Survey: Collaboration Applications Not Sufficiently Secured

A new survey shows that most organizations running collaborative applications aren't taking the necessary security measures to prevent data loss and unauthorized access to their data.

Of the 117 CIOs, CISOs, and IT executives surveyed by Rohati Systems -- mostly from financial services firms -- 78 percent say their organizations mainly use basic single sign-on and passwords for authentication to these applications, which include Web-based intranet portals, Common Internet File Systems (CIFS), and Microsoft's SharePoint server for collaboration among employees and business partners.

"We were surprised to see such a high percentage still relying on authentication" only for securing their collaboration systems, says Shane Buckley, president and CEO of Rohati, a startup formed by Cisco alumni that sells a multigigabit-speed network appliance for controlling user access to applications. "That doesn't go far enough."

More than half of the respondents run a combination of intranet portals, CIFS, and SharePoint, according to the survey.

Seventy percent say that properly securing their collaboration systems requires authorization at the document level, although 60 percent say these types of solutions are too pricey and complicated. More than 40 percent also worry that access management tools could hinder their mission-critical applications, while 73 percent say their organizations aren't taking the proper security measures to prevent unauthorized access to their data.

One challenge these organizations face is the changing face of what constitutes an employee in a collaborative environment, Buckley says. "We really don't have a real definition of who an employee is anymore as [organizations] rely hugely on contractors," he says. "Collaboration was occurring across the business internally, including full-time and part-time contractors, and also with external stakeholders like business partners and customers."

Respondents say they worry most (49 percent) about their employees getting access to data and applications in the collaborative environment that they aren't authorized to reach. Domestic contractors are their next-biggest concern (33 percent), followed by business partners (29 percent), and foreign contractors (28 percent).

Another big concern about collaboration is violation of compliance requirements, the survey found. Thirty-six percent say that's their biggest concern; 28 percent, data privacy; 18 percent, the financial impact of a data breach; and 11 percent, the loss of intellectual property.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message