News Feed Item

New Study Reveals Employer Efforts to Secure Data Thwarted by Email

Despite investments in secure tools, employees confess they still don't always handle sensitive data properly

SAN FRANCISCO, Calif. RSA Conference; Biscom Booth #4334, April 17, 2018 /PRNewswire-PRWeb/ -- A new survey commissioned by Biscom, a leading provider of enterprise secure document delivery and fax solutions, reveals that despite companies' investments in data security tools, employees' continued use of email to send information continues to be a major source of data loss.

The survey polled more than 600 U.S. employees whose companies have data security policies and tools in place, and need to share sensitive data. Participants included associate level to C-Suite executives in 20 industries, including healthcare, financial services, and information technology. The survey measured the behaviors and motivations of complying with company data security policies and the use of secure tools to share sensitive data, information, and documents.

Companies are trying
Today, companies are continually battling against gaps in cybersecurity, and implementing tools and processes to build more secure environments. With 98% of respondents stating that their company cares about data security, and 93% reporting that their company proactively invests in keeping data safe, a majority of employees understand that their companies are heavily invested in securing company data.

Specifically, 95% report that their company provides secure information tools, and 85% say their company has policies about sharing, delivering, and stealing data, documents, and information. Additionally, 88% of respondents reported their company trains employees on properly using secure methods of information sharing and delivery.

Employees aren't complying
Respondents consistently reported using insecure methods to transfer data in and out of their companies. Specifically, while 78% of respondents say they understand and agree with their company's security policies, an overwhelming number of respondents reported insecurely sharing information both internally with their colleagues (74%) and with people outside of their organization (60%).

When asked why they didn't use company tools or comply with company policies, respondents agreed complexity was the biggest challenge. In fact, when deciding how to send sensitive documents, 60% said they simply do what's easiest, and 70% admitted to using email.

The study also uncovered interesting generational gaps. While millennials admitted to simply being too lazy to follow company policies (17%) and were three times more likely to default to email, older generations expressed simply not caring. Those over 35 are 26% more likely to use insecure methods when transferring information. They are also 20% more likely than millennials to know they're sending sensitive information insecurely, but choose to do it anyway. And although more than 90% of those over 35 say they understand their company's security rules and think the rules are valid, they are 10% more likely than millennials to ignore them.

The data loss is significant
Alarmingly, the survey found that nearly any and all types of data are at risk of being breached. Of those who reported insecurely sharing data, confidential information and data that is protected by regulations were some of the most widely shared.

Among those who share data via insecure email internally, information includes customer data (62%), strategy documents or presentations (46%), company business or financial data (45%), and regulated data such as medical or financial information (43%).
Among those who share data via insecure email outside of their company, half reported sharing customer data, 49% insecurely share highly regulated data like medical or financial information, with other information including strategy documents or presentations (35%), and intellectual property like source code or patent filings (29%).

"The survey's results uncover some interesting factors that contribute to non-compliance," said Bill Ho, CEO of Biscom. "It would surprise most companies who have made major investments in security that so many people just fall back to the easiest method, namely sending confidential messages and files through email."

The trouble lies in the inbox
Additionally, the data uncovered 35% of employees find using tools that do not integrate well into their existing systems as a challenge. Moreover, email reigned supreme, with nearly 3 in 4 employees reporting insecure email as their method of choice to send sensitive data, information, and documents -- more than twice as likely than any other method, including company secured secure file transfer solutions, and cloud-based sync and share tools. In fact, the preference to use email is so strong, 40% of employees reported knowing email is not secure, but among that group, 50% choose to send sensitive data and information via email anyway.

How companies can improve
The good news is employees are willing to adapt if companies make a few adjustments. The survey revealed that employees would change their behavior if they were being more closely monitored by IT. Reasons included if IT monitored employees' real-time activities (80%), if IT received notifications of suspicious activity (78%), and if IT monitored with whom they shared data.

Understanding employees' behavior and their pain points help curb the chances of data leaks right from the start. While investments in security measures will always be necessary, companies can meet their employees in the middle by implementing tools that are simple to use, easily integrate with existing systems like email, and are capable of tracking for data gathering, and data loss prevention.

Biscom offers secure document delivery solutions through its secure file transfer (SFT), enterprise file synchronization and sharing (EFSS), and secure enterprise fax solutions for highly regulated industries. As the leading provider of secure communications and document delivery solutions, Biscom is proud to work with some of the world's largest organizations. A testament to its dedication to customers, Biscom was recognized as a finalist by SC Magazine for Best Customer Service in 2016, and as a winner for outstanding customer service by the 2018 Stevie Awards.

About Biscom
As the leading provider of secure document transfer solutions for highly regulated industries such as healthcare, government, legal, and financial services, Biscom continues to spearhead data security with its enterprise fax products, secure file transfer solutions, and collaboration tools. Biscom uses its thirty years of experience to help some of the world's largest organizations securely transmit and share information, keeping confidential data protected. Biscom leads the industry in innovation and outstanding customer support. Learn more at https://www.biscom.com.


SOURCE Kickstand Communications, LLC

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
DXWorldEXPO LLC announced today that Dez Blanchfield joined the faculty of CloudEXPO's "10-Year Anniversary Event" which will take place on November 11-13, 2018 in New York City. Dez is a strategic leader in business and digital transformation with 25 years of experience in the IT and telecommunications industries developing strategies and implementing business initiatives. He has a breadth of expertise spanning technologies such as cloud computing, big data and analytics, cognitive computing, m...
22nd International Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, and co-located with the 1st DXWorld Expo will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud ...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
In past @ThingsExpo presentations, Joseph di Paolantonio has explored how various Internet of Things (IoT) and data management and analytics (DMA) solution spaces will come together as sensor analytics ecosystems. This year, in his session at @ThingsExpo, Joseph di Paolantonio from DataArchon, added the numerous Transportation areas, from autonomous vehicles to “Uber for containers.” While IoT data in any one area of Transportation will have a huge impact in that area, combining sensor analytic...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Michael Maximilien, better known as max or Dr. Max, is a computer scientist with IBM. At IBM Research Triangle Park, he was a principal engineer for the worldwide industry point-of-sale standard: JavaPOS. At IBM Research, some highlights include pioneering research on semantic Web services, mashups, and cloud computing, and platform-as-a-service. He joined the IBM Cloud Labs in 2014 and works closely with Pivotal Inc., to help make the Cloud Found the best PaaS.
It is of utmost importance for the future success of WebRTC to ensure that interoperability is operational between web browsers and any WebRTC-compliant client. To be guaranteed as operational and effective, interoperability must be tested extensively by establishing WebRTC data and media connections between different web browsers running on different devices and operating systems. In his session at WebRTC Summit at @ThingsExpo, Dr. Alex Gouaillard, CEO and Founder of CoSMo Software, presented ...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.
In a world where the internet rules all, where 94% of business buyers conduct online research, and where e-commerce sales are poised to fall between $427 billion and $443 billion by the end of this year, we think it's safe to say that your website is a vital part of your business strategy. Whether you're a B2B company, a local business, or an e-commerce site, digital presence is key to maintain in your drive towards success. Digital Performance will take priority in 2018 for the following reason...
One of the biggest challenges with adopting a DevOps mentality is: new applications are easily adapted to cloud-native, microservice-based, or containerized architectures - they can be built for them - but old applications need complex refactoring. On the other hand, these new technologies can require relearning or adapting new, oftentimes more complex, methodologies and tools to be ready for production. In his general session at @DevOpsSummit at 20th Cloud Expo, Chris Brown, Solutions Marketi...
At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
I think DevOps is now a rambunctious teenager - it's starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
In this presentation, you will learn first hand what works and what doesn't while architecting and deploying OpenStack. Some of the topics will include:- best practices for creating repeatable deployments of OpenStack- multi-site considerations- how to customize OpenStack to integrate with your existing systems and security best practices.