Employees will often do take the easiest route to sharing information, even if IT says no
CIOs are facing an uphill battle to keep their corporate data secure because workers will often ignore IT policy in an attempt to be more productive, according to new research.
The survey, carried out by IT management firm Quest Software, found that 65% of European CIOs believe workers share data using the fastest and easiest method. These days that means services like Dropbox and workers are regularly bypassing IT policies to use services like this to share information.
While that may be quick and easy for workers it is a security nightmare for IT and the business as a whole. Serives like Dropbox, while convenient, offer IT no control over what information leaves the organisation.
CIOs said that data from HR, customers and financial information was exposed the most due to ineffective identity and access management. One-third of responses from organisations that have experienced a data breach said they lost customer trust while a similar amount said their reputation had been damaged by the incident.
This is where employees can help by taking more of an active role in protecting sensitive corporate data. But according to Quest's research, many CIOs feel employees fail that task and feel little or no accountability for protecting critical company information.
The majority (69%) said organisations and employees should take greater responsibility for how corporate data is shared, stored and managed.
"We are seeing many organisations grapple with the consequences of ineffective information and access governance policies, including increased security breaches, decreased productivity and rising costs," said Phil Allen, information security expert (EMEA), Quest Software.
"European CIOs estimate that failure to protect customer data can cost £2.2 million in revenue loss and fines; however, the impact on corporate reputation is more damaging. Security systems have not been implemented with tech-savvy employees in mind. People therefore resort to the easiest way of sharing corporate data, and many do so without thinking about the consequences," he added.
The research also revealed that the increasing numbers of high-profile data breaches are having a positive effect. 62% of CIOs said they felt increasing pressure over the last year to protect corporate data because of breaches that have hit the headlines. However this pressure is coming from legal teams (41%) and CEOs (40%) ahead of the regulators themselves (33%).