24 November 2014

Organisations are at serious risk of data loss and compliance violations due to risky file sharing practices, according to new research from the Ponemon Institute and SaaS specialist Intralinks.

Ponemon Institute chairman Larry Ponemon says firms are ill-prepared to protect themselves against their staff using consumer-grade file sharing apps.

In a study entitled Breaking Bad: The Risk of Unsecure File Sharing, the researchers found that employees routinely breach IT policies and place corporate data in jeopardy. It said that managers are failing to respond to the escalating risk of ungoverned file sharing practices among their staff.

Among the more than 1,000 IT security professionals in the UK, US and Germany surveyed, 49 per cent said their company lacks clear visibility into employee use of

file sharing/file sync applications. While the majority of organisations have policies governing the use of file sharing, respondents said these policies are not being effectively communicated to employees.

Around 61 per cent of employees confessed to having done one or more of the following: often or frequently accidentally forwarded files to individuals not authorised to see them; used personal file-sharing/file sync-and-share apps in the workplace; shared files through unencrypted email; or failed to delete confidential documents or files as required by policies.

“Data leakage and loss from negligent file sharing is now just as significant a risk as data theft,” says Ponemon Institute chairman Larry Ponemon. “While most companies take steps to protect themselves from hacking and other malicious activities, this report shows that these same organisations are entirely unprepared to guard against risky and ungoverned file sharing using consumer- grade applications like Dropbox.”