Data risk management practices failing to keep up with the evolution of information sharing
- Published: Tuesday, 16 March 2021 10:18
Veritas Technologies has published the results from new research, The Veritas Hidden Threat of Business Collaboration Report. This polled 12,500 office workers across ten countries and shows that employees are exposing companies to risk by taking data out of the control of businesses that employ them.
The report highlights the dangers of mis-using instant messaging (IM) and business collaboration tools. 71 percent of office workers globally – including 68 percent in the US – admitted to sharing sensitive and business-critical company data using these tools.
In the US, 58 percent of employees admitted saving their own copies of business information shared over IM, while 51 percent delete that information entirely. Either approach could leave companies open to significant fines if regulators ask to see a paper trail.
Sensitive data being shared by employees on IM channels in the US includes client information (13 percent), details on HR issues (10 percent), contracts (10 percent), business plans (10 percent), and even COVID-19 test results (12 percent). Less than one-third of employees suggested they hadn’t shared anything that could be compromising. The research also reveals that, while employees are using collaboration tools to close deals, process orders and agree to pay raises, many believe there will be no formal record of the discussion or agreement. In fact, only 56 percent in the US believe employers are saving this information.
The research shows this challenge is compounded by the amount of time employees spend using messaging and collaboration apps: time spent on tools such as Zoom and Teams has increased by 13 percent in the US since the start of the pandemic. This means employees are spending, on average, two and a half hours every day on these applications, with 27 percent of US employees spending more than half the working week on these tools.
A significant amount of business is now routinely conducted on these channels and employees are taking agreements as binding. For example, as a result of receiving information over messaging and collaboration tools, almost 24 percent of US employees have accepted and processed an order, 25 percent have accepted a reference for a job candidate, and 20 percent have accepted a signed version of a contract.
Sensitive data is being shared on these tools even though 39 percent of US employees have been reprimanded by bosses. These admonishments may have been in vain, however, as 75 percent of all US workers say they would continue to share this type of information in the future.
The research also uncovered some interesting patterns that emerge from country-to-country comparisons:
- 34 percent of workers globally would accept an order over an instant messaging app and start processing it. But regional differences exist – 49 percent in China would action the sale, but only 29 percent in the US would do the same.
- While 58 percent of employees in the US are saving their own copies of information shared over instant messaging apps, 75 percent of office workers in China and 44 percent of UK workers are doing so.
- Willingness to use business applications for personal purposes varied considerably. 47 percent of US employees have used corporate applications for personal conversations compared to 57 percent of employees in China and South Korea and just 32 percent in the UK.
- Some employers are clearer in enforcing their policies than others. An average of 30 percent of respondents worldwide have been reprimanded by their employer for IM use, but that number increases to 39 percent in the US and goes down to 21 percent in Brazil.
Veritas recommends the following steps for businesses to regain control of data being shared over collaboration and messaging tools:
- Standardize on a set of collaboration and messaging tools meeting the needs of the business – this will limit the sprawl.
- Create a policy for information sharing – this will help control sharing of sensitive information.
- Train all employees on the policies and tools being deployed – this will help to reduce accidental policy breaches.
- Incorporate data sets from collaboration and messaging tools into the businesses’ data management strategy using eDiscovery and SaaS data backup solutions – this will empower users to maximize the tools without putting the business at risk.
The research was conducted and statistics compiled for Veritas Technologies LLC by 3Gem. A total of 12,500 office workers who used communications channels as part of their job were interviewed between 23rd November – 8th December 2020 in Australia, Brazil, China, France, Germany, Singapore, South Korea, UAE, United Kingdom and the United States.