A recent survey of companies either using or evaluating Microsoft SharePoint revealed some interesting data about security concerns regarding the risks of data tampering within the wildly popular enterprise collaboration tool.
Conducted by eMedia USA for tech security firm Surety, LLC, the survey found that nearly one-quarter of the 300 IT professionals who responded lacked confidence that their data was being adequately protected when being accessed in SharePoint. Worse, another 10 percent said they had
no controls in place to ensure the integrity of electronic records. (Good thing this was an anonymous survey; I'd hate to have to answer to that appalling situation.) Since 46 percent of respondents indicated the value of the data in SharePoint exceeds $10 million, you've got to wonder what they're thinking.
Let's move past the speculative. Nearly one in five respondents (18 percent) reported having a data breach within SharePoint. Not surprisingly (though the report termed it "shocking"), the majority of those breaches (67 percent) came from insiders with access to SharePoint.
That's where those controls might come in handy. You just can't have employees roaming through SharePoint at will. They might work for you, but that doesn't mean they all have good motives or know what they're doing. Of the insider breaches, 22 percent were termed malicious and 44 percent were deemed inadvertent.
Respondents said the biggest consequence of a SharePoint breach (62 percent) would be data loss. But the list of potential negative outcomes is long and includes: financial risk, operational downtime, corporate espionage, intellectual property compromise, reputation risk, access and identity management compromise, compliance with legislation and regulations and litigation risk.
Regarding security measures in place, more than half of the respondents (54 percent) said they use IPsec/SSL encryptions, followed by information rights management (36 percent) and digital signatures (31 percent). But -- and this truly is amazing -- 16 percent have no security measures in place.
Here's the
press release announcing the survey results.
Comment and Contribute
