More

    Security and Compliance: Violations and Lack of Confidence Are Widespread

    DataMotion, an innovator in cloud-based data delivery services, recently released research showing that despite having corporate security and compliance policies and solutions in place, there is a widespread lack of confidence among respondents in their effectiveness. According to survey findings, 84 percent of respondents believe employees/co-workers violate security and compliance policies for transferring files electronically and only 45.5 percent feel these policies are fully understood. Adding to respondents’ compliance woes, nearly one in three admit their company knowingly takes risks because they don’t have the resources to be totally compliant. Considering these results, it’s no surprise that only 37.5 percent of respondents state they are very confident that their organization would pass a compliance audit if selected.

    Conducted by DataMotion, the survey polled more than 200 IT and business decision-makers across the U.S. and Canada to gain insight into corporate email and file transfer (FTP) habits. The survey particularly focused on those in industries that routinely deal with sensitive data and compliance regulations, such as financial services, healthcare and government.

    Security and Compliance: Violations and Lack of Confidence Are Widespread - slide 1

    Click through for results from a survey on corporate email and FTP security and compliance habits, conducted by DataMotion.

    Security and Compliance: Violations and Lack of Confidence Are Widespread - slide 2

    Though 80 percent said their company has security and compliance policies for transferring files electronically, respondents feel they are not clearly understood or followed.

    • Of this group, only 45.5 percent feel that employees/co-workers fully understand these policies.
    • 84 percent believe employees/co-workers routinely or occasionally violate security and compliance policies.

    Security and Compliance: Violations and Lack of Confidence Are Widespread - slide 3

    Consumer-based applications for sharing files often have weak security and IT administrative controls, leading to potential data leakage and serious risks with sensitive information if used in the workplace. Despite this:

    • 34.2 percent of respondents have used, or recommended that others use, free consumer-type file transfer services such as YouSendIt, Dropbox, iCloud, etc. for work purposes.
    • 43.4 percent stated their company does not forbid the use of free consumer-type file transfer services.
    • 52 percent said their company does not block the URLs to free consumer-type file transfer services.

    Security and Compliance: Violations and Lack of Confidence Are Widespread - slide 4

    The ability to send sensitive information securely and compliantly via email is vital. Yet, despite growth in usage, survey data shows many companies are still lacking basic tools for secure data delivery.

    • 34.5 percent of respondents do not have the ability to encrypt email.
    • 28.9 percent said their company does not monitor the content of outbound email and file attachments for compliance purposes.
    • 42.5 percent are only “somewhat” confident in the technology their company uses for filtering outbound email and file attachments for compliance purposes, and an additional 3.8 percent are not confident at all.
    • 54 percent do not have a single tool for securely encrypting sensitive email and transferring files.

    Security and Compliance: Violations and Lack of Confidence Are Widespread - slide 5

    Failing to pass a compliance audit can result in costly fines and damaged reputations. Even so, the survey shows companies are taking risks, either because they lack the resources to fully comply or don’t feel it’s likely their organization will be audited.

    • When asked to describe their company’s approach to compliance, 31.5 percent said they take risks because they don’t have the resources to be totally compliant.
    • 38.6 percent of respondents feel it is not likely their company will be selected for a compliance audit in the next 12 months, with 37.5 percent saying it is only “somewhat” likely.
    • Only 37.5 percent of respondents are very confident their company would pass a compliance audit.

    Security and Compliance: Violations and Lack of Confidence Are Widespread - slide 6

    “Data breaches are more prevalent than ever and regulatory agencies are handing out millions of dollars in fines for privacy and security violations, yet this survey shows companies are still cutting corners,” said DataMotion’s chief technology officer, Bob Janacek. “Some companies mistakenly believe suffering a data breach would be less expensive than the cost of being compliant. What they fail to consider is the price they’ll pay goes far beyond compliance fines. In addition to investigation, legal fees and costs associated with new prevention efforts, there’s always severe backlash from a tarnished reputation. The fact is, cost-effective, easy-to-deploy, user-friendly secure data delivery solutions are available that can go a long way in eliminating security risks and ensuring compliance.”

    Latest Articles