Cryptzone reveals the extent to which confidential content is left unprotected in SharePoint
(Thomson Reuters ONE) -
Gothenburg, August 12 2013
Cryptzone, the IT security and threat mitigation specialist, today published the
results of its SharePoint Security Survey at SPTechCon in Boston. The survey
undertaken amongst SharePoint practitioners at the Microsoft conference in Las
Vegas, reveals how many organizations have inadequate security and governance
measures in place to help prevent data misuse and loss from their SharePoint
environments. Whether this is because managers naively still believe that
SharePoint is not a repository for sensitive and confidential information or
they have not got to grips with central management of sprawling SharePoint
deployments is unclear.
40% of participants admitted that they, or people they know, have accessed
information not intended for their consumption. While salary details topped the
list for unauthorized access to sensitive content (46%), valuable data assets,
such as insider information, M&A details and Intellectual property represented
more than one third of contraventions, which should sound alarm bells in many a
boardroom. "Data leaks of this nature are not just about non-compliance, but can
affect the business results of the whole enterprise" says Einar Lindquist, CEO
at Cryptzone.
More than half (55%) of those questioned had sent documents to someone without
sufficient SharePoint permissions to access a document for themselves. Whether
this behaviour is for legitimate business reasons or not, Cryptzone asserts that
organizations should take note of the frequency with which data is being shared
beyond the confines of SharePoint both to other employees and external
collaborators. People are moving data around, so organizations need to deploy
secure mechanisms to achieve this safely and be able to track flows of sensitive
content, in order to uphold security and compliance standards.
Although the survey shows that the IT security awareness message is being heard,
it is ignored by the majority. 76% of those surveyed know that by copying or
sending sensitive content outside of SharePoint, information is more vulnerable
to data breaches. Organizations are clearly finding it difficult to stop this
kind of activity. With the continued dominance of email communication and the
rise of file sharing sites, such as DropBox, Cryptzone considers there is an
urgent need to put in place security tools that enable employees to work more
responsibly, without hindering their productivity. While many respondents did
not consider the documents they were sharing to be of a sensitive nature, over
one third admitted that they were "Not bothered if it helps me get the job
done". It is therefore imperative that any security measures implemented have to
be very easy to use or transparent to users. Perhaps more worryingly 28% did not
consider protecting data part of their responsibility. Evidently raising levels
of IT security awareness does not necessarily change behaviour and instil a
sense of accountability.
"Many of the SharePoint environments our engineers come across have very little
security, so people are at liberty to do almost what they please with the
content they find," states Einar Lindquist CEO at Cryptzone. "SharePoint sites
may have escaped the intense scrutiny of auditors in the past, but that's all
changing. The CIOs and CISOs, who I am talking to, recognize that their
SharePoint sites are unquestionably being used to store personal and
commercially sensitive information that requires effective data protection."
Other Survey Statistics
* IT Administrators continue to wield the power for managing access rights
within SharePoint (77%)
* 59% do not trust document authors to control who reads the documents they
create in SharePoint.
* 40% of participants admit that they, or people they know, have accessed
information not intended for them.
* 58% are opening up access to external collaborators, but nearly 25% still
don't give third party access to SharePoint collaboration environments.
Survey Conclusions
* All types of users are circumventing security policies, thereby increasing
the risk of security incidents.
* SharePoint professionals do not trust content authors to appropriately
manage access rights to SharePoint content.
* SharePoint IT professionals are frequently abusing access privileges to look
at sensitive data without the knowledge of their employers.
* People have a genuine need to share information outside of the SharePoint
environment for third party collaboration with customers, partners & other
stakeholders.
* There is a need for tools that enable workers to take full advantage of the
collaboration capabilities of SharePoint, yet enforce corporate policies on
data protection and IT security.
SharePoint Security Recommendations
1. Ensure that encryption and access management stays with the document
regardless of whether SharePoint content is moved, copied or changed in
anyway.
2. Provide an integrated method for secure communication, which allows users to
share SharePoint content appropriately within and outside the network,
enabling productivity and data protection.
3. Establish rule based access rights management to automate SharePoint
security controls, thereby avoiding errors that leave content vulnerable to
data misuse.
4. Ensure a separation of duties, so that SharePoint administrators cannot
circumvent security policies and cause an accidental or malicious breach.
5. Adopt a thorough approach to reporting all administrative actions and events
involving sensitive SharePoint content, in order to spot security threats
early and prevent the cover up of administrator abuses.
To download a copy of the survey results please visit:
www.cryptzone.com/sharepoint-security-survey-US
Cryptzone is exhibiting on booth 403 at SPTechCon in Boston its Secured
eCollaboration for SharePoint solution which provides document encryption,
enhanced access control and compliance auditing capabilities.
For more information
Einar Lindquist, CEO, Cryptzone Group AB
einar.lindquist(at)cryptzone.com
Tel: +46 704-299 839
Beverley Stonehouse, Head of Marketing & Communications
pr(at)cryptzone.com
Tel: +44 1252 419990
About the Cryptzone Group
The Cryptzone Group is a technology innovator of proactive controls to mitigate
IT security risk. Our solutions enable organizations to securely connect,
collaborate and comply within the digital workplace, thereby improving document
security, access control and compliance auditing capabilities.
Headquartered in Sweden, the company has a presence in the USA, UK, Belgium,
Germany and Poland, as well as an extensive partner network with more than 150
global partners. For more information about the company and its solutions, visit
www.cryptzone.com.
Cryptzone's share is listed on First North, Sweden, the Nordic alternative
market operated by NASDAQ OMX. Certified Adviser is Thenberg & Kinde
Fondkommission AB.
This announcement is distributed by Thomson Reuters on behalf of
Thomson Reuters clients. The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and
other applicable laws; and
(ii) they are solely responsible for the content, accuracy and
originality of the information contained therein.
Source: Cryptzone via Thomson Reuters ONE
[HUG#1722191]
Unternehmensinformation / Kurzprofil:
Bereitgestellt von Benutzer: hugin
Datum: 12.08.2013 - 13:00 Uhr
Sprache: Deutsch
News-ID 286777
Anzahl Zeichen: 8301
contact information:
Town:
Göteborg
Kategorie:
Business News
Diese Pressemitteilung wurde bisher 179 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Cryptzone reveals the extent to which confidential content is left unprotected in SharePoint"
steht unter der journalistisch-redaktionellen Verantwortung von
Cryptzone (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).




" alt="Miranda applies for four exploration licenses in the Antioquia-Batholith, Colombia