Endpoint
5/30/2013
10:46 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Enterprises Sitting On Security Time Bomb As Office Workers Compromise Company Data

More than a third of office workers store company documents on consumer cloud services, while 91 percent store, access, and share via personal devices

30 May, 2013 – San Francisco – Companies are at serious risk of data security breaches as 38% of U.S. office workers admit to storing work documents on personal cloud tools and services. The nationwide survey of 2,000 office workers carried out for Huddle by Ipsos MORI revealed that almost a fifth (16 percent) of people use Dropbox to store work documents, while Google Drive and Apple iCloud came in second and third place with 15% and 12% respectively. With 91% of workers also stating that they use personal devices to store, share, access or work on company documentation, organizations are at risk of losing data and intellectual property forever as it becomes fragmented across multiple devices and cloud services.

Content is being fragmented across cloud and personal devices

Regarding personal devices, almost two thirds (64 percent) of office workers use external hard drives to store work documents and almost half (46 percent) use USB drives. More than a third (34 percent) of people admit to using USBs to share documentation with others and 43% use external personal hard drives for the same purpose. Even CDs and DVDS continue to be used by almost a fifth of people (16 percent) for storing company documents.

With a wealth of digital content being created and shared on a daily basis, the ways in which companies ensure their data is stored, accessed and worked on by employees – without compromising security – is becoming a significant issue. To deal with the information overload now occurring in enterprises, it is clear that many office workers are turning to personal gadgets and services to help them get their jobs done more effectively. Half of U.S office workers want to be able to work from anywhere and almost half (49 percent) wanted to access all of their work documents in one place. A fifth of U.S. workers also want to use their personal smartphones, laptops and tablets for work. Today's enterprise technology now needs to be able to support these requirements without putting company information at risk.

"Companies need to wake up and realize they're facing a massive security issue and risk having their intellectual property walk out of the door with people," states Alastair Mitchell, CEO, Huddle. "There's a huge amount of information available in enterprise content stores and knowledge workers are struggling to find ways to access, work on and share this with everyone they need to. Failed by legacy technologies, such as SharePoint, which were designed to keep content locked inside an organization, employees are looking for easy ways to access what they need. This has resulted in a free-for-all use of personal cloud services, external hard drives, smartphones and USBs, turning the enterprise content store into a giant, unruly jigsaw puzzle. With people busily stashing data all over the place, companies simply have no idea where their content is kept. Information needs to be stored centrally so that everyone with permission can access it, regardless of whether an employee has left the company."

Frustration mounts as content overload hits hard

Huddle's inaugural "State of the Enterprise Information Landscape" report reveals that office workers across the U.S. feel overwhelmed by the amount of content – whether documents, discussions on social tools, images or video – that they work with on a daily basis. More than half of U.S office workers (53 percent) feel bombarded by all the information they sometimes have to deal with, with those aged between 18 - 24 years old feeling the pressure most (60 percent). The 25 – 31 year olds and 32 – 38 years olds are in joint second place with 57% feeling overwhelmed.

According to the research, technology adds to people's frustrations in the office as key annoyances are:

Not being able to send large files via email (31 percent)

Wasting time searching for electronic documents (28 percent)

Ensuring that you are using the most up to date version of any given document (21 percent)

Getting documents approved by others (18 percent)

Figuring out who has specific information about a project or task (17 percent)

In order to share and work on documents with people outside of their company:

· Almost two thirds (65 percent) of office workers continue to revert to sending email attachments

· Nearly a fifth (16 percent) use USB drives

· A similar amount (15 percent) send hard copies of documents via courier

· Eight percent send CDs or DVDs via mail

Men are worst offenders for stashing enterprise data on personal devices and cloud services

The study reveals that male office workers are more likely to be stockpiling company documents on their personal cloud services or devices:

· 43% use personal cloud tools or services to store work documents versus 33% of women

· Men are also more likely to keep enterprise documents on USB drives (50 percent), external personal hard drives (69 percent) and CDs or DVDs (19 percent), in contrast to women's respective 42%, 59% and 14%

"The boom in cloud based file share and sync tells us there is a real business need for collaboration, but it has brought as many issues with it as it has resolved," explains Alan Pelz-Sharpe, Content and Collaboration, Research Director, 451 Research. "Workers have a very real set of needs to be met, and it's IT's challenge to provide easy to use but enterprise secure alternatives to insecure consumer alternatives. Services such as Huddle aim to manage and balance the needs of workers and IT, so people can get their jobs done without compromising security."

Note to Editors: Ipsos MORI interviewed 2,000 adults aged 18-65 who worked in an office across the USA from its online panel of respondents. Interviews were conducted online between 2nd and 9th April 2013. A representative sample of office workers was interviewed with quota controls set by gender, age and region.

About Huddle

Huddle provides next generation content collaboration for government and enterprises. Its patent-pending intelligent technology ensures relevant content is delivered directly to Huddle users, with no need to search. Business units of any size work more efficiently by huddling together within a secure cloud service accessed via web browsers, desktop or mobile devices. Co-headquartered in London and San Francisco and with offices in New York City, Huddle's customers include 80% of Fortune 500 and 80% of UK government departments, as well as companies such as Kia Motors, SEGA, Unilever and P&G. The company is privately held and backed by venture capital firms DAG Ventures, Eden Ventures, Matrix Partners and Jafco Ventures. More information can be found at www.huddle.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0103
Published: 2014-07-29
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.

CVE-2014-0475
Published: 2014-07-29
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

CVE-2014-0889
Published: 2014-07-29
Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite (aka Atlas Policy Suite), as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote atta...

CVE-2014-2226
Published: 2014-07-29
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtains sensitive information via unspecified vectors.

CVE-2014-3020
Published: 2014-07-29
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.

Best of the Web
Dark Reading Radio