Yes, in a perfect world every staffer would handle sensitive finance data with the hands of a surgeon: carefully, cautiously – and not spreading anything he or she shouldn’t.
But that isn’t always the case.
Turns out many folks are innocently (and sometimes not-so-innocently) putting companies’ financial data at risk on a regular basis.
The numbers speak for themselves. Consider this reality check from a recent survey by Ipswitch File Transfer:
- 84% of employees use personal emails to send sensitive business files
- more than 50% of people expose company data by uploading them to cloud-based services like Dropbox or YouSendIt
- more than 50% of IT managers have zero visibility into what files and data are being transferred within their organizations, and
- more than 30% of employees have lost a USB drive containing confidential information.
Considering the potential for some very expensive losses, these are issues you need to address ASAP.
And while you can’t do much more than plead with IT to start looking more closely at what’s going where, there’s a lot more you can do about the other three exposures.
We’ll break them down one by one to uncover why it’s happening and how you can minimize the possibilities.
Exposure No. 1: Employees using personal emails to send business files
Raise this issue with some staffers and you’ll likely hear that they were actually trying to improve productivity.
One of the major reasons that employees send work files through home email channels is that business email can’t accommodate a file size as large as the one they’re trying to transmit. Because they want to move the file along faster or without hitting a roadblock because of mailbox quotas, they opt to send it this way.
But that means your company has relinquished all control over the document. Not only that, but it can be accessed without having to be tied into any company computer systems.
Big risk. Considering that more than half of folks say they transmit sensitive files every day – a number that’s probably much higher in Finance — you want to shore this up fast.
First, you want a policy in place that doesn’t allow work files to be transmitted through anything other than company systems.
Employees get held up because the system can’t handle it? You can go a few ways. You can talk with IT about expanding system capacities. It’s also a chance to ask that staffer is all that data really needs to be sent.
A strict policy also gives you recourse if employees are using their personal emails for a less-than-legit reason: Like they are sending it to a competitor or a potential new employer.
Exposure No. 2: They upload files to a cloud-based service
Productivity can be the cause of another possibly cash-compromising tech situation.
The whole host of online storage and document sharing systems now available online pose a new risk to your financial information. Employees looking to collaborate with other departments or business partners might tap these sites as a way to work together in cyberspace.
Yes, the vast majority of those sites take precautions and are considered secure. But it’s now a lot easier to access that data – and harder to keep tabs on who’s doing it.
Then again, there are some other sites that may not be as reliable.
Your first choice is to have e-collaboration tools in house so that employees can work within company systems to work together.
Next best: Have IT vet and approve a list of file-sharing or storage sites and require that staffers only use them. That should limit your exposure when folks look to tap these technologies, even if it is in the name of increased efficiency.
Exposure No. 3: Lost USB drives
You know the convenience and portability of a USB flash drive? That’s just what makes it so easy to lose!
It’s all too easy for employees to misplace this tiny technology that holds some sensitive data.
What’s worse: While many people have lost the devices, few let anyone in their company know about it, probably for fear of getting into hot water.
What to do about it? Some companies have gone so far as to ban the devices. But that might not be practical.
Which means that it’s vital your company only uses USB devices with built-in encryption. A little more pricey for sure, but well worth it in peace of mind.
Info: To download the full survey results, click.