Home Phone and Internet $60/mo
- Related Stories
-
Veterans' data swiped in theft
May 22, 2006 -
Bill puts cops first in data leak notification
May 11, 2006 -
Phishers try a phone hook
April 27, 2006 -
Year in review: Insecurity over ID theft
December 13, 2005
The survey, sponsored by data-protection specialist Vontu and aptly titled "Confidential Data at Risk," concludes that a main reason for corporate data security breaches is that many companies simply don't know where their sensitive or confidential business information resides. The survey goes on to summarize that "this lack of knowledge coupled with insufficient controls over data stores" poses "a serious threat to both business and governmental organizations."
The survey queried 484 information technology departments within U.S.-based corporate and governmental organizations. The answers to the survey questions paint a fairly bleak current picture. Only 10 percent of the respondents say their laptops had not been stolen. (Another 9 percent did not know.)
The corporate and governmental respondents generally agreed that electronic storage devices contain sensitive or confidential information that is unprotected, with 60 percent stating this to be the case for PDAs and other mobile devices, 59 percent for laptops, 53 percent for USB flash drives, 36 percent for desktops, and 35 percent for shared-file servers.
What's disturbing is that when asked how long it would take to determine what actual sensitive data was on a lost or stolen laptop, desktop, file server or mobile device, the most common answer was "never."
Unfortunately, it turns out this is not entirely surprising, given that 64 percent of respondents concede that their companies never have conducted a data inventory to determine the location of customer or employee information contained in various data stores.
Along these lines, 49 percent of respondents admit that business-related confidential information never has been inventoried as part of usual information technology control processes, and 48 percent state the same with respect to organizational intellectual property.
Wake up, America--this is unacceptable.
All prudent steps must be taken to account for and protect confidential data. The failure to take such steps can compromise the privacy of innocent employees and customers. What's more, it can jeopardize valued business relationships and lead to an organization's crown jewels--its intellectual property--walking out the door. Above all, there's the danger of legal liability.
Let's hope the next time such a survey is conducted, the results will be much improved. But it will take the dedicated efforts of U.S. companies and governmental organizations.
Biography
See more CNET content tagged:
survey,
data security,
data protection,
laptop computer,
organization
Why CEO's don't insist their companies follow these standards can only be answered by the CEO's themselves.
Walt