Find White Papers
Home About Contact Help
Free Membership Member Login
Aug 30, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

IT Departments on Data Security: A Research Concepts Survey

Absolute Software
By : Absolute Software
INFORMATION
Published : Apr 17, 2008
Length : 9
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :

A survey of 185 IT professionals finds that, although computer and data security are high priorities, they are surprisingly unprepared to prevent data breaches and computer theft. 1 out of 4 organizations surveyed had a data breach in the past year. Preventative measures are found to be consistently undermined, with only 1 in 100 employees consistently following security policy.

This white paper explores the survey findings.
View All Items By This Company
Browse Related Categories :

Data Protection

,

Database Security

,

Network Security

,

Security

,

Security Management

,

Security Policies
 
As the amount of information stored digitally on company servers, stationary computers and mobile devices such as laptops continues to escalate, protecting that information from public data breach is becoming a priority for IT and compliance departments. In September 2007, market research firm Research Concepts surveyed 185 IT professionals from Network World Magazine’s Technology Opinion Panel about the state of computer and data security in their organizations. The survey probed attitudes toward the prevention of data breach, current prevention measures employed by IT departments and the perceived effectiveness of those methods.

Regulatory Compliance
State-level data breach notification legislation has fueled a shift in the way organizations view the security of sensitive information such as customer social security numbers, electronicly protected health data, and other personally identifying information. No corporate department is more closely tied to the protection of this data than IT. For example, the theft of laptop computers managed by IT is responsible for nearly 50% of all data breaches.*

Major Findings:
- Data breach prevention is a top priority: More than 80% of those surveyed rated protecting corporate data as an important initiative. By comparison, only 38% of those surveyed ranked complying with governmental regulations as very important.
- Data breach is common and costly: Fully 25% of those surveyed indicated that their organization had experienced a data breach in the past and more than 60% of IT managers felt that a data breach would cost their organization in excess of $10,000. Nearly 65% were very concerned that a data breach would result in public embarrassment and media scrutiny for their organization.
- Preventative measures are consistently undermined by employees: According to IT professionals surveyed, less than one in 100 employees consistently follow company data and computer security policy. More worrying is the fact that 72% of respondents felt that employees were responsible for the majority of data breaches. Survey respondents reported the use of a wide-array of data protection strategies and technologies that are highly-dependent on diligent employee action to remain effective. Only endpoint security – the ability to force devices carrying sensitive data to secure themselves – provides data breach protection that does not rely on employees for effectiveness.
In the four years since California Senate Bill 1386 became the first state-level legislation to specifically require data breach notification, 36 additional states have followed California’s lead and enacted similar legislation. While state data breach laws vary in terms of fines and notification requirements, the average cost of managing a data breach has risen in recent years and is now estimated at US$197 per breached record. Typical costs include credit protection for those affected, increased marketing costs resulting from attempts to recover lost customers and the legal and public relations costs of managing the breach itself.

Laptop theft linked to data breaches
Survey respondents also appear to see a direct correlation between laptop theft and the possibility of data breach. In the event of a laptop theft, more than 75% of respondents said they were very concerned about the possibility that confidential information would be exposed and potentially misused. A further 60% were very concerned that the theft of a laptop computer would result in identity theft and nearly 25% said they would be willing to pay between $10,000 and $50,000 to have a stolen executive’s laptop returned to their organization.
Despite the widely-acknowledged link between laptop theft and nearly 50% of data breaches, survey respondents reported that a surprising number of mobile computers continue to go missing. Nearly one quarter of those surveyed reported that between 3% and 10% of their entire laptop population was lost or stolen each year. Incredibly, 60% of survey respondents said that they were unable to recover a single stolen computer – meaning those computers remained in the hands of thieves.

Thieves with keys: employees steal laptops
The fact that the majority of lost or stolen laptop computers are never recovered is made more concerning by the likelihood that thieves have the necessary passwords and encryption keys to access confidential information. Nearly 40% of IT professionals surveyed believe that their own employees – those with intimate access to login credentials and other passwords – are responsible for most cases of computer theft. So, while 94% of survey respondents password-protect company computers and more than 50% protect sensitive information with encryption technology, confidential information can still be accessed in an alarming number of laptop theft cases. 
Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map