The Security Reality of Road Warriors

Sunday, October 28, 2012

Barrie Hadfield


Sales and marketing are often considered to be two sides of the same coin. While those who have worked on either side of the proverbial coin can attest to their vast differences, one fact remains -- both professionals typically require substantial working from the road. And while accessing corporate documents from outside of the firewall always raises some security flags, a recent survey[1] that we conducted of 1,900 sales and marketing professionals shows those who work in sales and marketing are particularly at risk.  Simply put, both sales and marketing professionals have a tendency toward keeping IT admins in the dark about the free file-sharing tools they use for work.  

In fact, only 53 percent of marketing professionals notify their IT departments when using free, cloud-based file-sharing platforms for work, according to the survey[2]. That number dives down to 29 percent when polling sales employees. Both results are notable, but the fact that seven out of 10 sales employees are sending potentially sensitive corporate information into public clouds with only a log-on acting as a security safeguard -- and not letting IT know -- is especially eye-opening.

Why is this so problematic? First, let’s consider how prevalently these consumer-oriented tools are being used. Eighty-one percent of those in sales and 70 percent of those in marketing use free file-sharing software for corporate documents. However, when a patchwork of unauthorized, consumer-grade file-sharing tools are used within an organization, valuable information is funneled into intricate data silos or stored across various devices and platforms, causing IT admins to lose essential oversight and tracking of this data. For organizations handling sensitive or proprietary information, unauthorized file-sharing can result in the leakage of mission-critical information or costly compliance violations. This is on top of the annoying collaboration inefficiencies and frustrations that ad-hoc file-sharing contributes to, like the inability to locate updated versions of documents in a centralized location.

Yet considering the fast-paced, mobile and highly-collaborative nature of sales and marketing, it’s understandable these professionals would gravitate toward embracing free, file-sharing tools quickly, eschewing any red tape. Consider that 88 percent of sales professionals and 70 percent of marketing professionals use their mobile devices for work, free file-sharing guarantees them instant access to any document they need anytime. Of course, from a security perspective this introduces innumerable nightmare scenarios. How can the company keep track of which sensitive documents are being downloaded onto personal devices -- and who is viewing them? What if that device is stolen? Free file-sharing rarely provides safeguards against such risks.  

That’s not to say file-sharing is inherently problematic. When used properly, cloud-enabled file-sharing allows employees, partners and clients to share information without cluttering inboxes and alleviating the burden on corporate servers. But the problem is, by its very nature, consumer-oriented file-sharing platforms can never be used properly in an enterprise setting. They’re simply not designed that way.

Plus for marketing and sales professionals, technological advances over the past decade or so have made it so easy to work on the road, putting those who do not have seamless access to work documents at a distinct disadvantage to their more advanced competitors. In fact, a staggering 97 percent of marketing professionals and 80 percent of sales professionals report needing access to work documents outside of the office. The result is that these road warriors, best known for their maverick sensibilities, have found the easiest way to quickly access corporate documents, which entails signing up for a free file-sharing account and either having colleagues upload documents from the office for them, or doing it themselves the next time they are home.

Considering the urgency and immediacy of sales and marketing, letting IT know is an afterthought, if warranting a thought at all. For instance, let’s compare sales and marketers to those who work in administrative job functions, such as human resources. Among administrators, less than half even use free file-sharing platforms at work and among those who do, 62 percent inform IT admins of their use. And since only 35 percent of administrative workers require remote access, they are afforded a greater opportunity to go through the proper authorization channels during work hours. Not so much for the marketing or sales professionals requiring access to a document on the company’s server in New York, while at a trade show in Hong Kong, for example.

Compounding this problem is that the connections employees use while traveling are inherently among the least secure, and most vulnerable to outside threats. Logging into a file-sharing platform from a public port or terminal allows unwanted visitors, through simple user error such as forgetting to log-off, to have access to whatever the employee uploaded. This is why visibility into who has accessed a document - and when - can be so critical.

While this survey might paint a rather bleak picture, in actuality, it presents IT admins with the insight necessary to make decisions about their organization’s collaboration infrastructure. Marketing and sales professionals will, inevitability, require a cloud-based collaboration processes or they face a potential competitive disadvantage. Therefore, IT executives are best-served by investigating the rate at which their employees are using unsanctioned tools that facilitate potential breaches of security, and exploring alternatives that allow them to remain equally connected while on the road.


[1]Our analysis was based on a survey conducted by the Association of Information and Image Management (AIIM) during a SkyDox/Workshare webinar on enhancing a collaborative ecosystem. In AIIM’s original survey, the same four questions were asked to a sample of ninety people from a wide range of companies across the US and Europe.

[2] A full infographic on the survey findings can also be downloaded here.

Possibly Related Articles:
Information Security
Cloud Security Marketing Infosec IT Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.