There’s a serious gap between how IT managers perceive document management in the organization and the way regular users view the issue. Take this 2016 study from Accusoft: in a survey with 100 American IT managers and 250 full-time employees, 90% of IT pros said they felt confident they had the right tools to protect organizational documents. However, a whole 20% of employees said they don’t even know what document management system their company uses.
This is a serious discrepancy – even if IT managers are confident in their technology, that confidence is irrelevant if one in every five employees don’t even know what document management tool they are supposed to be using. How does this situation pan out in your organization? If you were to ask ten random employees, are you certain they’d all know what document management tools they’re supposed to use and, more importantly, how they should be using them?
Accusoft’s study also revealed that 34% of companies have lost sensitive information due to poor file management practices. And, as a recent study from the Ponemon Institute reported, the average cost of a lost or stolen record is $154 (a rise of $9 on the previous year). And that is per record. Combining such a high cost of document loss with the high chance of losing data, it’s clear that organizations are facing a huge threat; protecting your sensitive information will absolutely depend on good records management. Unfortunately, it seems good records management is still far from embedded in the real day-to-day practices of many organizations and their employees.
Why does poor document management result in sensitive data issues?
When documents are managed poorly, data leaks and the like significantly increase your chances of losing sensitive data. Furthermore, if your organization’s document management system is hacked from the outside, a poorly managed environment would likely lead to a greater number of documents being stolen than a well-managed environment. Let’s explore why:
· ‘Losing’ documents
If employees fail to add the correct metadata to files, it makes them hard to search for within your document management system. If a file is given an unusual or vague name (i.e. ‘report 4’) and stored in the wrong place or within an enormous list, it can be almost impossible to find later.
· Failed audits
If documents are managed poorly, you face a major challenge when it comes to providing auditors with key files. If those documents haven’t been given the correct permissions or are stored within ‘open’ libraries where anyone can access the information they hold, you face the possibility of major fines.
· People will begin using shadow IT
If your document management system is underused – or if employees find it confusing and hard to navigate, expect them to begin using shadow IT. While this may make work easier for them in the short term, long term it will come back to be a thorn in your side. When employees who have been using shadow IT leave, all their documents are stored in an environment that you can no longer access. And of course, IT doesn’t have control over these environments, and they can therefore be a lot riskier.
· Easier to result in large breaches
If you have large, disorganized document libraries with limited security standards applied to them, it becomes very easy for internal breaches or external hackers to do enormous amounts of damage if they get access. Ensure sensitive documents and records have the correct permissions applied to them and are stored in areas of your environment that have additional layers of security applied.
These are just some of the many ways that poor document management can put your sensitive data at risk. So, what can you do to begin cutting these risks?
Document management best practice
To ensure your environment is secure, a good idea is to begin with an audit. Are your processes, security levels and methods conforming to best practice? There is a huge amount of help online to aid you assess the security of your environment and your document management practices. Having audited the environment yourself, aim to resolve the principal issues you discover and provide additional training to staff on where to improve their document management behaviors.
A major cause of poor document management among staff is user experience with IT and the fact that following best practices is often hard and confusing when using internal software. Employees will avoid storing documents correctly if it feels more difficult than simply storing documents to their desktop, their inbox or a shadow IT environment (their personal Dropbox or Google Drive, for instance). Check out harmon.ie’s SharePoint-based document management solutions that help resolve this issue. By making it easier to store documents correctly, users are more likely to follow best practice, store documents where they should and, ultimately, reduce the chance of having a breach of your sensitive data.
Learn more about how harmon.ie can support your document management initiatives today!