When it comes to data security, documents matter. Most organizations have invested in tools that enable them to securely manage their sensitive documents. They are struggling, however, to compel employees to use these tools consistently and correctly.

Throughout the IT industry, actual document management and security practices fall seriously short. Malware-infected files frequently penetrate networks and sensitive information often falls into the hands of unauthorized users.

Despite the pervasiveness and widespread use of mobile devices, many organizations lack mobile device management (MDM) capabilities and few enforce their bring-your-own-device (BYOD) policies.

Document Security by the Numbers

According to Accusoft’s “Closing the Document Management Awareness Gap,” study, 90 percent of security teams have some kind of document management system in place, complete with policies and training programs. Only about one-third, however, provide specific security training related to document management.

Roughly another third reported that sensitive documents had been compromised due to poor security strategies, and 43 percent acknowledged that employees don’t always comply with policies. Another 43 percent ranked downloading infected files as a top document security challenge, while 37 percent cited unauthorized sharing of sensitive information was the biggest obstacle and 19 percent said accidental document deletion as the most serious challenge.

The study, CIO Insight reported, surveyed 100 IT managers and 250 additional IT professionals.

Public Awareness Lagging

The public — including your employees — has been slow to grasp the need for document management and security. Until a few years ago, most people associated data theft primarily with personally identifiable information (PII), especially financial data such as credit card numbers. Intellectual property and other corporate assets didn’t cause as much concern.

Only recently have high-profile data breaches introduced the public to the risks and consequences of compromised confidential or sensitive documents. As this awareness grows, training in document security may become more widespread and have a greater impact.

At the same time, the challenges to document management are growing on the technology front — especially due to the now-pervasive presence of mobility and widespread bring-your-own-device (BYOD) practices. About three quarters of organizations have a BYOD policy in place, but only half enforce it at the most basic level by requiring approval of employee-owned devices before they can be used on the job.

Beginning to practice these security policies is a good first step toward corporate and document security. However, there is no single magic-bullet solution to the challenge of establishing and enforcing effective document security and management policies. But that doesn’t mean it’s impossible. Document security is primarily a matter of will, not capabilities.

Learn more about Securing the data that powers your business

More from Data Protection

Cybersecurity 101: What is Attack Surface Management?

There were over 4,100 publicly disclosed data breaches in 2022, exposing about 22 billion records. Criminals can use stolen data for identity theft, financial fraud or to launch ransomware attacks. While these threats loom large on the horizon, attack surface management (ASM) seeks to combat them. ASM is a cybersecurity approach that continuously monitors an organization’s IT infrastructure to identify and remediate potential points of attack. Here’s how it can give your organization an edge. Understanding Attack Surface Management Here…

Six Ways to Secure Your Organization on a Smaller Budget

My LinkedIn feed has been filled with connections announcing they have been laid off and are looking for work. While it seems that no industry has been spared from uncertainty, my feed suggests tech has been hit the hardest. Headlines confirm my anecdotal experience. Many companies must now protect their systems from more sophisticated threats with fewer resources — both human and technical. Cobalt’s 2022 The State of Pentesting Report found that 90% of short-staffed teams are struggling to monitor…

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Meeting Today’s Complex Data Privacy Challenges

Pop quiz: Who is responsible for compliance and data privacy in an organization? Is it a) the security department, b) the IT department, c) the legal department, d) the compliance group or e) all of the above? If you answered "all of the above," you are well-versed in the complex world of compliance and data privacy! While compliance is a complex topic, the patchwork of regulations imposed by countries, regions, states and industries further compounds it. This complexity has turned…