Adding to respondents’ compliance woes, nearly one in three admit their company knowingly takes risks because they don’t have the resources to be totally compliant. Considering these results, it’s no surprise that only 37.5% of respondents state they are very confident that their organization would pass a compliance audit if selected.
The survey polled more than 200 IT and business decision-makers across the U.S. and Canada to gain insight into corporate email and FTP habits. The survey particularly focused on those in industries that routinely deal with sensitive data and compliance regulations, such as financial services, healthcare and government.
Though 80% said their company has security and compliance policies for transferring files electronically, respondents feel they are not clearly understood or followed.
- Only 45.5% of this group feel employees/co-workers fully understand these policies.
- 84% believe employees/co-workers routinely or occasionally violate security and compliance policies.
- 34.2% of respondents have used, or recommended that others use, free consumer-type file transfer services such as YouSendIt, Dropbox, iCloud, etc. for work purposes.
- 43.4% stated their company does not forbid the use of free consumer-type file transfer services.
- 52% said their company does not block the URLs to free consumer-type file transfer services.
- 34.5% of respondents do not have the ability to encrypt email.
- 28.9% said their company does not monitor the content of outbound email and file attachments for compliance purposes.
- 42.5% are only “somewhat” confident in the technology their company uses for filtering outbound email and file attachments for compliance purposes, and an additional 3.8% are not confident at all.
- 54% do not have a single tool for securely encrypting sensitive email and transferring files.
- When asked to describe their company’s approach to compliance, 31.5% said they take risks because they don’t have the resources to be totally compliant.
- 38.6% of respondents feel it is not likely their company will be selected for a compliance audit in the next 12 months, with 37.5% saying it is only “somewhat” likely.
- Only 37.5% of respondents are very confident their company would pass a compliance audit.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.