Complex Made Simple

Employees are sharing sensitive data, not shy about it, and its costly

Veritas Technologies, a global leader in data protection, revealed new research highlighting the dangers of misusing instant messaging (IM) and business collaboration tools. 87% of office worker employees in the United Arab Emirates (UAE) have admitted to sharing sensitive and business-critical company data using these tools, the survey found.

71% of office workers globally – including 68% in the US – admitted to sharing sensitive and business-critical company data, the survey also found.

The Veritas Hidden Threat of Business Collaboration Survey shows employees are taking data out of the control of the businesses that employ them, exposing companies to risk. 

62% are saving their own copies of the information they share over IM, while, conversely, 47% of those surveyed in the UAE delete it entirely. Either approach could leave companies open to significant fines if regulators ask to see a paper trail. 

Sensitive data being shared by employees on these channels includes client information (28%), details on HR issues (22%), contracts (19%), business plans (33%), and even COVID-19 test results (13%). 

The research shows that the challenge is compounded by the number and amount of time employees are now spending using messaging and collaboration apps: time spent on tools such as Zoom and Teams has increased by 20% since the start of the pandemic. 

A significant amount of business is now being conducted as routine on these channels and employees are taking agreements as binding. For example, as a result of receiving information over messaging and collaboration tools, 45% of employees have accepted and processed an order, 42% have accepted a reference for a job candidate and 33% have accepted a signed version of a contract. 

79% of all workers responding to the survey said that they would share this kind of information in the future.

Sharing is not caring

When asked which methods of communication provide the most reliable proof that an agreement is binding, the following was revealed: 

  • Email is viewed as a reliable affirmation of an agreement by 97%, followed by electronic signature at 94%
  • IM was still trusted by 95%, SMS text by 91%, and WhatsApp by 87%
  • 73% even viewed social media as reliable proof that something has been agreed 

The research also uncovered some interesting patterns that emerge from country-to-country comparisons:    

  • 45% of workers in the UAE would accept an order over an instant messaging app and start processing it. But regional differences exist – 49% in China would action the sale, while only 24% in the UK would do the same. 
  • While 63% of employees in the UAE are saving their own copies of information shared over instant messaging apps, 75% of office workers in China are doing this compared to just 44% in the UK. 
  • The willingness to use business applications for personal purposes varied considerably. 55% of UAE employees have used corporate applications for personal conversations, almost on par with employees in China and South Korea (57%), compared to just 32% in the UK. 

Emails and encryption

People make mistakes when sharing data

In fact, 24% of data breaches are caused by human error.  

Today’s business culture truly revolves around email. For many, it’s the path of least resistance when it comes to quickly sharing information—including sensitive data—with colleagues, partners, vendors, and more. While email allows for quick collaboration and communication, it is not without its risks.

  1. 44% of organizations share data on a continuous basis, 26% share data daily, and another 13% share data every hour. (Virtru)
  2. 86% of professionals name email as their preferred means of business communication. (Hubspot)
  3. The average employee sends 40 emails per day for business purposes. (Templafy)
  4. 70% of emails sent contain sensitive information. (Virtru)

Encryption

Because of the sheer amount of emails sent daily to do our jobs, additional protection and control measures are needed to ensure privacy and compliance.

Without end-to-end encryption, organizations are at increased risk of a breach.

  1. In 2020, there have been at least 3,950 recorded breaches (an incident that results in the confirmed disclosure of data to an unauthorized party). (Verizon)
  2. In 2020, there have been 32,000 security incidents (a security event that compromises the integrity, confidentiality, or availability of an information asset). (Verizon)
  3. 53% of organizations have over 1,000 sensitive files open to every employee. (Varonis)
  4. On average, every employee has access to 17 million files. (Varonis)
  5. Only 5% of a company’s folders are protected. (Varonis)
  6. 68% of business leaders feel their cybersecurity risks are increasing. (Accenture)
  7. 34% of breaches involve internal actors. (Verizon)

The cost of a data breach

The risks and costs of not securing your organization’s most sensitive data are more critical than ever.

  1. The average cost of a data breach is $3.86 million. (IBM)
  2. The average cost per lost/stolen record is $150. (IBM)
  3. In the event of a breach, the average cost of lost business is $1.42 mn. (IBM)
  4. 70% of business leaders agree that a largely remote workforce will increase the cost of a data breach. (IBM)