Too many organizations are relying on IT departments to protect company information, particularly sensitive data that is shared electronically and must meet compliance regulations.
Issues surrounding document integrity have come to the fore in recent months with one high-profile case involving the Victorian Police.

The database breach led to Victoria Premier Steve Bracks declaring he was "sick and tired" of security breaches involving classified files.

IFocus consultant James Kaminski said organizations need to make their employees "information literate" by creating a culture of best practice for the entire life cycle of company information.

"Most employees are expected to create, use and manage information and make informed decisions," he said. "But a common mistake is for business units to rely on IT departments instead of building information literacy throughout the whole organization."

Kaminski said that successfully managing information requires a focus on two very different areas: technical tools and human behavior. He said there is too much reliance on the technical side when it comes to storing and managing structured data.

"Business rules and procedures provide governance for managing information, but it is the people's ability to understand and interpret those rules that often fails," he said.

However, software provider Workshare believes technology is the solution, because most document integrity policies are flawed as the onus is on people to make manual checks rather than using software to do it for them.

Workshare's Asia-Pacific general manager, Andrew Pearson, said information integrity is too important to be at the mercy of human error.

Last week, Workshare launched part one of a global campaign, entitled Five Steps to Document Integrity, to combat a phenomenon known as the "Inside-Out" threat.

This is the opposite of malicious external threats such as hacking or computer virus attacks, which most companies' security strategies are set up to combat.

Pearson said the inside-out threat is still not taken seriously in Australia.

"The inside-out threat is still not understood or taken seriously; many companies believe they have effective data governance policies and document integrity solutions. Frankly, many don't."

Source