Insider threats present an urgent problem which can be addressed with the help of appropriate technology. In the second blog in his data security series, Scott Hluhanich explores where these threats are originating.
Sharing data through email and consumer-grade file transfer services present several risks including a lack of traceability (attachments and email are uncontrolled with no audit trail), poor security of email systems, and circumventing compliance with export control regulations (by forwarding or storing restricted information outside of the corporate firewall).
An industry survey shows that 84% of respondents admit to sending classified or confidential information via email and >50% of respondents reported using unencrypted file transfer services to store corporate data. A survey of an IDBS customer points to a similar scenario in which IP, including reports and the source data, is shared by email.
When email or file transfer is not available or is not convenient, 78% of employees rely on USB flash memory sticks or other external storage devices to move business-related files. The proliferation of these cheap and easy-to-use storage devices comes with a cost – 70% of businesses have traced the loss of sensitive or confidential information to the use of USB sticks. The loss of the physical device is a common source of the loss of data; almost one-third of survey respondents reported losing an external storage device that contains sensitive business or personal data . In the majority (55%) of incidents, however, data loss is related to malware-infected devices that inject malicious code onto corporate networks.
At IDBS, we know that properly managed data requires a properly implemented informatics system. To find out how you can stop losing data in an email black hole, check out our flyer here.
You can read part one of Scott Hluhanich’s data security series here.
[1] “Are Employees Putting Your Company’s Data at Risk?, Survey Results Exposing Risky Person-to-Person File Sharing Practices”, Ipswitch File Transfer, 2012
[2] “How USB Sticks Cause Data Breach, Malware Woes”, Ponemon Institute Study, July 2011, http://www.darkreading.com/risk-management/how-usb-sticks-cause-data-breach-malware-woes/d/d-id/1099437?
[3] “Are Employees Putting Your Company’s Data at Risk?, Survey Results Exposing Risky Person-to-Person File Sharing Practices”, Ipswitch File Transfer, 2012
[4] “How USB Sticks Cause Data Breach, Malware Woes”, Ponemon Institute Study, July 2011, http://www.darkreading.com/risk-management/how-usb-sticks-cause-data-breach-malware-woes/d/d-id/1099437?
The post Data security (part two): sources of threats appeared first on IDBS.