Employees are sharing data out of the control of the businesses that employ them.
Veritas Technologies, a global firm specializing in data protection, availability and insights, has today revealed new research highlighting the dangers of misusing instant messaging (IM) and business collaboration tools. 87% of office worker employees in the UAE have admitted to sharing sensitive and business-critical company data using these tools, the survey found.
The Veritas Hidden Threat of Business Collaboration Survey, which polled 12,500 office workers across ten countries, including the UAE, shows employees are taking data out of the control of the businesses that employ them, exposing companies to risk. 62% are saving their own copies of the information they share over IM, while, conversely, 47% of those surveyed in the UAE delete it entirely. Either approach could leave companies open to significant fines if regulators ask to see a paper trail.
Sensitive data being shared by employees on these channels includes client information (28%), details on HR issues (22%), contracts (19%), business plans (33%), and even COVID-19 test results (13%). Yet, less than a third of employees suggest that they hadn’t shared anything that could be compromising. The research also reveals that, while employees are using collaboration tools to close deals, process orders and agree on pay raises, many are doing this despite believing that there will be no formal record of the discussion or agreement. In fact, 69% thought that the businesses they worked for were saving this information.
"Johnny Karam, Managing Director & Vice President of International Emerging region at Veritas Technologies, said: “For millions of us, our entire way of working has been reset since the start of 2020. We have seen a dramatic shift in how we, as businesses, communicate both with our employees and our customers in the region, and companies are rushing to bolster their data protection and discovery strategies to include the platforms where their business is actually being done. ”
Increased use is compounding issues
The research shows that the challenge is compounded by the amount of time employees are now spending using messaging and collaboration apps: time spent on tools such as Zoom and Teams has increased by 20% since the start of the pandemic.
A significant amount of business is now being conducted as routine on these channels and employees are taking agreements as binding. For example, as a result of receiving information over messaging and collaboration tools, 45% of employees have accepted and processed an order, 42% have accepted a reference for a job candidate and 33% have accepted a signed version of a contract.
Sensitive data is being shared on these tools in spite of the fact that 33% of knowledge workers have been reprimanded by bosses for their use of them. These admonishments may have been in vain, however, as 79% of all workers responding to the survey said that they would share this kind of information in the future.
Karam continued: “It is now clear that constraining employees to ‘approved’ methods of communication and collaboration tools isn’t effective. Instead, our message is simple: don't fight it - fix it.”
Instant Messaging (IM) trusted nearly as much as email
When asked which methods of communication provide the most reliable proof that an agreement is binding, the trust that workers had didn’t appear to be based on the ability of a business to capture the discussion as evidence:
Email is viewed as a reliable affirmation of an agreement by 97%, followed by electronic signature at 94%
IM was still trusted by 95%, SMS text by 91% and WhatsApp by 87%
73% even viewed social media as reliable proof that something has been agreed
Karam added: “Business data is now everywhere. Deals are being done, orders are being processed, and sensitive personnel information is being shared, all through video-conferencing and messaging platforms. It is now critical for companies to include this rapidly growing volume of data in their protection and compliance envelope. If they don't, the implications could be huge.”
The research also uncovered some interesting patterns that emerge from country-to-country comparisons:
45% of workers in the UAE would accept an order over an instant messaging app and start processing it. But regional differences exist – 49% in China would action the sale, while only 24% in the UK would do the same.
While 63% of employees in the UAE are saving their own copies of information shared over instant messaging apps, 75% of office workers in China are doing this compared to just 44% in the UK.
Willingness to use business applications for personal purposes varied considerably. 55% of UAE employees have used corporate applications for personal conversations, almost on par with employees in China and South Korea (57%), compared to just 32% in UK.
Some employers are clearer in enforcing their policies than others with an average of 33% respondents in the UAE having been reprimanded by their employer for their IM use. The number increases to 39% in the US but goes down to 21% in Brazil.
Veritas recommends the following steps for businesses that want to regain control of data being shared over messaging and collaboration tools:
Standardize on a set of collaboration and messaging tools that meet the needs of the business – this will limit the sprawl;
Create a policy for information sharing – this will help control the sharing of sensitive information;
Train all employees on the policies and tools that are being deployed – this will help to reduce accidental policy breaches;
Incorporate the data sets from collaboration and messaging tools into the businesses’ data management strategy using eDiscovery and SaaS data backup solutions – this will empower users to make the most of the tools without putting the business at risk.