Companies constantly face situations where files with company’s critical, confidential, information must also be shared outside the company: to board members, consultants or, for example, to network of subcontractors. I often hear of the challenges related to information sharing.
Organization’s practices are tested particularly at the moment information must be distributed to stakeholders. Internal tools may be functional, but they rarely bend to be used between different organizations. E-mail is also not appropriate, especially when several parties are involved: discussion starts to spread, message headers do not correspond with the content, or message threads are responded with a delay. Information becomes dispersed into the depths of participants’ e-mails. Also the limitations to sending attachments make it difficult to share information. And sometimes also e-mail encryption is forgotten.
If the company offers its employees tools that do not serve their needs, they will develop their own solutions for information sharing. In many cases the solution will be a cloud service directed to consumers that the employee purchases with their own personal credit card. This causes multiple risks to the company: the terms of service are built for consumers, information is not protected, the right to use knowledge is transferred from the company to the employee, and company’s information management is dispersed. Different employees adopt different tools and it takes time to learn how to use them.
After all, it is only a matter of understanding: the company management must be aware of the needs related to information sharing. One can then look for solutions that serve both users and the company. For example, it is easier to do project work if all data can be collected in the same place since the beginning of a project and can also be securely distributed to the project partners in different organizations. It will also bring added value if the project communication between the parties can take place where the information is shared; thus the entity is kept under better control. When the project is closed, the data can be easily archived or deleted when it is assembled in one place.
How far along is your company in solving these challenges? Some companies are already offering their employees good tools for sharing information securely; some are only now becoming aware of it. The most serious risks involve companies that have not even thought of the security of information sharing – alarmingly often the company’s management is not at all aware of how and with what tools the company’s confidential information is shared. If your business falls in the last category, it is high time to take the situation under control. Once aware of the challenges, they can also be solved without compromising information security.