Employee file sharing practices put corporate data at risk, study finds

Share this article:

Dangerous file sharing practices put sensitive corporate data at risk – that is the focus of the latest report from Globalscape, a software company that surveyed more than 500 corporate employees.

Some of the bigger findings in the study revealed that 63 percent of employees use remote storage devices to transfer confidential work files, 45 percent of employees use consumer sites such as DropBox, and 30 percent of employees use cloud storage services.

“The most interesting finding is the sheer amount of employees that are regularly bypassing their internal solutions for consumer tools,” James Bindseil, CEO with Globalscape, told SCMagazine in an email correspondence. “Most organizations have infrastructure in places that enable employees to securely transfer information.”

Another finding is that more than 60 percent of employees use personal email addresses to transfer work data, a problem that is compounded by the fact that more than 50 percent of staffers admitted to using the same password across multiple accounts.

“When employees are careless with sensitive data, the risk for a security breach increases,” Bindseil said. “It's also a major compliance issue. When employees send sensitive information through personal email, or load data to a personal device, IT loses control and visibility, the audit trail disappears, and it becomes almost impossible for an organization to prove compliance.”

A lack of training, communication and enforcement of IT policies could be leading to risky employee behaviors, according to the study, which revealed that only 47 percent of employees surveyed are aware of a company policy for sending sensitive files. Meanwhile, 30 percent of staffers said their companies do not have policies and 22 percent said they are unsure.

“Employees need to understand that the tools they use to send files and data in their personal lives aren't acceptable in the workplace,” Bindseil said. “If enterprises want to have any hope of managing and securing the sensitive data leaving their organizations, they also need to provide solutions that easily integrate into the daily routines of their employees.”

Bindseil recommended sending and receiving all sensitive files and data through a secure and managed file transfer solution, which will give the IT department visibility into who is accessing the information and how it is being accessed.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ShellShock vulnerability exploited in SMTP servers

Researchers at Trend Micro found that attackers were targeting Simple Mail Transfer Protocol (SMTP) servers to execute malicious code and an IRC bot.

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.