Even the professionals hired to safeguard data online do not think companies are doing a great job protecting important data.
APRIL 3, 2006 – Neither does the Federal Trade Commission (FTC).
According to the FTC, there were a total of 130 data breaches reported in the US in 2005. Those breaches exposed the personal information – such as Social Security and credit card numbers – of some 55 million Americans.
Now a new study, “Protecting Confidential Data,” from the Enterprise Strategy Group (ESG) examines the policies, procedures and technologies used by large organizations to safeguard regulated, private and company-confidential data. The results themselves are enough to make anyone online feel somewhat insecure.
For the purposes of the ESG study, confidential data was defined as information that can be categorized as:
Information that is protected by government regulations
Non-public private information (NPPI)
Information that is protected by industry regulations
Information classified as company confidential or private
The study found that distributed devices posed the biggest risk, with laptop computers being the most “leaky”.
A quarter of survey respondents in the ESG study said that their organizations were “very vulnerable” or “vulnerable” to a data breach. They pointed to confidential data security policies and procedures as the weakest link. When it comes to policies and procedures, 25% of respondents rated their organizations as “fair” or “poor,” and claimed that some, if not most, of their confidential data was not adequately protected.
In another troubling finding, many organizations share confidential data with third parties over insecure channels, such as e-mail.
“This research process resulted in some eye-opening and somewhat troubling conclusions,” said Jon Oltsik, senior analyst at the ESG and the primary author of the report. “Large organizations identified security holes across a number of areas. Security processes are fair at best, and most users have not been trained on security policies and risks. I view the data from this report as a cry for help � clearly something must be done soon.”
For more information on this vital subject, read the recently-released eMarketer report, Online Privacy and Security: The Fear Factor.
By gathering the latest research and news from over 1,000 sources, eMarketer has established itself as the world’s leading provider of internet and e-business statistics. eMarketer’s Web site is at www.emarketer.com