Companies not doing enough to protect high-value documents

There is a widespread and growing need to improve security practices surrounding confidential documents in most organizations today, according to a new study by the Business Performance Innovation (BPI) Network. In a global survey of managers and information workers, six out of every ten respondents said they or someone they know have accidentally sent out a document they shouldn’t have.

The Getting Control of Document Flow: Exploring Exposure and Risk In Document-Related Data Breaches Report revealed that 89% of respondents believe document security risks are growing in their organization due to increased connectivity and the proliferation of mobile devices. The accidental sharing of confidential documents with a wrong party is by far their biggest concern.

Among key findings:

  • 95% of respondents express concerns about the security of documents in their organization.
  • 75% say their organizations create confidential documents on at least a weekly basis.
  • Less than one-third said their company has security solutions that are being effectively used in protecting document security.
  • Some 43% report that their company does not have widely understood policies for document security of which they are aware.
  • Only 16% say their organization is ‘very effective’ in stopping the loss or accidental distribution of confidential digital documents.

Most companies are clearly not doing enough when it comes to protecting the security of high-value information contained in documents,” said Dave Murray, head of thought leadership for the BPI Network. “Our study indicates that a wide range of information that could compromise businesses is vulnerable to inadvertent leaks, as well as intentional theft. Organizations need to do more to set explicit document security policies and educate employees on available tools and best practices in securing the confidential information they handle.

Accidentally sending a confidential document to the wrong party was by far the biggest area of perceived risk, identified by 61% of respondents. Other top concerns were cyber breaches of critical documents (37%), intentional leaks by employees (33%), and sensitive documents shared without permission by outside partners (31%).

Confidential documents are created in a wide range of departments within an enterprise, resulting in numerous types of high-value, at-risk information, according to the report. Survey participants ranked their concern for a wide variety of confidential, at-risk information. Top concerns in ranked order included:

  • Financial data
  • Employee records
  • Legal documents
  • Business contracts and agreements
  • Trade secrets and intellectual property
  • Business, marketing and sales plans

The survey also asked people to identify the most likely consequences of breaches related to confidential documents. The top five were:

  • Reputational compromises
  • Customer, employee or partner lawsuits
  • Job loss or reprimand
  • Lost time seeking to fix the problem
  • Competitive risks

Leave a Reply