Build Your Career: Career News   

Entries with tag security and privacy.

Companies Report Lack of Control Over Sensitive Data

While significant insider breaches, such as WikiLeaks, shed light on the importance of file security, most companies don't know the exact number or location of their sensitive files, or who has access to them, according to a survey of more than 150 IT security professionals by data security firm Imperva.

In the survey, an overwhelming majority (82%) of respondents reported that breaches such as WikiLeaks made them reconsider their company's data security policies. However, only 18% of respondents said that they knew the exact number of sensitive files they had, and just 39% could say for sure where those files were located on their servers. Even more startling, 65% of those polled said that they were unsure who has access to these sensitive files.

"Major breaches like WikiLeaks happen because of a lack of effective file security controls," said Amichai Shulman, CTO of Imperva. "With so many respondents unsure of how many sensitive files they have and how accessible they are, it indicates a general lack of control over sensitive data, which increases the likelihood of an insider breach."

In fact, nearly one-third of those polled reported that their company had lost data due to employees abusing access rights, on purpose or by accident. "The first step to a solid data security plan is taking inventory of your sensitive files and knowing where they are and who has access to them at all times," said Shulman. "Only with this complete picture will you be able to guard against insider threat by detecting when sensitive data is being added or removed, or when an employee is improperly accessing files."

Security, Legacy Systems are Barriers to Cloud Adoption

Security and privacy concerns and existing investment in legacy systems are the reasons why many C-level executives haven't embraced cloud computing, according to a survey by the nonprofit IT Governance Institute.

More than 40 percent of C-level executives that ITGI surveyed use or are planning to use cloud computing for mission-critical IT services. But 35 percent said security and privacy concerns are a barrier to adoption, followed closely by legacy infrastructure investments. Organizations are also actively employing outsourcing, with 93 percent fully or partially outsourcing some of their IT activities.

“Emerging technologies such as cloud computing and outsourcing can be managed effectively by integrating good governance over IT. Organizations need to adopt new service delivery models to stay competitive, and this is fueling a strong commitment to enterprise IT governance across the C-suite,” said Ken Vander Wal, international vice president of the Information Systems Audit and Control Association.

The study polled 834 executives from 21 countries, divided almost evenly between business executives (CEOs, CFOs and COOs) and IT executives (CIOs and heads of IT). Of the C-level executives surveyed, 95 percent consider governance of enterprise IT important. This reveals an almost universally shared perception of IT as a critical contributor to overall business strategy.

Top tactics used to battle the economic downturn were a reduction in contractor and permanent staff numbers and infrastructure consolidation. 

Showing 2 results.

Marketing Automation Platform Marketing Automation Tool