According to the results of a recent survey of 153 senior IT, information security and line of business professionals at mid-sized and large enterprises in North America, fully 84 percent of respondents have moderate to no confidence in their companies' security controls and auditing capacity to secure files.
The survey, conducted by Enterprise Management Associates and sponsored by FinalCode, also found that more than 80 percent of respondents acknowledged having experienced file data leakage incidents, and 50 percent have experienced such incidents on a frequent basis.
"Unfortunately, the protection of sensitive, confidential, and regulated data within files being shared both internally and externally remins a significant source of exposure within many organizations," the EMA report states. "This lack of capability for controlling unstructured data as it moves through its lifecycle will not only yield more data privacy breaches, but will impact the adoption of advanced enterprise and cloud content management systems."
Twenty percent of respondents said files inappropriately shared with others inside the company served as the most likely cause of data leakage, followed by files inappropriately shared with others outside the company (11 percent), lost files (10 percent), and files stolen by hackers (10 percent).
"With all of the media attention around stolen records, for internally shared records to be at the top of people's minds means this is likely a widespread issue," the report states.
In order to manage file security risks, 86 percent of respondents said they're planning to invest in new technology, and 84 percent are conducting security awareness training for employees.
When asked to identify their top five concerns regarding the use of file encryption, 86 percent listed key management as a leading concern, 85 percent listed encryption strength, 83 percent expressed concern about the impact on data recipients, 81 percent listed the impact on operational workflows, and 81 percent expressed concern about interoperability with existing applications and infrastructure.
"As data leakage incidents, information theft, and public breach notifications increase, the importance of file and shared data protection will continue to increase," the report states.