In-depth

Documents: the security risk you hadn't thought of

The consequences of data loss are becoming more and more serious

It's becoming extremely difficult for companies to guarantee the security and integrity of their data, not least due to the increasing mobility of employees. Staff spend more time away from the office, accessing company documents from all over the world, often using their own devices.

The bring your own device' (BYOD) trend poses a major problem for company security. This was demonstrated by a study carried out by the Ponemon Institute in which 2,300 IT and security specialists from eight countries were surveyed. 58% of respondents consider BYOD to be a security risk, with experts claiming that the use of private mobile devices restricts the effectiveness of data protection measures and hampers the implementation of security policies.

Increased mobility combined with new opportunities for communicating and reproducing information, mean the risk of data loss for businesses rises. Even when printed out or simply distributed incorrectly, lists and documents can easily fall into the wrong hands or be deleted by employees accidentally or deliberately.

If development results, customer drafts, contracts or other confidential information fall into the wrong hands, it's not simply a competitive disadvantage for the company concerned. When data is lost or stolen, as well as affecting the company's reputation, it could also incur financial losses or make the organisation liable for heavy fines.

Not only is data becoming more mobile, it is also distributed more quickly and created in larger volumes. Around 90% of German companies that took part in a survey for Bitkom declared that the amount of data they were producing had increased in comparison with the previous year. On average, these companies were generating 22% more data.

Increased hardware costs are not the only consequence of this increase in data; the cost of protecting such information against unauthorised access, whether from inside or outside the company, is also increasing.

The consequences of data loss are becoming even more serious, and a study from the Ponemon Institute on the cost of data breaches revealed that over the past two years, costs incurred by companies due to data loss have increased throughout the world by 23% to an average of $3.8 million per security breach. Under the new GDPR regulations, companies could be fined 4% of their annual turnover or 20 million for failing to comply.

If documents contain personal information, many data protection regulations such as the European Data Protection Directive legislations also apply as well as GDPR. It must be possible to ensure that access, editing and distribution of information to third parties can be recorded and traced, and companies also have an obligation to ensure a level of security appropriate to the risk of a breach, such as encrypting documents to ensure that only authorised users can get access, and that no unnecessary personal data is included.

However, paper documents are not necessarily a way to protect against hacks or breaches. It could even be argued that the opposite is true once a paper document has left the printer, its journey from that point onward is difficult to control. It's impossible to know who might be able to read or copy it, and documents are at risk of being lost during transport or disposal.

Even if, in principle, it's easier to keep digital documents under greater control than printed documents, digital formats still represent a potential security risk for companies. Therefore, document security should be a central component of company security. According to the Ponemon Institute study, 72% of IT experts surveyed believe that document security can contribute to maintaining data confidentiality, integrity, authenticity and accessibility.

There are a number of different ways documents can be secured online at all stages of the workflow to ensure that data doesn't fall into the wrong hands, including using password protection to open and edit documents, protecting access at a project or group level and using encryption to ensure that protected files can't be read by unauthorised people, should they fall into the wrong hands.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Leading the data race

The trends driving the future of data science

Download now

How to create 1:1 customer experiences at scale

Meet the technology capable of delivering the personalisation your customers crave

Download now

How to achieve daily SAP releases

Accelerate the pace of SAP change to support your digital strategy

Download now

Recommended

Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020
Third-party apps are tracking your WhatsApp activity
social media

Third-party apps are tracking your WhatsApp activity

21 Sep 2020
Ransomwiz lets you test your security with simulated ransomware
ransomware

Ransomwiz lets you test your security with simulated ransomware

21 Sep 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
Windows Server flaw sparks emergency US gov warning
vulnerability

Windows Server flaw sparks emergency US gov warning

21 Sep 2020