SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Staff sharing sensitive company data through IM & collaboration tools - Veritas
Thu, 11th Mar 2021
FYI, this story is more than a year old

Messaging apps and collaboration tools like Zoom and Teams could be accidentally leaking data due to misuse by employees - that's according to a new report from Veritas, which found that businesses are losing control of their data because employees are taking that data beyond company platforms.

Those actions are exposing organisations to risk and potentially leaking data such as client information (15%), HR issues and business contracts (13%), business plans (12%), and COVID-19 test results (10%).

While 54% say they save copies of the information they send through instant messaging, while many say they delete it entirely. Just 36% of respondents said they have not shared any information that could compromise their business.

Employees are also spending so much time on messaging and collaboration apps (2.7 hours every day on average), particularly since the start of the pandemic.  These apps are used for everything from accepting and processing orders, job candidate references, and contract signing.

34% of workers would accept an order over an instant messaging app and start processing it, however less than half (49%) of those in China would action the sale, and only 35% in Singapore and South Korea would do the same.

Organisations could face breaches and fines if regulators want to see paper trails, Veritas warns.

Veritas Asia South and Pacific Region vice president and managing director Andy Ng says that while many organisations were caught off guard in 2020, organisations need to take data protection up a notch.

“To minimise work disruptions and keep up with the new work model, companies are rushing to bolster their data protection and discovery strategies to include the platforms where their business is actually being done.

According to the report, email is the most reliable way of affirming an agreement (93%), followed by written letters (95%) and electronic signatures (93%).

“With work-from-everywhere, business data is sprawling across different locations. Deals are closed, orders processed and sensitive personnel information are being shared on collaboration platforms. It is a business imperative for companies to incorporate the management of this data deluge into their protection and compliance strategies. The implications could be huge if they fail to do so.

Findings are from the Veritas Hidden Threat of Business Collaboration Report, which polled 12,500 office workers in 10 countries.

The report recommends that organisations:

  • Standardise on a set of collaboration and messaging tools that meet the needs of the business – this will limit the sprawl
  • Create a policy for information sharing – this will help control the sharing of sensitive information
  • Train all employees on the policies and tools that are being deployed – this will help to reduce accidental policy breaches
  • Incorporate the data sets from collaboration and messaging tools into the businesses' data management strategy using eDiscovery and SaaS data backup solutions – this will empower users to make the most of the tools without putting the business at risk.