In-depth

Documents: the security risk you hadn't thought of

The consequences of data loss are becoming more and more serious

It's becoming extremely difficult for companies to guarantee the security and integrity of their data, not least due to the increasing mobility of employees. Staff spend more time away from the office, accessing company documents from all over the world, often using their own devices.

The bring your own device' (BYOD) trend poses a major problem for company security. This was demonstrated by a study carried out by the Ponemon Institute in which 2,300 IT and security specialists from eight countries were surveyed. 58% of respondents consider BYOD to be a security risk, with experts claiming that the use of private mobile devices restricts the effectiveness of data protection measures and hampers the implementation of security policies.

Increased mobility combined with new opportunities for communicating and reproducing information, mean the risk of data loss for businesses rises. Even when printed out or simply distributed incorrectly, lists and documents can easily fall into the wrong hands or be deleted by employees accidentally or deliberately.

If development results, customer drafts, contracts or other confidential information fall into the wrong hands, it's not simply a competitive disadvantage for the company concerned. When data is lost or stolen, as well as affecting the company's reputation, it could also incur financial losses or make the organisation liable for heavy fines.

Not only is data becoming more mobile, it is also distributed more quickly and created in larger volumes. Around 90% of German companies that took part in a survey for Bitkom declared that the amount of data they were producing had increased in comparison with the previous year. On average, these companies were generating 22% more data.

Increased hardware costs are not the only consequence of this increase in data; the cost of protecting such information against unauthorised access, whether from inside or outside the company, is also increasing.

The consequences of data loss are becoming even more serious, and a study from the Ponemon Institute on the cost of data breaches revealed that over the past two years, costs incurred by companies due to data loss have increased throughout the world by 23% to an average of $3.8 million per security breach. Under the new GDPR regulations, companies could be fined 4% of their annual turnover or 20 million for failing to comply.

If documents contain personal information, many data protection regulations such as the European Data Protection Directive legislations also apply as well as GDPR. It must be possible to ensure that access, editing and distribution of information to third parties can be recorded and traced, and companies also have an obligation to ensure a level of security appropriate to the risk of a breach, such as encrypting documents to ensure that only authorised users can get access, and that no unnecessary personal data is included.

However, paper documents are not necessarily a way to protect against hacks or breaches. It could even be argued that the opposite is true once a paper document has left the printer, its journey from that point onward is difficult to control. It's impossible to know who might be able to read or copy it, and documents are at risk of being lost during transport or disposal.

Even if, in principle, it's easier to keep digital documents under greater control than printed documents, digital formats still represent a potential security risk for companies. Therefore, document security should be a central component of company security. According to the Ponemon Institute study, 72% of IT experts surveyed believe that document security can contribute to maintaining data confidentiality, integrity, authenticity and accessibility.

There are a number of different ways documents can be secured online at all stages of the workflow to ensure that data doesn't fall into the wrong hands, including using password protection to open and edit documents, protecting access at a project or group level and using encryption to ensure that protected files can't be read by unauthorised people, should they fall into the wrong hands.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Three ways to protect PDF documents
document management systems (DMS)

Three ways to protect PDF documents

19 Aug 2020
Why it’s time to take your documents digital
document management systems (DMS)

Why it’s time to take your documents digital

12 Aug 2020

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021