Four-fifths of firms ‘have seen accidental data breaches’
More than four out of five companies have admitted to being responsible for accidental data breaches, with mistakes in how employees share documents being the biggest cause.
This is according to a new survey conducted by security firm Egress, which revealed 83 per cent of organisations had experienced issues where personally identifiable information (PII) has been put at risk.
The firm noted this is largely due to the huge increase in the amount of information that employees have to deal with, combined with the growing number of ways employees can communicate both internally and externally.
Chief revenue officer and North America general manager at Egress Mark Bower said: “The explosive growth of unstructured data in email, messaging apps and collaboration platforms has made it easier than ever for employees to share data beyond traditional security protections."
He added that when combined with the growing cultural need to share everything immediately, organisations are facing the "perfect storm" for data breaches.
The use of external email services such as Gmail and Yahoo! was found to be the most common source of accidental data breaches, with more than half of organisations (51 per cent) experiencing such an incident.
This was followed by corporate email tools (46 per cent), file-sharing services such as FTP (40 per cent) and cloud-based collaboration tools like Slack or Dropbox (36 per cent).
Egress found that the most common employee errors that lead to breaches include accidentally sending data to the wrong email address, the sharing of emails that include hidden attachments, and forwarding attachments from the company's system to a personal email address.
Mr Bower also noted that in many circumstances, the impact of these types of mistake could be mitigated if appropriate precautions were taken with the data itself, but all too often, such steps are not being taken.
He said: "What really stands out in the survey though, is that despite onerous regulations being enacted, companies are still failing to encrypt data before enabling employees to share it. Encryption is a well-known best practice that can prevent accidents from leading to a major incident resulting in hefty compliance penalties."
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.