Technology leaders were urged to work closely with business and legal teams to mitigate the security risks posed by the growing number of distributed collaboration tools taking root in their organisations.
Microsoft senior attorney Thomas Daemen said at the ISSE 2008 event in Madrid that new collaboration technologies, such as those from IBM Lotus, EMC Documentum and Microsoft's own SharePoint, are becoming increasingly popular among staff owing to their ease of use and decentralised nature.
"Because they are so easy to use, business groups will start to set up their own policies around these tools," he argued. "They are changing the risk framework [in organisations] quite substantially."
The risk burden is being further compounded as national data security mandates become ever more specific and granular, he added.
In order to mitigate these risks, Daemen advised firms to "find, fix and notify". This would involve finding any sensitive data by using advanced search tools, and notifying staff with security awareness raising programmes.
However, Daemen warned that organisations must be aware of national data protection and privacy laws that may prevent them scanning employee data.
In such instances, employees could be given self-service tools and encouraged to do the job themselves, he added.
"We are at the beginning of a new world. The 20 year-olds will expect [these collaboration tools] in your organisation, and will argue that it makes their lives more efficient," said Daemen
"So it falls on the business, technology and legal sides to work out together how best to deploy these technologies in a way that does not undercut all the good work already done."
Distributed collaboration tools add to risk burden
By
Phil Muncaster
on
Oct 13, 2008 3:32PM
Business and legal teams must act now, says Microsoft.
Got a news tip for our journalists? Share it with us anonymously here.
Sponsored Whitepapers
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see