IT staff use 'more convenient' web email to move data claim
Feckless IT professionals have been declaimed again – this time for using personal email accounts to mask file transfer activity from management.
A study by file transfer solutions specialist Ipswitch says that 40 per cent of a sample interrogated at the Infosecurity Europe conference admitted to sending ‘sensitive or confidential information’ via their personal email accounts to ‘eliminate the trail of what was being sent to whom’ – representing a major security and compliance breach and violation for companies, the report concludes.
Sixty-nine per cent of respondents also admitted that they send classified information - such as payroll, customer data, and financial information - over email, with no security, at least once a month, and 34 per cent confessed they ‘do it daily’. The biggest named drivers for this habit are speed, convenience, and the ability to send large files, ‘without the hassle’.
“Employees will almost always take the path of least resistance, even if that unintentionally means violating company policies and breaking security protocols,” says Ipswitch VP of global strategy L. Frank Kenney. “Businesses need complete visibility into the files that are moving internally and externally company-wide.”
Kenney adds: “With thousands of gigabytes [of data] moving in-and-out of companies every month, executives need visibility into who’s sending, receiving, and forwarding business-critical documents for security and compliance purposes… Unless companies communicate and enforce file-transfer policies… risk of a breach will continue to rise.”