Feb 04th, 2014
SAN ANTONIO, TX - Personal email could be 2014’s biggest threat to corporate data. A new survey of more than 500 professionals released today by GlobalSCAPE, Inc. (NYSE MKT: GSB) found that in the past 12 months, 63 percent of employees have used personal email to send sensitive work documents. Perhaps more surprisingly, 74 percent of those employees believe that their companies approve of this type of file-sharing behavior.
Using personal email to send sensitive business files creates a major security and compliance risk to corporations. Last month, millions of Gmail and Yahoo accounts were breached.
The threat of consumer-grade file transfer methods extends far beyond employees’ use of personal email. In the past 12 months:
"Millions of employees are actively using consumer-grade tools, like personal email, social media, and file sharing sites, to move confidential work files every day,” said James Bindseil, president and CEO of Globalscape, a developer of secure information exchange solutions. “While the intent is typically harmless, these actions can have serious security and compliance ramifications.”
Employees’ reliance on consumer-grade tools to transfer files is not an isolated problem. Nearly half of all employees surveyed transfer work files through unsecured channels (remote storage, personal email, cloud storage, or consumer file-transfer sites) several times a week.
“We found that 80 percent of employees surveyed that use personal email to transfer sensitive work files do it at least once a month,” says Bindseil. “Even scarier: nearly a third of that group knows for a fact that their personal email has been hacked at least once – yet they continue to put company information at risk.”
IT departments are struggling to create effective information-sharing policies and educate employees on the risks of using unsecured channels. According to Globalscape’s survey, only 47 percent of employees think the companies they work for have policies for sending sensitive files. Almost a third said that there were no policies in place, and 22 percent weren’t sure.
Policy enforcement is also lacking. Of the employees at companies that have policies for sending sensitive files, 54 percent still use personal email, and 62 percent still use remote devices.
“The information-sharing needs of today’s workforce are rapidly evolving, and most organizations are failing to keep up,” says Bindseil. “Employees need and expect instant access to information, and the ability to send and store files at the press of a button. When internal technology and tools come up short, employees will find a workaround.”
While there are many reasons that employees find alternatives to their company-provided file-transfer tools, the biggest drivers are simplicity and ease of use. According to Globalscape’s survey:
"Speed, simplicity, and mobile access are critical," said Bindseil. "If enterprises have any hope of managing and securing the sensitive data leaving their organization, they need to provide solutions that easily integrate into the daily routines of their employees.”
Globalscape’s full report, Dangerous File Sharing, is available for download.
San Antonio, Texas-based GlobalSCAPE, Inc. (NYSE MKT: GSB) ensures the reliability of mission-critical operations by securing sensitive data and intellectual property. Globalscape’s suite of solutions features EFT, the industry-leading enterprise file transfer solution that delivers military-grade security and a customizable platform for achieving best in class control and visibility of data in motion or at rest, across multiple locations. Founded in 1996, Globalscape is a leading enterprise solution provider of secure information exchange software and services to thousands of customers, including global enterprises, governments and small businesses. For more information, visit Globalscape, or subscribe to our Blog or Twitter updates.
Safe Harbor Statement
This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. The words "would," "exceed," "should," "anticipates," "believe," "steady," "dramatic," and variations of such words and similar expressions identify forward-looking statements, but their absence does not mean that a statement is not a forward-looking statement. These forward-looking statements are based upon the Company’s current expectations and are subject to a number of risks, uncertainties and assumptions. The Company undertakes no obligation to update any forward-looking statements, whether as a result of new information, future events or otherwise. Among the important factors that could cause actual results to differ significantly from those expressed or implied by such forward-looking statements are risks that are detailed in the Company’s Annual Report on Form 10-K for the 2012 calendar year, filed with the Securities and Exchange Commission on March 28, 2013.