Organizations are trying to improve security, but employees remain an obstacle

The survey included more than 600 American employees to gauge how organizations are protecting data. The participants included C-suite executives from more than 20 industries including healthcare, finance and information technology.

Key findings included:

• 98 percent of respondents stated their company cared about data security, and 93 percent stated the organization invests in keeping data safe.
• 95 percent of respondents reported their company provides secure information tools.
• 85 percent believed their organization has policies about sharing, delivering and stealing data, documents and information.
• 88 percent of respondents reported their organization trains employees on how to use secure methods of information sharing and delivery.
• While 78 percent of respondents agree with an organization’s security policies, 74 percent reported insecurely sharing information both internally with their colleagues and 60 percent shared with people outside of their organization.
• 60 percent of respondents admitted doing what was easiest when deciding how to send sensitive documents.
• In respondents who shared data through an insecure internal email, 62 percent sent data that included customer data, 46 percent on strategy documents or presentations, 45 percent on company business or financial data and 43 percent on regulated data.
• Of those sharing data through an external insecure email, 49 percent of respondents reported sharing data that contained highly regulated data like medical or financial information, 35 percent shared strategy documents or presentations and 29 percent shared info about intellectual property.

 “The survey’s results uncover some interesting factors that contribute to non-compliance,” said Bill Ho, CEO of Biscom. “It would surprise most companies who have made major investments in security that so many people just fall back to the easiest method, namely sending confidential messages and files through email.”