Interviews

Employees and email policies

by Mark Rowe

In the US, writes Olivier Thierry, pictured, of email security product company Zimbra, we are willing to trade our privacy and security in exchange for convenience. Think about the last time you stored your password on a website, kept a credit card on file with a service provider or hosted your email free in the cloud. All of these actions raise security concerns, but many of us accept those risks as the price of convenience. The dramatic increase in applications is only exacerbating the problem of increased avenues for sharing – and potentially exposing – personally identifiable information (PII).

You would think business attitudes toward data privacy and security would be different from our own views as consumers. Unfortunately, according to a recent Ponemon Institute report, that doesn’t appear to be the case. In the U.S., there are as many organizations failing to enforce security and data privacy policies as there are organizations succeeding in doing so.

Does this mean employees aren’t adhering to policies or aren’t being audited? Again, the data paints a grim picture. In the same Ponemon report, researchers found that almost 75 percent of employees frequently or often use unauthorized messaging and collaboration applications. This is compounded by the 80 percent of employees who frequently or often send and receive files not intended for them, or the 89 percent of employees who never or rarely follow confidential document policies.

However, there is good news for teams trying to tackle shadow IT, monitor cloud activity or simply manage corporate email. Luckily, for the three-fourths of US IT professionals wanting flexible deployment options, private clouds, hybrid deployment models and hosted offerings are becoming more prevalent. Looking forward, these solutions will provide the flexible deployment options and granular controls over corporate data that IT needs to regain control and provide the user experience we all have grown accustomed to on mobile device.

As organizations enter refresh cycles, new capabilities such as tightly integrated file sharing — especially fine-grained access control and permissioning of file attachments and sharing, as well as private attachments — will help businesses control where and to whom their data is sent. In the Ponemon Institute report sponsored by Zimbra, 70 percent of US respondents found both of these capabilities important or very important in a messaging and collaboration solution.

For the 50-plus percent of unhappy respondents looking to replace their current messaging and collaboration solution in the next two years, the cloud-based options are growing in maturity. And don’t forget the reason employees are using unauthorized applications is for the user experience; be sure any solution you implement puts the user experience first. However, to ensure your messaging and collaboration solution isn’t increasing your risk profile, you need easy to manage file sharing controls and clear visibility into the location of your data. Look to modern systems designed for the cloud-enabled, mobile age that put your IT team back in control and put your users first. After all, it is your email and your data; it should be under your control.

Source: Ponemon Institute, Zimbra. “The Open Source Collaboration Study: Viewpoints on Security and Privacy in the US and EMEA.” 2014.

Related News

  • Interviews

    Hacking your way to cyber

    by Mark Rowe

    Rapidly-evolving cyber security threats imperil all organisations and demand the full attention of their boards. And it’s no surprise why; the Ponemon…

  • Interviews

    True confessions

    by Mark Rowe

    Might a ‘relationship-based’ style may be effective in eliciting true confessions? Cambridge University research by Taeko Wachi has suggested that an interviewing…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing