Significant enterprise concern over increasing data leakage from endpoints
Enterprises seeking to combat data leakage will require a comprehensive approach, says a recent survey commissioned by Provilla . While enterprise security professionals are currently most concerned about two or three points of vulnerability, once those leaks are controlled, new leaks frequently appear through other endpoints. The threat of information or data leakage is quickly becoming one of the most serious threats that organizations face, with the potential to result in embarrassing publicity, loss of valuable intellectual property, and financial loss.
Today, data leakage from USB devices, corporate email systems, and employees using email on the public Internet pose the greatest areas of concern for enterprise IT professionals. However, all recognize the inevitability of data leaks to migrate to other vulnerable endpoints such as PDAs, Wi-Fi networks, DVDs, and others.
One hundred and fourteen information technology security professionals employed by U.S. corporations with 500 employees or more responded to the survey, which was conducted by MarketReach International. The three areas of greatest concern identified were data leakage from USB devices, corporate email systems, and employees using email on the public Internet. However, respondents were also concerned about data leaks from Wi-Fi networks, CDs and DVDs, PDAs, Bluetooth and infrared devices, and office printers. At least 78 percent of those surveyed were “very concerned” or “somewhat concerned” about every data leakage point tested. Few of the IT professionals surveyed considered themselves “not at all concerned.”
Security professionals are also aware that efforts to prevent data leakage at only one point frequently leads to data leaking out through other avenues. Additionally, DLP solutions should help to educate employees about existing security policies. For example, a solution that notifies the user at the point of use — whether desktop or laptop — could help accomplish this goal.
Based on survey findings, MarketReach International expects organizations to increasingly choose leak protection solutions that address a range of potential leakage points instead of point solutions that target a single area of vulnerability. An appropriate solution for a given organization will depend on the types of sensitive data that must be protected, how data is used, existing points of vulnerability, and corporate security policies and procedures.