Latest news
Data protection risks on mobile devices
Posted on 13 March 2012.
An increasing number of professionals (80 percent) work remotely and rely on personal devices such as smartphones (63 percent), iPads (30 percent) and laptops (80 percent) to access company data, according to Mozy.
Despite the expectation that professionals with sensitive client data would understand the associated risks and responsibilities, the numbers reflect that many professionals working remotely, and their companies, are either unaware or too casual about how to keep this information safe and secure.
The study profiled several professions that routinely handle sensitive client information, including medical practices, legal, real estate, and financial service firms. It found that they were at even greater risk compared to generalized small and medium businesses to experience a significant loss of sensitive business information.
The survey found that while over two-thirds of all small-to-midsize businesses with fewer than 1,000 employees have a formal procedure for backing up company data, 87 percent have no formal policy in place regarding employees' use of personal devices for work purposes.
One-third of companies let employees make their own decisions about how to back up company and client data on their devices, and most companies polled do not have backup or data recovery plans that meet modern standards for data protection. Forty-one percent of small businesses readily store and back up company data on portable USB devices – which may be used by family members, get lost, or even stolen.
Businesses still unaware of risks
Legal professionals trailed the field, with 78 percent of lawyers reporting they were either not at all concerned, not that concerned or only somewhat concerned about the security of their company data for employees using personal devices for work.
While financial services and medical firms are more concerned about the security of their company data than companies in real estate, construction, and law, the majority (more than two-thirds) in each of those industries expressed a lack of concern for risk of loss and security of company data. This lack of discipline creates unnecessary risk in the protection of company and customer data. The numbers do not lie: very important people have very important data that should be better protected.
Without adequate backup and other data security policies, many businesses are ill prepared to protect company and customer data in the event of a hard drive crash, loss or theft.
The survey shows that 30 percent of companies suffered a hard drive crash in the past year. In 70 percent of those cases, data was not fully recovered.
The risk of lost or stolen data is more serious than ever with changing work habits and more employees holding sensitive company data on personal devices. With the start of the new year's business travel season and a larger number than ever of professionals on the road, they carry sensitive company or client data with them on their laptops, tablets and smartphones.
The Mozy survey shows that one in nine businesses have experienced the theft of a laptop, and in 98 percent of such cases they were not able to recover all of the lost data.
While just over two-thirds of companies surveyed do have formal backup processes, most are using antiquated methods such as external hard drives with no online backup connection, or tape. Both are extremely susceptible to failure in the event of an on-site disaster.
Despite the expectation that professionals with sensitive client data would understand the associated risks and responsibilities, the numbers reflect that many professionals working remotely, and their companies, are either unaware or too casual about how to keep this information safe and secure.
The study profiled several professions that routinely handle sensitive client information, including medical practices, legal, real estate, and financial service firms. It found that they were at even greater risk compared to generalized small and medium businesses to experience a significant loss of sensitive business information.
The survey found that while over two-thirds of all small-to-midsize businesses with fewer than 1,000 employees have a formal procedure for backing up company data, 87 percent have no formal policy in place regarding employees' use of personal devices for work purposes.
One-third of companies let employees make their own decisions about how to back up company and client data on their devices, and most companies polled do not have backup or data recovery plans that meet modern standards for data protection. Forty-one percent of small businesses readily store and back up company data on portable USB devices – which may be used by family members, get lost, or even stolen.
Businesses still unaware of risks
Legal professionals trailed the field, with 78 percent of lawyers reporting they were either not at all concerned, not that concerned or only somewhat concerned about the security of their company data for employees using personal devices for work.
While financial services and medical firms are more concerned about the security of their company data than companies in real estate, construction, and law, the majority (more than two-thirds) in each of those industries expressed a lack of concern for risk of loss and security of company data. This lack of discipline creates unnecessary risk in the protection of company and customer data. The numbers do not lie: very important people have very important data that should be better protected.
Without adequate backup and other data security policies, many businesses are ill prepared to protect company and customer data in the event of a hard drive crash, loss or theft.
The survey shows that 30 percent of companies suffered a hard drive crash in the past year. In 70 percent of those cases, data was not fully recovered.
The risk of lost or stolen data is more serious than ever with changing work habits and more employees holding sensitive company data on personal devices. With the start of the new year's business travel season and a larger number than ever of professionals on the road, they carry sensitive company or client data with them on their laptops, tablets and smartphones.
The Mozy survey shows that one in nine businesses have experienced the theft of a laptop, and in 98 percent of such cases they were not able to recover all of the lost data.
While just over two-thirds of companies surveyed do have formal backup processes, most are using antiquated methods such as external hard drives with no online backup connection, or tape. Both are extremely susceptible to failure in the event of an on-site disaster.
Spotlight
The security of WordPress plugins
Posted on 18 June 2013. | Checkmarx’s research lab identified that more than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection.
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
