbox and iCloud. "Consumer file-sharing and synchronization services such as Dropbox are appealing to business users because they are accessible and convenient. However, it's those same attributes that make them a security concern for CIOs and IT professionals," says David Lingenfelter, the information security officer at Fiberlink.
Opening documents in third-party apps: Millennials are twice as likely to use their own phones and tablets for work and while working on the go is great, opening sensitive data in mobile apps such as QuickOffice, Dropbox or Evernote isn't great for your corporate data security.