Survey reveals the prevalence of security breaches at organizations

The survey discovered that 38% of organizations have experienced one or more information security breaches within the past year. In addition, nearly 31% of respondents feel their organization does an inadequate job of protecting confidential and sensitive information. 36% noted that either their organization does not have a formally documented policy about how company information is stored, managed and shared, or that they did not know if such a policy existed.

The survey also indicates that 59% of respondents stated that their organization has implemented new information security solutions, systems and/or protocols within the past year.

While unsecured network file folders are where most respondents felt their company is most vulnerable to internal information security breaches, paper files (46%) and data exposed by personal file sharing apps (44%) were also noted as weak points.

When asked about proactive steps their organization has taken to mitigate potential information security breaches, 62% said their company has created and communicated formal information governance policies to their employees, 59% have changed security and access rights to sensitive information, 47% have procured technology such as an EIM, ECM or document management system.

For organizations that have a formally documented policy in place for how company information is stored, managed and shared: 76% said their company requires employees to read information management standard operating procedures (SOPs) to ensure theyre aware of the policy, 71% stated that their company uses an enterprise content management (ECM), EIM or document management system, 65% conduct formal training on management policies and procedures.

Greg Milliken, VP of marketing at M-Files said the prevalence of information security breaches can be seen as a direct result of having an ineffective information management strategy. He added that businesses need better information management solutions to deliver the document control and security features required to protect confidential information, while still making it quick and easy for users to find the information they need.