Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

End of Bibblio RCM includes -->
4/30/2019
10:30 AM
Larry Loeb
Larry Loeb
Larry Loeb

Shadow IT & Unsecured Data Still Rampant Within the Digital Workplace

The digital workplace is full of opportunities for improvement.

Igloo software created a report in 2018 about how the digital workplace was changing, The State of the Digital Workplace. This year, they revisited the topic, and asked some of the same questions.

They polled 2,000 individuals at companies with more than 250 employees, and compared the answers to last year's.

Some interesting results were shown. Survey respondents highlighted four main focus areas that suggest the worth of an investment in a digital workplace platform will be shown in how it centralizes communication, collaboration, knowledge management, as well as improving overall culture and employee engagement.

The survey found approximately seven in ten employees (69%) who work remotely report that they are dealing with challenges they do not think that they would encounter in an office setting.

Fifty-six percent of those surveyed said they have missed out on important information, 54% have been excluded from meetings and 43% have found certain people or groups inaccessible as a result of working away from the office.

There is an inverse relationship between employee seniority and working remotely. Junior employees are more likely to work at an office location than directors and above who report an 80% level of working remotely at least once per week.

Ninety-one percent of employees feel confident their knowledge-sharing tools would only allow access to authorized individuals. Yet employee behavior is risky when it comes to sharing sensitive or private information. Sixty-nine percent admit to using email to store or share this information, 26% have used instant messaging and just 14% use secure FTP.

As for shadow IT, where employees use their own apps and infrastructure, 50% said they used an application or piece of software not approved by their companies. Fifty-five percent of these employees said they did so because it could not be monitored or tracked by their companies, and 62% said they use unsanctioned apps because of their ease of use.

Indeed, 76% of respondents say that using their own apps saves them between one and three hours per week.

If an enterprise undertakes a thorough audit of both approved and non-approved technology that is used by their employees, they may learn greatly about the day-to-day functions that are being practiced. There are probably going to be ways to do things better hiding in there as well.

In 2019, 81% of those surveyed said they have used their company's intranet within the previous week, which is up from 75% the previous year.

There has also been an increase over last year in employees reporting difficulty finding the right documents. Forty-three percent of employees have avoided sharing a document with a colleague because they couldn't find it or believed it would take too long to find, up 12% from last year's 31%.

Thirty-five percent of entry-level employees have avoided sharing a document for this reason as compared to 46% of manager-level employees and 53% of director-level and above (director, VP, President, and C-Suite).

So, the digital workplace is full of opportunities for improvement, including better support of remote workers, keeping information secure and making documents easy to access across an increasingly connected workforce.

— Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Practical Network Security Approaches for a Multicloud, Hybrid IT World
The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-30333
PUBLISHED: 2022-05-09
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
CVE-2022-23066
PUBLISHED: 2022-05-09
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to tra...
CVE-2022-28463
PUBLISHED: 2022-05-08
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
CVE-2022-28470
PUBLISHED: 2022-05-08
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
CVE-2022-1620
PUBLISHED: 2022-05-08
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.