Almost a third (30%) of global office workers have been admonished by their bosses after sending sensitive business and personal information via non-approved online channels, according to Veritas Technologies.
The data protection vendor polled 12,500 white collar workers in Europe, the Middle East, APAC and the US to better understand the risks they’re taking during lockdown.
The vast majority admitted to sharing business-critical data (71%) and sensitive personal information (75%) via IM or online collaboration apps like Teams and Zoom.
This includes corporate passwords and card details, client details and business plans, banking and salary information, and even COVID-19 test results and medical details.
In the UK, just a fifth (23%) said they’d been reprimanded by their boss and half (51%) admitted sharing sensitive info via collaboration apps. Many more workers have been warned about inappropriate data sharing in the US (39%) and South Korea (40%), while in China 80% admitted sharing details via IM.
The problem isn’t necessarily that these platforms aren’t secure – many of them now support end-to-end encryption. It’s that if they are not approved by IT, then organizations could run into compliance issues.
“There are two major challenges with this type of information sharing. Firstly, some of it should never be shared with anyone – no one should be sharing their PIN, for example,” argued Veritas GM of digital compliance, Ajay Bhatia.
“Secondly, some of it should only be shared in the right way. Business information that’s shared without leaving a permanent record can cause legal and compliance issues for companies. The same can be true for personal information if it becomes something that you later need for tax or medical reasons, or, worse, if the person you’re chatting with turns out to be scamming you.”
Unfortunately, 79% of global respondents said they’d still share sensitive business information again in the same way in the future.
“Our message to bosses is simple: don’t fight it – fix it. If a third of all employees have already been reprimanded without behaviors changing, a new approach is required,” Bhatia concluded.
“Embracing messaging apps and business collaboration tools fully into data management and protection strategies means that organizations can take back control of the data and ensure that they’re compliant and protected.”