Healthcare remains relatively weak in securing information storage. A study conducted by the Ponemon Institute and Metalogix, regarding how organizations store confidential data and use file sharing environments such as SharePoint, outlined major developments in the improvement of cyber security.
The study included findings from 1,403 respondents from the United States, United Kingdom and Germany.
- 49 percent of respondents had at least one data breach through SharePoint in the last two years.
- 48 percent report their organization does not control access to sensitive data.
- 64 percent believe their organization does not properly ensure contractors and third parties interact with confidential data appropriately.
- 79 percent don't believe current data protection tools are "very effective" in protecting confidential information.
- 68 percent don't have sufficient visibility into locations where sensitive data is located.
- 59 percent believe their organization doesn't ensure SharePoint users interact with confidential or sensitive data appropriately.
"SharePoint houses a vast amount of sensitive data, but organizations are not taking sufficient steps to keep it safe," said Larry Ponemon, chairman and founder of the Ponemon Institute. "The pressure to be productive is causing employees to put sensitive data at risk. Security and SharePoint professionals must understand where this content resides and how it is accessed and shared."
Findings addressing prevention included:
- 63 percent believe having appropriate data loss prevention technologies would be most effective in preventing data breaches.
- 73 percent report automated discovery of sensitive information.
- 62 percent believe education for SharePoint users is the first step in protecting sensitive data.
- The top concern in all countries was temporary workers, contractors or third parties accessing data they should not see.
"Security SharePoint experts must come together to protect sensitive data," said Steve Marsh, VP of product management at Metalogix. "With the right tools and policies in place, users are empowered to handle content responsibly and organizations can meet compliance and security responsibilities."