Document integrity still at the mercy of human error

Too many organizations are relying on IT departments to protect company information, particularly sensitive data that is shared electronically and must meet compliance regulations.

Issues surrounding document integrity have come to the fore in recent months with one high-profile case involving the Victorian Police.

The database breach led to the Victorian Premier Steve Bracks declaring he was "sick and tired" of security breaches involving classified files.

iFocus consultant James Kaminski said organizations need to make their employees "information literate" by creating a culture of best practice for the entire lifecycle of company information.

"Most employees are expected to create, use and manage information and make informed decisions," he said.

"But a common mistake is for business units to rely on IT departments instead of building information literacy throughout the whole organization."

Kaminski said that successfully managing information requires a focus on two very different areas: technical tools and human behaviour.

He said there is too much reliance on the technical side when it comes to storing and managing structured data.

"Business rules and procedures provide governance for managing information, but it is the people's ability to understand and interpret those rules that often fails," he said.

However, software provider Workshare believes technology is the solution because most document integrity policies are flawed as the onus is on people to make manual checks rather than using software to do it for them.

Workshare's Asia Pacific general manager, Andrew Pearson, said information integrity is too important to be at the mercy of human error.

Last week Workshare launched part one of a global campaign, entitled Five Steps to Document Integrity, to combat a phenomenon known as the "Inside-Out" threat.

This is the opposite of malicious external threats such as hacking or computer virus attacks, which most companies' security strategies are set up to combat.

Pearson said the inside-out threat is still not taken seriously in Australia.

"The inside-out threat is still not understood or taken seriously; many companies believe they have effective data governance policies and document integrity solutions. Frankly, many don't."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about PearsonVictorian Police

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Sandra Rossi

Latest Videos

More videos

Blog Posts