- Security TWENTY
- Women in Security
New research suggests the challenges managers face in attempting to reduce exposure to the risk of serious data privacy breaches. The online survey of UK office workers, conducted independently by YouGov as the EU revealed its new framework for data protection, has highlighted patterns of behaviour that have developed in the workplace and are placing business at high risk of fines and reputational damage.
The online research reveals frequent risk of inadvertent data loss; 46 per cent of respondents have received an email that was not intended for them, 35pc know they have mis-sent work emails. The way in which recipients handle messages they receive in error varies, but with 66pc of office workers who have received a work email that was not intended for them saying they would read the email as part of their response, the risk of further disclosure is high especially as only 55pc would directly notify the sender.
Some 17pc of respondents say that they have sent an email containing sensitive information without additional security measures such as password protection or encryption in place. These people are aware of the sensitive nature of the data but do not use appropriate tools to protect it. This may be less of a surprise considering only 41pc of respondents say they have had training in both data and privacy protection.
Managers working to educate their teams and impose control on sensitive data are fighting against a changing communication landscape; 28pc of workers have sent work data via a personal email account either because of restrictions on sending large files or the unavailability of work email systems. These actions are potentially risky as only the most advanced security and message archiving systems can monitor, control and record these transfers. Coupled with the fact that 11pc share information by file transfer services, 10pc over IM and 7pc on collaboration tools, the challenge for managers of developing comprehensive data privacy policies and deploying the right technology to enforce them becomes clear.
Businesses have a major challenge ahead in both making employees aware of privacy and data protection as the rules are tightened; 76pc of respondents are not aware that privacy and data protection laws are about to change in the UK as a result of EU regulations changing, so the education and policy enforcement responsibilities for businesses are set to rise.
Paul Hennin, Director, EMEA Marketing, says: “Organisations today face a complex and evolving set of data protection and privacy considerations. Managers need to ensure that compliant collaboration is possible. Workers should be enabled to work flexibly, for example by supporting consumer devices like iPads on corporate networks and opening multiple channels of communication including email, collaboration tools and social media. At the same time they need to actively and automatically protect workers from human error, prevent malicious acts and ensure compliance with the evolving regulatory landscape.” More information is available at Proofpoint’s website.
About the survey
All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 2069 adults, of which 858 ever work in an office. Fieldwork was undertaken between January 20 to 23, 2012. The survey was carried out online. The figures have been weighted and are representative of all UK adults (aged 18-plus).