Loss of information a top concern reveals Selcore ESG study
Seclore, a provider of enterprise digital rights management solutions, announced the results of an Enterprise Strategy Group ESG research study that uncovers the challenges, best practices, and solutions required for securing data shared among internal and external individuals. The survey, which was completed by 200 senior IT and security professionals with influence over purchasing decisions, highlights the need for organisations to have the necessary technologies in place to ensure policies travel with sensitive data wherever and however it is shared.
Based on the data collected from the survey, the ESG Report titled Securing Information in the Age of External Collaboration concludes that loss of sensitive information is a top concern, and is assumed to be happening. While 98% of respondents cited the loss of sensitive data as a top or significant concern, many believe it is very or somewhat likely that sensitive data had been lost or accessed inappropriately in the last 12 months. Commonly stated reasons for data loss include emails inadvertently sent to the wrong person, unauthorised access and lost portable storage devices.
Loss of information due to human error continues to be a concern, but IT must also work to prevent theft. 56% of respondents said it is very or somewhat likely that files had been stolen by partners, contractors or customers , as well as 58% saying the same about files being stolen by employees and malicious software.
IT faces a new set of challenges and requirements when protecting sensitive data assets. The need to collaborate with third parties makes file sharing a common occurrence, which can also pose as a security threat if information is accessed by an unauthorised party. In fact, 34% of respondents noted that 26 to 50% of their employees regularly share files with individuals external to their organisations. Other challenges include hybrid IT, the rise of the mobile workforce and shadow IT applications.
Enterprise File Sync and Share EFSS is quickly gaining parity as one in a variety of solutions used for sending, sharing and collaborating. Organisations are quickly adopting EFSS services as a means to share information, with 75% of respondents noting EFSS is used frequently to share files with others and 54% noting that their end-users use two to three authorised and unauthorised file sharing services.
While EFSS is a highly popular method for sending documents, traditional methods of sharing files are still frequently utilised. Portable storage devices, FTP, and email are also reported to be used for collaboration by respondents’ organisations. The ability to persistently secure any file type across all sharing methods, devices, and storage locations is paramount.
External collaboration, including collaboration enabled by EFSS services, is likely driving investment in enterprise digital rights management. 47% of respondents indicated they have already deployed an enterprise digital rights management solution and 37% said they are committed to doing so in the next 12 to 24 months. The trend towards increased adoption of EFSS, and the external collaboration that it enables, is likely the primary reason.
First-generation enterprise digital rights management systems are not an effective approach to persistently securing information. 69% of those who already employed enterprise digital rights management reported current plans for refreshing or augmenting their existing solutions and an additional 27% stating their intention to do so in the next 12 months. Three of the top four most cited perceived challenges of enterprise digital rights management solutions stated by all respondents was their inability to integrate with existing systems, difficult policy management for IT and difficult utilisation for end-users due to agent requirements.
A next-generation enterprise digital rights management solution, based on the results of the ESG research, can best be characterised as having increased breadth and depth in usage controls and types of files that can be protected, the ability to integrate with other applications to automate protection, and browser based access for ease of use.
“In order to stay competitive, organisations must embrace key business agility drivers, such as mobility, outsourcing, file sharing, and cloud based systems, but also must acknowledge how these factors open up organisations to unnecessary security risks that can cause devastating repercussions,” said Vishal Gupta, CEO of Seclore. “Next generation data centric security solutions are a critical piece to strategically planned security architecture as they go beyond the perimeter and ensure that sensitive data is controlled no matter where it travels or is stored.”
“ESG’s research uncovered a classic example of how new technologies that have incredible business value can also bring security vulnerabilities that either restrict the use of such technologies, or leave the business vulnerable,” said Doug Cahill, Senior Analyst, Enterprise Strategy Group. “In order to fully embrace technologies that encourage collaboration and cost savings, businesses need solutions that provide the capability to automatically and comprehensively secure the five Ws of data control, who can access which file, what can they do with the file, from which location or device, and when.”
The latest product enhancements to Seclore’s enterprise digital rights management solution add further advances in persistent, data centric security. The technology offers robust usage controls and advanced capabilities to ensure files are secure wherever they travel thus helping the governments of the region to meet their digital Initiatives securely.
With Seclore’s connector, files downloaded from ERP, ECM systems can be automatically protected to ensure that only authorised users are allowed to access them. Because of the persistent security, files cannot be misused, regardless of how they are shared, over email, shared drives, USBs, or cloud based services.
Advanced features in the EDRM technology include bring your own key BYOK, two-factor authentication for server-to-server communication, email protector auto discovery, policy federation, enhanced agentless access to protected documents helps give more control to the CIOs long after the file has crossed the perimeter of the organisation.
Seclore provides enterprise digital rights management solutions to verticals including banks, financial institutions, insurance companies, NBFCs, manufacturing, pharmaceutical companies, PSUs and government organisations.