One in three frioms lack document security policy

European businesses are increasingly at risk from their own staff exposing valuable and sensitive company information, security experts have warned.

Share

European businesses are increasingly at risk from their own staff exposing valuable and sensitive company information, security experts have warned.

Research commissioned by security firm McAfee found that more than a third of European businesses (37%) had no set policy for handling sensitive documents, while in companies that did have policies, almost a quarter of employees did not know what they were.

Company staff are increasingly using portable devices such as mobile phones and memory sticks to remove confidential data from their workplaces, the study of 600 office workers conducted by ICM Research, revealed.

Day to day internal documents, customer data and company financial information were the three most common types of document removed from the business, either electronically or physically, the survey found.

Company email remains the most common means of sending information externally, with 86% of those surveyed admitting to forwarding documents regularly by email. More than a quarter of staff who had sent customer information outside the business said they used web-based email services, over which IT departments have little control.

But 45% of the office workers who took financial records outside the business used portable devices to do so.

The researchers suggested that 132m sensitive documents a week were being were removed from UK offices on portable devices.

McAfee security analyst Greg Day said: “Whilst most organisations strive to comply with the legal policies that ensure the safe handling of sensitive information, they fail to recognise their employees as a potential Achilles heel.”

Find your next job with computerworld UK jobs