NEGLIGENT BOARDROOMS POSE SIGNIFICANT RISK TO UK FIRMS’ CONFIDENTIAL DATA

UK boards are ‘digital dinosaurs’, failing to embrace new secure technologies and flouting compliance and regulatory policies

A new survey* by Brainloop indicates that UK firms are risking the security of their most confidential and valuable data due to out-dated and insecure boardroom practices.  In addition, many firms could be in breach of regulatory instructions by failing to destroy confidential documents in line with compliance policies.

Insecure distribution methods win the majority vote in many UK boardrooms

The Brainloop survey revealed that more than half of UK firms are not using secure, digital board solutions to distribute confidential information.  Of the respondents, the highest proportion using a digital board solution is in firms of 500+ employees (49 percent).

Nearly one third of those questioned in the survey (32 percent) are still using paper and postal services to distribute confidential board material. 34 percent are using email, the number one threat vector for organisations, according to Verizon’s Annual Data Breach Survey.  40 per cent of firms in the 51-250 and 251-500 size brackets cited email as their preferred distribution method.

UK firms resisting paperless boardroom and falling foul of compliance laws

Brainloop’s study confirmed the paperless office (or boardroom) is still a long way off as when it comes to the meeting itself, over 70 percent of respondents said that they still carry hard copies of board material.  Larger organisations – 251-500 employees – are the most reliant on hard copies, with 80 percent of this group admitting they still use physical documentation.

When it comes to destroying confidential documents 40 percent of those questioned were unable to confirm that this was done in line with compliance policies.   Nearly one quarter (22 percent) admitted they did not know if this happened.  16 percent adopted a more casual attitude admitting that ‘sometimes’ they destroyed documents in line with compliance policies.

Negligent Boardrooms Pose Significant Risk To UK Firms’ Confidential Data
Negligent Boardrooms Pose Significant Risk To UK Firms’ Confidential Data

World’s least secure mobile O/S used by almost one quarter of respondents

Almost one quarter of respondents in the Brainloop survey (22 percent) are using mobile devices running Android to access confidential board material.  If they’re not using a secure app they could be leaving themselves open to a potential information leak’;. Security issues related to the Android operating system are well documented and according to researcher and security specialist, F-Secure, Android accounts for 97 percent of all mobile malware.

Graham Stedman, Senior Partner at Nabarro, said: “We wanted to update our boardroom practices. As an international law firm, we needed a system that would preserve the confidential nature of the documents we use but at the same time facilitate the easy dissemination of those documents to busy board members often working in different offices or on the move. We use Brainloop’s system to distribute encrypted documents in a secure digital boardroom. Board members have the board papers readily to hand on their iPads including those relating to past meetings. The security and ease of distribution is just what we wanted.”

Brainloop’s Secure Boardroom helps board members to ensure effective, efficient and secure boardroom communications with:

  • A centralised repository to ensure immediate, secure access from any device
  • Board books can be easily collated and distributed
  • Seamless integration with Microsoft Office ensures work in a familiar environment
  • Strict access controls ensure document confidentiality and protection
  • Online voting, acting by proxy and ad hoc meetings accelerate decisions
  • Best of breed security with advanced document encryption, Microsoft RMS, operator shielding and SOX-compliant audit trail

Mark Edge, UK Country Manager at Brainloop, commented: “Board members are working with confidential business information every day, and ultimately are responsible for the security of that information.  Organisations should continuously review the practices they employ around board communications to ensure that it is not the weakest link in their IT security armour.”

* Brainloop survey of 100 business professionals was conducted in March 2015 at ICSA’s  London conference on March 12th 2015.  Those questioned included company secretaries, company directors, non-executive directors, senior management and secretaries / administrators.