Employee file sharing practices put corporate data at risk, study finds

Share this article:

Dangerous file sharing practices put sensitive corporate data at risk – that is the focus of the latest report from Globalscape, a software company that surveyed more than 500 corporate employees.

Some of the bigger findings in the study revealed that 63 percent of employees use remote storage devices to transfer confidential work files, 45 percent of employees use consumer sites such as DropBox, and 30 percent of employees use cloud storage services.

“The most interesting finding is the sheer amount of employees that are regularly bypassing their internal solutions for consumer tools,” James Bindseil, CEO with Globalscape, told SCMagazine in an email correspondence. “Most organizations have infrastructure in places that enable employees to securely transfer information.”

Another finding is that more than 60 percent of employees use personal email addresses to transfer work data, a problem that is compounded by the fact that more than 50 percent of staffers admitted to using the same password across multiple accounts.

“When employees are careless with sensitive data, the risk for a security breach increases,” Bindseil said. “It's also a major compliance issue. When employees send sensitive information through personal email, or load data to a personal device, IT loses control and visibility, the audit trail disappears, and it becomes almost impossible for an organization to prove compliance.”

A lack of training, communication and enforcement of IT policies could be leading to risky employee behaviors, according to the study, which revealed that only 47 percent of employees surveyed are aware of a company policy for sending sensitive files. Meanwhile, 30 percent of staffers said their companies do not have policies and 22 percent said they are unsure.

“Employees need to understand that the tools they use to send files and data in their personal lives aren't acceptable in the workplace,” Bindseil said. “If enterprises want to have any hope of managing and securing the sensitive data leaving their organizations, they also need to provide solutions that easily integrate into the daily routines of their employees.”

Bindseil recommended sending and receiving all sensitive files and data through a secure and managed file transfer solution, which will give the IT department visibility into who is accessing the information and how it is being accessed.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

WikiLeaks makes FinFisher surveillance software available to public

Copies of controversial surveillance software, called "FinFisher," were made available for public scrutiny by WikiLeaks.

Researcher challenges reports that BlackPOS variant struck Home Depot

Nuix believes the malware found on Home Depot's systems belongs to a different threat family.

Documents reveal NSA plans to map every internet connected device in the ...

Documents provided by Edward Snowden reveal that the NSA is looking to build a near real-time map of every single internet-connected device in the world.