Press Release | Intralinks VIA®

New Research from the Ponemon Institute and Intralinks finds organizations at serious risk of data loss and compliance violations due to risky file sharing practices

Date: 11/03/2014

Research Finds Organizations Lack Clear Policies, Visibility, and Authority to Control Employee File Sharing Risk

New York, November 3, 2014 – Intralinks® Holdings, Inc. (NYSE: IL), a leading, global SaaS provider of enterprise content management and collaboration solutions, published today new independent research with the Ponemon Institute into the security threat caused by unsanctioned file sharing. The report, “Breaking Bad: The Risk of Unsecure File Sharing,” shows that organizational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and that employees routinely breach IT policies and place company data in jeopardy.

“Data leakage and loss from negligent file sharing is now just as significant a risk as data theft,” noted Larry Ponemon, chairman of the Ponemon Institute. “While most companies take steps to protect themselves from hacking and other malicious activities, this report shows that these same organizations are entirely unprepared to guard against risky and ungoverned file sharing using consumer-grade applications like Dropbox. The findings in this report are shocking, and identify the holes in document and file level security, in large part caused by their expanded use beyond the corporate firewall. The goal of senior leadership should be to provide appropriate, secure solutions and enforce policies to reduce the risk created by employees’ behaving badly.”

The research found that file sharing poses a major threat to enterprise security, and that senior managers at organizations are having difficulty setting and enforcing effective policies to safeguard against data leakage. The report concludes that many organizations are vulnerable to both data loss and non-compliance due to cloud file sharing and improper file sharing practices – and it starts from the top down. Further, it is clear that the enterprise IT department has lost control of user application decision-making, as well as of company data.

Report Findings

More than 1,000 IT security professionals from the United States, United Kingdom, and Germany were surveyed. Key findings from the report include:

  • Almost half (49 percent) of respondents believe their company lacks clear visibility into employees’ use of file sharing/file sync and share applications.
  • Half of respondents (51 percent) aren’t convinced their organizations have the ability to manage and control user access to sensitive documents and how they are shared.
  • The majority of organizations have policies governing the use of file sharing, but policies are not being communicated to employees effectively.
  • Only 54 percent of respondents say their IT department is involved in the adoption of new technologies for end users, including cloud-based services.

More sobering, approximately 61 percent of respondents confessed that they have “often or frequently” done the following:

  • Accidentally forwarded files or documents to individuals not authorized to see them.
  • Used their personal file-sharing/file sync-and-share apps in the workplace.
  • Shared files through unencrypted email.
  • Failed to delete confidential documents or files as required by policies.

Ponemon’s research concludes that these file-sharing issues are making enterprises extremely vulnerable to data loss and compliance violations. This vulnerability is heightened for regulated industries like financial services, where the risks and repercussions of data loss are more severe. The research also showed that employees are acting badly when it comes to data sharing and collaboration, routinely violating IT policy in order to get things done faster. Survey respondents indicated a lack of senior-level accountability in their organizations for developing and implementing file-sharing policies. Of senior level respondents, 44% did not believe they had the ability to manage and control user access to sensitive documents and how they are shared. Among respondents who do have that ability, their confidence in asserting it was mixed.

“The negative effects consumer-grade file sharing and collaboration platforms are having on the enterprise are clear,” said Daren Glenister, CTO at Intralinks. “CIOs need to regain control of data, and to do that they need tools designed for the enterprise with security and compliance in mind, but without sacrificing end-user ease-of-use. Shadow IT is a powerful force, and it is one that CIOs need help fighting if they are to ensure the security and compliance of critical data.”

Click here to get a free copy of the research report.

About Ponemon Institute

Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries. For more information, visit www.ponemon.org.

About Intralinks

Intralinks Holdings, Inc. (NYSE: IL) is a leading, global technology provider of inter-enterprise content management and collaboration solutions. Through innovative Software-as-a-Service solutions, Intralinks solutions are designed to enable the exchange, control and management of information between organizations securely and compliantly when working through the firewall. More than 3.1 million professionals at 99% of the Fortune 1000 companies have depended on Intralinks' experience. With a track record of enabling high-stakes transactions and business collaborations valued at more than $23.5 trillion, Intralinks is a trusted provider of easy-to-use, enterprise strength, cloud-based collaboration solutions. For more information, visit www.intralinks.com.

Forward Looking Statements

The forward-looking statements contained in this press release are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995.  Forward-looking statements are express or implied statements that are not based on historical information and include, among other things, statements concerning Intralinks’ plans, intentions, expectations, projections, hopes, beliefs, objectives, goals, and strategies.  These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond our control and could cause actual results to differ materially from those contemplated in these forward-looking statements. Accordingly, there can be no assurance that the results or commitments expressed, projected or implied by any forward-looking statements will be achieved, and readers are cautioned not to place undue reliance on any forward-looking statements. The forward-looking statements in this press release speak only as of the date hereof.  As such, Intralinks undertakes no obligation to update or revise the information contained in this press release, whether as a result of new information, future events or circumstances, or otherwise. For a detailed list of the factors and risks that could affect Intralinks’ financial results, please refer to Intralinks public filings with the Securities and Exchange Commission from time to time, including its Annual Report on Form 10-K for the year-ended December 31, 2013 and subsequent quarterly reports.  Intralinks undertakes no obligation to update or revise the information contained in this press release, whether as a result of new information, future events or circumstances or otherwise.

Trademarks and Copyright

“Intralinks” and Intralinks’ stylized logo are the registered trademarks of Intralinks, Inc. This press release may also refer to trade names and trademarks of other organizations without reference to their status as registered trademarks.  © 2014 Intralinks, Inc.  All rights reserved.