Survey reveals frequency of information security breaches

Respondents point to unsecured network file folders as the biggest vulnerability point leading to unauthorised disclosure of confidential information.

  • 7 years ago Posted in
M-Files Corporation, a provider of solutions that dramatically improve how businesses manage documents and other information, has published the findings from a joint survey conducted with The Association for Information and Image Management (AIIM) that highlight the prevalence of information security breaches at most organisations.
The survey revealed that 38 per cent of organisations have experienced one or more information security breaches within the past year. In addition, nearly one-third (31 per cent) of respondents feel their organisation does an inadequate job of protecting confidential and sensitive information. Coincidentally, 36 per cent noted that either their organisation does not have a formally documented policy about how company information is stored, managed and shared - or that they didn't know if such a policy existed.
The survey also indicates that many companies are taking proactive steps to address these information security breach issues. Nearly six out of ten (59 per cent) of respondents stated that their organisation has implemented new information security solutions, systems and/or protocols within the past year.
The prevalence of information security breaches can be seen as a direct result of having an ineffective information management strategy," said Greg Milliken, vice president of marketing at M-Files Corporation. "It's clear that businesses need better information management solutions to deliver the document control and security features required to protect confidential information, while still making it quick and easy for users to find the information they need."
“Businesses of all sizes must take information security seriously, looking at the whole organisation – people, process, governance, and technology - in order to better address their security and access control requirements,” says Bob Larrivee, Vice President and Chief Analyst of AIIM Market Research. “It is also important that the user community know and understand the importance of security, governance policies, and the role technology plays. Additionally, the technology must align with the security requirements of the organisation, while at the same time providing an effective and intuitive way for users to access their information quickly and efficiently." 
Based on an online survey of AIIM members located in the US, Canada, EMEA and other parts of the world, the new study also yielded the following findings:
  • While unsecured network file folders are where most respondents felt their company is most vulnerable to internal information security breaches, paper files (46 per cent) and data exposed by personal file sharing apps (44 per cent) were also noted as weak points.
  • When asked about proactive steps their organisation has taken to mitigate potential information security breaches:
    • 62 per cent said their company has created and communicated formal information governance policies to their employees.
    • 59 per cent have changed security and access rights to sensitive information.
    • 47 per cent have procured technology such as an EIM, ECM or document management system.
  • For organisations that have a formally documented policy in place for how company information is stored, managed and shared:
    • 76 per cent said their company requires employees to read information management standard operating procedures (SOPs) to ensure they're aware of the policy.
    • 71 per cent stated that their company uses an enterprise content management (ECM), EIM or document management system.
    • 65 per cent conduct formal training on management policies and procedures.
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...