According to a survey of 100 users who attended a SharePoint conference there in November, 45% have made such copies, with 18% saying they do it regularly, indicating a need for data-loss prevention.
Fully 92% say they know that such actions make the documents less secure, but they do it to share with others who don't have SharePoint access, to work on files at home or to edit them because SharePoint editing is too slow, according to the survey conducted by threat mitigation consultants Cryptzone. Some of that sharing may be due to the fact that 56% say that no third parties are allowed SharePoint access, despite business needs.
Of those who do violate security policy by removing documents from SharePoint, one-third say they never thought about the security implications, 30% say they don't care if it helps get their jobs done and 23% say the documents in question aren't sensitive, the survey says.
About a third of respondents who know they are not meant to read some SharePoint documents do so anyway, with the most popular content being details about co-workers, salaries and merger and acquisition information, the survey says.
The authors of the survey recommend that businesses conduct their own investigations to discover the possible violations of security policy within their own organizations. They also recommend encrypting the most sensitive documents and making sure security controls follow the data wherever it moves.
Read more about wide area network in Network World's Wide Area Network section.