IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Documents: the security risk you hadn't thought of

The consequences of data loss are becoming more and more serious

It's becoming extremely difficult for companies to guarantee the security and integrity of their data, not least due to the increasing mobility of employees. Staff spend more time away from the office, accessing company documents from all over the world, often using their own devices.

The bring your own device' (BYOD) trend poses a major problem for company security. This was demonstrated by a study carried out by the Ponemon Institute in which 2,300 IT and security specialists from eight countries were surveyed. 58% of respondents consider BYOD to be a security risk, with experts claiming that the use of private mobile devices restricts the effectiveness of data protection measures and hampers the implementation of security policies.

Increased mobility combined with new opportunities for communicating and reproducing information, mean the risk of data loss for businesses rises. Even when printed out or simply distributed incorrectly, lists and documents can easily fall into the wrong hands or be deleted by employees accidentally or deliberately.

If development results, customer drafts, contracts or other confidential information fall into the wrong hands, it's not simply a competitive disadvantage for the company concerned. When data is lost or stolen, as well as affecting the company's reputation, it could also incur financial losses or make the organisation liable for heavy fines.

Not only is data becoming more mobile, it is also distributed more quickly and created in larger volumes. Around 90% of German companies that took part in a survey for Bitkom declared that the amount of data they were producing had increased in comparison with the previous year. On average, these companies were generating 22% more data.

Increased hardware costs are not the only consequence of this increase in data; the cost of protecting such information against unauthorised access, whether from inside or outside the company, is also increasing.

The consequences of data loss are becoming even more serious, and a study from the Ponemon Institute on the cost of data breaches revealed that over the past two years, costs incurred by companies due to data loss have increased throughout the world by 23% to an average of $3.8 million per security breach. Under the new GDPR regulations, companies could be fined 4% of their annual turnover or 20 million for failing to comply.

If documents contain personal information, many data protection regulations such as the European Data Protection Directive legislations also apply as well as GDPR. It must be possible to ensure that access, editing and distribution of information to third parties can be recorded and traced, and companies also have an obligation to ensure a level of security appropriate to the risk of a breach, such as encrypting documents to ensure that only authorised users can get access, and that no unnecessary personal data is included.

However, paper documents are not necessarily a way to protect against hacks or breaches. It could even be argued that the opposite is true once a paper document has left the printer, its journey from that point onward is difficult to control. It's impossible to know who might be able to read or copy it, and documents are at risk of being lost during transport or disposal.

Even if, in principle, it's easier to keep digital documents under greater control than printed documents, digital formats still represent a potential security risk for companies. Therefore, document security should be a central component of company security. According to the Ponemon Institute study, 72% of IT experts surveyed believe that document security can contribute to maintaining data confidentiality, integrity, authenticity and accessibility.

There are a number of different ways documents can be secured online at all stages of the workflow to ensure that data doesn't fall into the wrong hands, including using password protection to open and edit documents, protecting access at a project or group level and using encryption to ensure that protected files can't be read by unauthorised people, should they fall into the wrong hands.

Featured Resources

AI for customer service

IBM Watson Assistant solves customer problems the first time

View now

Solve cyber resilience challenges with storage solutions

Fundamental capabilities of cyber-resilient IT infrastructure

Free Download

IBM FlashSystem 5000 and 5200 for mid-market enterprises

Manage rapid data growth within limited IT budgets

Free download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Google rolls out patch for high-severity Chrome browser zero day
zero-day exploit

Google rolls out patch for high-severity Chrome browser zero day

25 Nov 2022