- Innovation, regulation and research on tap at RSA 2008
- Researchers uncover 100 VoIP vulnerabilities
- Badware not pushing users offline
- Web attacks won't stop
- Most sites still hack-able
- Tips on employee monitoring
- Research: IT security maturing, but misaligned
- Clarke sharply criticizes Bush cyber-security plans
- Conference seeks to bridge risk, research
- Core finds new CEO
August 22, 2007 | Comments: (0)
Data lingers in off-network devices
Data breaches such as the one reported by Merrill Lynch earlier this month -- through which the company lost some 33,000 employee records via a laptop stolen from a New Jersey office -- could be avoided if companies did a better job of managing and defending information stored on devices that move off of corporate networks, according to a new report published by Ponemon Institute.
Presented by its authors at the Privacy Symposium being held at Harvard University on Wednesday, the study -- which is based on a survey completed by 735 senior IT security professionals -- finds that 73 percent of those corporations it interviewed experienced the loss or theft of a data-bearing machine sometime in the last 2 years.
Despite that reality, and the fact that 62 percent of study respondents admitted that they were unsure if their off-network equipment contains unprotected sensitive or confidential information, some 39 percent said they do not view the management of such devices as a "critical component" to security.
In a nod to the lack of tools being used by businesses to track data leakage, 30 percent of those individuals responding to the survey said they would never be able to detect the loss or theft of confidential data from off-network equipment when it happened.
Unsurprisingly, based on the results, Ponemon found that a vast majority 70 percent of all data breaches result from the loss of off-network equipment, including laptops, PDAs and cell phones.
"Protecting data that is stored on devices outside the confines and control of the corporate network is a problem for which many companies simply do not have a solution," said Dr. Larry Ponemon, founder and chairman of the research company bearing his name. "Our research shows that, while most companies recognize the risk off-network data poses, few seem to have a grasp on how to manage the many challenges off-network data present to maintaining a strong data security program, and many do not even have a policy to address the situation."
Added, Robert Houghton, president of Redemtech, the company that sponsored the study:
"The cost of a security breach is astronomical, whether it occurs over the network or results from lost or stolen off-network assets," Houghton said. "The results of this study should alarm CEOs who have customer or employee information, and a brand to protect. After years of effort to establish secure computing, many companies are neglecting this very basic risk."
Posted by Matt Hines on August 22, 2007 02:02 PM
RATE THIS ARTICLE:
-
- COMMENTS
| ZERO DAY PODCAST |
| Listen to the latest podcast: |
MP3
•
•
•
Archive
•
![[VoiceIndigo Mobilize - Listen to podcasts on your mobile phone]](http://www.voiceindigo.com/ht/images/mobilize_logo_sm.gif){kind=logo}
|
TOP STORIES
Top 10 stories of the weekA new place to hide rootkits
Sun exec on OpenSolaris, Linux
AT&T: No free iPhone Wi-Fi info
MS to appeal E.U. fine
XP SP3 causes endless reboots
Vista as insecure as Win 2000
Google grilled on human rights
Java ubiquity an edge in RIA battle
The InfoWorld news quiz
ADDITIONAL RESOURCES
- Virtualization: A Step by Step Approach to Success
- Dialing up Agility with Business Transformation
- 5 Things You Need to Know About Storage Virtualization
- Virtual Test Lab Automation: Manage development infrastructure
- Improve Resource Utilization and Lower Operating Costs
- Protect Your Data with SSL
