Friday, August 10, 2012

Data breach within the Business

In a recent study by Iron Mountain, an information management company, it was found that over 30% of 2,000 office workers confessed to taking or forwarding confidential information. In addition, up to 15% of them had taken confidential information to their new job and over 30% stated that they would delete or/and share confidential information if they were fired.

Iron Mountain's Senior Vice President said that businesses are only focusing on observing data breaches from outside the organisation, when they should be focusing on what’s happening within the organisation, more specifically, its employees.

He stated that "HR or finance will have an awful lot of access to very sensitive information," and that "Sales and marketing will have access to customer data, and some of the service organizations will have a lot of information about their patients or their customers."

Around 50% of the employees admitting to taking confidential information believed that as they were involved in creating the data, they have the right to take it. Eglinton from Iron Mountain stated that "The information you create in your daily work doesn't belong to you because you created it, it belongs to the organization that's paying you to do that job."

So, what can organisations do to protect their data? There are still a few ways of diminishing the loss of information which range from tracking files across multiple sites to encryption software.

What is your opinion on taking confidential information from an organisation?