Content Anarchy: The Lurking Security Risk in A Digital-First World

By Ellen Benaim, Chief Information Security Officer, Templafy

More than two years since the onset of the pandemic, remote and hybrid workplaces are here to stay. Research late last year from Gallup found that nearly half of full-time employees in the U.S. (45%) were still working from home to some degree, and there’s no sign of hybrid work going away any time soon.

The hybrid work trend has further accelerated a pre-pandemic business movement towards a digital-first environment, also known as the “digital HQ.” Now, businesses are rethinking everything from the way they structure internal communications to how they define business content. Today’s definition of content encompasses traditional marketing materials like sales decks and social media copy, but it has also expanded to include business assets like legal contracts and metadata.

Recently, Templafy surveyed more than 600 full-time workers across the U.S. to better understand how the growth of content impacts the modern business. The research revealed that content creation is a massive part of today’s typical work – on average, employees spend fifteen hours a week creating content. That’s almost two full days.

As the amount of content used to conduct business on a day-to-day basis has grown exponentially – now any action with a digital record is new content – businesses are struggling to keep up. Many lack a strong content infrastructure to manage these workflows, allowing content to create risk – everything from security breaches to financial loss – instead of positive outcomes for a business. When this is how a business operates they’re unknowingly submitting themselves to “content anarchy” and the only way to solve this is to implement technology tools to manage and govern workflows starting at the point of creation. And this is particularly important in documents, because they so often represent the health and well-being of a business. Let’s take a deeper look at how these risks manifest across a business and the potential solutions to solve for them today.

Manual classification leaves room for human error

Nearly every employee handles classified or proprietary information from time to time – in fact, 94% of our report respondents agreed with this statement. But in a digital business environment, where we’ve seen an uptick in asynchronous communication, the risk of accidentally sharing sensitive content within documents is higher than ever before.

Nearly two-thirds of survey respondents said their company lacked secure, system-wide alignment when it comes to content. Many companies still lack the technology needed to ensure privacy and security procedures are upheld, and instead depend on written processes and individual employees to properly classify and safeguard sensitive documents. Even worse, Templafy’s study found that over half of respondents said their company had mistakenly shared sensitive documents with unauthorized parties. In today’s hyperconnected world, where security and privacy are paramount, these types of mistakes not only open the door to lost business and  revenue, but also damage to brand reputation and the risk of consumer complaints and fines from regulating bodies.

Regulatory requirements are evolving, content infrastructure must too

Industries like financial services, legal, healthcare and insurance have long been beholden to strict and ever-changing regulatory and compliance requirements. But in today’s environment, every business must scrupulously attend to regulation requirements, including those in education, technology, and even retail, since the majority of business is conducted online and more user data is housed in the cloud than ever before.

For example, new privacy legislation in the United States like California’s CCPA requires any company dealing with personally identifiable information to properly safeguard customer data. That’s new territory for many companies, and demands they think about how this data is being used in business documents in order to ensure it is compliant. However, complying with these new regulations is next to impossible with the current tools being used to govern company content.

Unfortunately, there are major legal and financial consequences for companies that do not comply with regulatory requirements, and employees recognize this: 88% of respondents agree that security requirements are increasing and upholding them has never been more important than it is today. Yet until businesses evolve their content infrastructure systems to safeguard their content, they’ll struggle to stay on top of ever-changing regulatory requirements.

The meta risk of metadata

With the proliferation of content over the past few years, businesses have also seen a proliferation in metadata. Metadata is increasingly important in helping businesses organize and secure content, yet nearly two-thirds (58%) of respondents in leadership roles admit they lack comprehensive knowledge on what metadata is or why it is important to business document management and creation.

Metadata is information that helps describe and classify content, and it plays an important role in driving business outcomes and reducing financial and brand risk. Enterprises can even use metadata to prove they’re complying with the latest security regulations. A document governance system is essential to managing metadata, and without one, businesses are vulnerable to classification mistakes. In fact, three in five survey respondents agreed that a lack of control when it comes to metadata and classification poses a significant financial risk to the business.

Control and good use of metadata can help streamline workflows and ensure permission levels for sensitive content are upheld. Conversely, Templafy’s survey found that poor metadata practices risk significant legal ramifications (67%); damage to reputation (66%); loss of customer trust (62%); and significant business risk (60%). Executives and technology leaders must not overlook metadata when developing their security and compliance strategies.

Templafy’s research shows that managing content anarchy is paramount to protecting a business and benefitting the bottom line. Enterprises must implement content enablement solutions which will streamline content creation, govern documents and manage metadata, removing the brand and security responsibility from individual employees. Enterprises that invest in content infrastructure will see a return in the form of revenue, productivity, brand reputation and security. Those that do not may be left picking up the pieces.

About Ellen Benaim

Ellen Benaim AuthorEllen Benaim is the Chief Information Security Officer at Templafy, the next gen document generation platform. As CISO, Ellen has developed Templafy’s security-first approach and oversees company-wide information security and governance programs to ensure the organization follows all necessary protocols. This enables Templafy to provide the best, most secure platform to its customers as it aligns workforces and enables employees to create on-brand, compliant and high-performing business content faster.

Ellen started her career as technical support at Templafy, quickly attained the role of Information Security Officer due to her merit, and was promoted to Chief Information Security Officer in March of 2020. She holds a Bachelor of Science in Business Information Systems from University College Cork. Ellen can be reached online at linkedin.com/in/ellenbenaim/ and at https://www.templafy.com/

FAIR USE NOTICE: Under the “fair use” act, another author may make limited use of the original author’s work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material “for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.” As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner’s exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Credit: Source link

Comments are closed.