Unsecure network file folders are 'biggest vulnerability'
In the past year, 38 percent of organisations have experienced one or more information security breaches.
That's according to joint research by M-Files Corporation and The Association for Information and Image Management (AIIM) which teamed up to conduct research that reveals the frequency of information security breaches.
The survey gathered responses from AIIM members in the US, Canada, EMEA and other parts of the world.
Nearly one-third (31 percent) of respondents felt their organisation does not do a good job of protecting confidential and sensitive information. Coincidentally, 36 percent stated that either their organisation doesn't have a formally documented policy about how company information is stored, managed and shared or they didn't know if a policy such as this existed.
Nearly six out of 10 (59 percent) respondents said that their organisation has implemented new information security solutions, systems and/or protocols within the past year.
While unsecured network file folders are where most respondents felt their organisation is most vulnerable to internal information security breaches, paper files (46 percent) and data exposed by personal file sharing apps (44 percent) were also stated to be weak points.
Nearly two-thirds (62 percent) said their company has created and communicated formal information governance policies to their employees in efforts to mitigate potential information security breaches. Meanwhile, 59 percent have changed security and access rights to sensitive information and 47 percent have acquired technology such as an EIM, ECM or document management system.
Over three-quarters (76 percent) of organisations that have a formally documented policy in place for how company information is stored, managed and shared said their company requires employees to read information management standard operating procedures (SOPs) to ensure they're aware of the policy. Furthermore, 71 percent said that their company uses an ECM, EIM or document management system and 65 percent conduct formal training on management policies and procedures.
AIIM and M-Files are publishing the survey results in a series of articles, starting with Information Security: Checking the Locks.
“Businesses of all sizes must take information security seriously, looking at the whole organisation – people, process, governance, and technology – in order to better address their security and access control requirements,” said Bob Larrivee, VP and chief analyst at AIIM Market Research.
“It is also important that the user community know and understand the importance of security, governance policies, and the role technology plays. Additionally, the technology must align with the security requirements of the organisation, while at the same time providing an effective and intuitive way for users to access their information quickly and efficiently,” he said.