Companies put themselves at risk by holding and passing too much sensitive information on their company intranets, a new report suggests.
Four-fifths of respondents to a survey on company intranets said their internal networks contain sensitive personal information. Almost a third said their intranets contain valuable customer records.
"Corporate intranets have grown to be millions of pages distributed globally, often with thousands of employees and contractors accessing the information," said Peter McKay, president and CEO of online risk company Watchfire which conducted the survey. "Due to their size, scope, and the sensitive data they house, intranets often face more quality, risk and compliance challenges than external sites, and organisations are struggling to make them the efficient resource they were originally intended to be."
According to McKay companies are potentially putting themselves at legal risk, thorough the threat of security breaches and current and incoming compliance legislation.
"An internal breach may cause legal liability and can seriously damage a company's brand, in addition to undermining employee productivity, trust and confidence," said McKay.
17 percent of survey respondents indicated their intranet had no password protection.
2005 has been the year of the security breach, particularly within U.S. educational establishments. The most recent event occurred in Sonama University. SC reported the university has notified 61,000 students that their personal information may have been compromised.