Sharing information without sharing risk

27 July 2020

Berkeley Solutions is creating innovative technology that bridges the gap between sharing information for efficient work practices and keeping information secure.

The Sydney founded company is working to deliver the next generation of secure information tools to allow collaboration and exchange of information across all SharePoint environments.

Berkeley’s Client Business Manager, Billi Kajtez, said commercial organisations need to be ready to minimise cyber risk.

'The increasing, almost ubiquitous use of Microsoft SharePoint among organisations to store sensitive business data and extend access and collaboration to partners, customers and suppliers has outpaced native SharePoint security capabilities,' Ms Kajtez said.

Berkeley Solutions recognised the organisational need for agile, collaborative workplaces while ensuring the protection of classified and commercially sensitive data.

Berkeley Solutions’ technology takes the best of the open information sharing and collaboration tools offered by Microsoft SharePoint and applies a sophisticated security information management system to ensure that only the right people can access the information.

'It’s vital to protect this data securely without compromising the user access and collaboration that delivers competitive and commercial advantage,' Ms Kajtez said. 'Organisations need to understand the value of their information assets and the associated risks and implications of that information falling into the wrong hands.'

Ms Kajtez said all companies have valuable information that needs protection. The difference between ‘need to know’ and ‘need to share’ is an important distinction.

Based on Berkeley’s 20 years’ experience in secure information management, the source of insider data breaches may be malicious, negligent or accidental.

  • Malicious: Malicious insider behaviour combines a motive to harm with a decision to act inappropriately. For example, keeping and turning over sensitive proprietary information to a competitor after being terminated.
  • Negligent: Negligent behaviour can occur when people look for ways to avoid policies they feel impede their work. While most have a general awareness of security risks and recognise the importance of compliance, their workarounds can be risky.
  • Accidental: completely inadvertent breaches are more common than malicious ones.

The first quarterly report of the Australian Notifiable Data Breaches Scheme, issued in February 2018, showed that over 50% of reported breaches have been attributed to human error and insiders.

'When it comes to information security, organisations need to take this into account and ensure that security policies and tools protect against them. An individual may have top secret clearance but that doesn’t need to translate to having access to all information – a "need to know" approach is the one forward-thinking organisations are taking,' Ms Kajtez said.

While data breaches don’t typically come from malicious intent, poorly defined security protocols or cumbersome systems that users begin to bypass create risk and result in data breaches.

'The whole point of effective data security is that it needs to be seamless, easy to implement, and doesn’t become a burden to either the IT department or the individual user profiles.'

'Our solutions span a broad spectrum of innovative tools that allow organisations to start small and over time build a robust, resilient secure information environment, where all employees play a crucial role in protecting information assets,' Ms Kajtez said.

Berkeley Solutions employs 31 staff around Australia and is establishing a partner network in the United States.

'The support we’ve received from the Centre for Defence Industry Capability (CDIC) has been invaluable. They’re facilitating our collaboration with government and Defence organisations around the globe, ensuring Australian companies are at the forefront of cyber innovation,' Ms Kajtez said.

'With the support of the CDIC, we also had the privilege of exhibiting with Team Defence Australia at the world’s largest military expo (AUSA in Washington), which attests to CDIC's support of Australian SMEs and the Government’s initiatives to foster Australian innovation and economic growth.'