UK firms losing battle to prevent staff putting confidential business data in the public cloud

Despite one third of UK firms banning public cloud from the workplace, its use appears endemic, unmanaged and unstoppable according to a new survey commissioned by Connected Data.

The survey of 100 UK businesses revealed stark concerns about the safety of the public cloud services, such as DropBox, Box and Amazon for sharing confidential data. However, despite this caution, the findings demonstrate that most employees’ activity via these platforms generally goes unmonitored and unchecked in 64% of businesses.

The vast majority (90%) of IT decision makers believe that sharing sensitive data in the public cloud poses some level of risk.

However, despite this inherent mistrust, only one third (33%) have banned staff from using public cloud. Of the firms that do ban the use of public cloud at work, over half (58%) admit they would not know whether their employees are using it anyway.

Other key findings include:

• Over two thirds (69%) of businesses questioned believed that public cloud services were being used by some proportion of their workforce regardless of company policy (with 29% suspecting over half their employees of doing so)
• More than a quarter (27%) rank use of public cloud as the greatest risk to their company data, above lost devices (25%), hacking (14%) and malicious staff behaviour (18%)
• Meanwhile, well over a tenth (13%) of UK firms admitted they had lost or had confidential data exposed due to staff sharing it via public cloud. Worse, an additional 19% could not be certain whether this had happened to their business or not.

The survey results go on to reveal that little is being done to protect organisations or staff against careless behaviour.

• Nearly half (48%) of those companies, which believe they are at risk, have not added guidelines to a staff manual
• Even fewer firms provide training (36%) or tools (39%) on the topic of file and data sharing

You’re fired!

Staff at UK firms who break rules about public cloud usage in the workplace could be in for a big shock. More than a fifth (22%) of the firms interviewed said staff would be instantly dismissed for using public cloud while 40% would issue staff a written warning.

What’s driving staff to the public cloud?

The survey also looked at the drivers behind cloud usage. It found that the main reason employees risk using the public cloud is because they need to access files across devices (54%). Ease of use was considered the second highest driver (48%).

Dr. Geoff Barrall, CEO of Connected Data, commented, “While we shouldn’t be overly surprised at the levels of mistrust in public cloud, we should be concerned by a growing pattern of employee behaviour that puts sensitive company data at risk. Penalties to staff are serious, yet the need to share files across different devices is leading them to break company policy and put their jobs on the line. The survey highlights how important it is to address this dilemma before more company data is lost or exposed.”

Can private cloud solve the problem?

The survey coincides with the UK launch of Transporter for Business, the industry’s first private cloud appliance from Connected Data. Transporter for Business allows users to sync and share files privately. By offering employees the cloud features they enjoy and require, Transporter eliminates the temptation to use unauthorised public cloud solutions that could put sensitive business information at risk.

Barrall concluded: “Whilst we know employee behaviour cannot be changed overnight, there is a way to keep data safe and give employees the work tools they need. Private cloud solutions enable companies to take full responsibility by protecting their sensitive data whilst enabling their employees to do their jobs as efficiently as possible.”