Some of the main challenges that businesses face each day include protecting themselves from cybersecurity threats and keeping up with regulatory changes. Dr. Michael Berger, President of DocuWare, one of the leading cloud document management and workflow automation software providers, speaks to Companies Digest on how he’s seeing companies currently minimising risk, and shares some interesting insights from a recent DocuWare survey of more than 300 managers and executives responsible for data security and compliance.
What are the main security challenges organisations are facing today?
It’s not new news that COVID-19 has completely shifted how companies operate. Remote working has become the norm around the world, however with significant numbers of employees working from home, the issue of security arises two-fold. One, company networks and devices become even more vulnerable to cyber-attacks. Second, manual – specifically paper-based processes – are extremely difficult to facilitate offsite and are even less secure.
Reports of security measures going wrong within organisations are on the rise. Our recent survey confirms that these weak spots are just as prevalent as they seem, with 70% of our respondents claiming they experienced the negative effects of security glitches in the last two years. While worldwide cyber-attacks have increased overall, further insights conclude that some of the most common issues involve malware and vulnerability in third-party applications, with missing paper files causing 6.1% of security issues reported.
For privacy regulation, what has had the greatest impact on businesses?
Regulations are daunting at the best of times, and according to our survey over the past two years, a whole range of regulations have affected businesses. Over a third (36%) of respondents have been impacted by the lack of enforcement of HIPAA regulations. With a further 12.6% noting that they’ve been affected by the failure to meet GDPR requirements. Other companies report grappling with the Shield Act, COPPA, and industry-specific regulations.
To ensure organisations meet requirements and can regulate access rights clearly and easily, it is essential they digitalise processes to ensure data integrity and check that information is complete, accurate, and stored with administrative and technical safeguards. Additionally, organisations must ensure that they are meeting compliance and regulations standards, such as GDPR as previously mentioned, by implementing systems for internal tracking on what has happened with personal data and how it can also be deleted.
Are organisations willing to undertake initiatives in order to overcome these challenges?
For many business leaders, their security strategies continue to be a work in progress. As we saw from our survey, 58.6% of respondents have said that they are certifying their organisation for compliance standards, and nearly half (45%) of respondents are designating a compliance officer.
While internal security is always critical, so too is safeguarding sensitive information such as customer and membership data. We’ve found that there is a real concern around hackers trying to access this information, this is shown to motivate many security initiatives. However, from speaking to managers across the industries we work with, the focus is guaranteeing simplicity and ensuring that unwieldy processes don’t interfere with relationships with customers, business partners, and vendors alike. For example, at DocuWare we have anti-corruption, conflicts of interest, whistleblowing, and potential security incident forms for our employees to submit if they witness any suspicious behaviour to start an incident handling process. Having these processes in place, not only means our organisation can handle any potential problems more efficiently and effectively, but we are also empowering our employees to take charge of reporting and tackling security issues.
How important are education and training for employees in managing these issues?
Educating employees is a direct route to improving compliance and security. Many employees, because they have lacked training before, simply aren’t aware of what they should and shouldn’t do, and so they may even in good faith, make decisions that threaten security. However, in our survey, we noted an extremely positive 72% of organisations redoubling their training efforts. Businesses are investing more in education to safeguard themselves in the future.
What role does technology, such as the cloud, play in streamlining compliance processes, and detecting and preventing incoming and potential threats? And how can businesses leverage these successfully?
One of the positive changes to come out of the pandemic is the move many companies have made to more digital means. When respondents of our survey were asked what they’re doing every day to ensure they meet compliance and security standards, almost three-quarters (74.8%) said they are investing in new technology. This is very positive to see. At DocuWare, we’ve seen an increased uptake in our solutions since the start of the pandemic. We believe this is proof that businesses truly are investing in technologies to support a remote workforce.
Tools such as digital workflows which replace manual – often paper – processes and cloud-based solutions which provide state-of-the-art security, allow organisations to have peace of mind so that they can continue with minimum disruption. For example, to help our employees and customers stay secure, DocuWare software allows users to manage retention periods for documents, and based on document type they can set it up to automatically delete marked documents on a certain date. It can also limit access to documents, ensuring that only the right people or groups of people can view edit, or collaborate on them.
Automated systems such as these of which centralisation (particularly helpful for the implementation of new and changing regulations), privacy protection, and business process efficiency are built-in, free staff and reduce costs, as well as allowing easy, secure, access to documents – from anywhere, on any device, at any time.
Businesses across all fields and industries should look to digitalise through document management software, cloud, or other relevant technologies, to ensure they are one step ahead at every turn.