Most orgs don't know what data is leaving their systems
Posted on 26 April 2012.
Only 20% of IT executives say they have visibility into files and data moving inside and leaving their organization, and 29% of them perceive moving data back and forth between cloud applications as the biggest risk of data loss, say the result of a survey by Ipswitch File Transfer Division.

With the proliferation of the Bring Your Own Device trend, organizations have to monitor devices such as smartphones, tablets, USB drives and sophisticated MP3 players due to file hosting capabilities.

The survey found that 72% of respondents use their own portable devices to store confidential work files. This combined with the fact that 55% said they use free cloud based services such as Dropbox and that 65% use personal webmail to move confidential files.

However, the majority of businesses having no visibility into the data that is being moved, leading to concern that the data could be compromised either in transit or through loss of a personal device.

The loss of USB devices holding sensitive information has dominated headlines over the past 24 months and the trend sets to continue with, 31% of respondents saying that they have lost either a USB device, a smartphone or other storage device containing sensitive work information. However, 69% failed to report their loss to the IT Department.

Additional findings of the survey include:
  • 78% of respondents said they use email to send classified or confidential information, such as payroll, customer data, financial information and business plans at least once a day, 64% weekly or more often.
  • Of those that said they use personal email accounts to send confidential information, 35% stated that personal email is faster and more convenient, while 25% cited that files that are too large to send from work email. Additionally, 15% said they had difficulties connecting with work email while out of the office therefore turned to personal email accounts to send sensitive work files instead of work email accounts.
  • Whilst 52% or organizations provide their employees with an IT sanctioned tool for file sharing; only 30% enforce its usage.
“Cloud computing has presented organizations with a lot of new opportunities when it comes to IT efficiency, but IT managers are still concerned by the security implications associated with moving sensitive business information to and from a cloud-based solution,” says Rich Kennelly, president at Ipswitch File Transfer.

“Businesses are moving vast amounts of information and sensitive files per day, whether it is by email, through the cloud or by employees using their own devices to back-up and store data. It is therefore imperative that organizations have a policy in place for approved forms of data transfer and have visibility into files that are being moved, by whom and to what medium. It is always important to note that data loss can incur severe financial penalties for the organization, as well as damage it reputation.”





Spotlight

Lessons learned developing Lynis, an open source security auditing tool

Posted on 15 October 2014.  |  Lynis unearths vulnerabilities, configuration errors, and provides tips for system hardening. It is written in shell script, installation is not required and can be performed with a privileged or non-privileged account.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //