Viruses and data loss are most serious threats at work free RSS feed from Security Park
(25/08/2008)

Data leaks are becoming a leading source of headaches for U.S., U.K. German and Japanese companies, according to the results of a Trend Micro study that explores corporate computer users' perceptions of and experiences with security threats.

The study, which surveyed 1600 corporate end users in the U.S., U.K., Germany and Japan, found that the loss of proprietary company data and information was ranked as the second most serious threat at work, following viruses. It was considered to be more serious than most other threats such as spam, spyware and phishing.

Many of those surveyed pointed the finger when it comes to corporate data leaks: While 6 percent of end users admitted to having leaked company information, 16 percent believe other employees caused data leaks. End users in the U.S., U.K., and Germany are more likely to admit to leaking company data, either intentionally or accidentally, than end users in Japan.

Respondents in the U.S. seem to believe they’re slightly savvier when it comes to confidentiality –74 percent of respondents say they know what type of company data is confidential and proprietary compared to 67 percent in the U.K., 68 percent in Germany, and only 40 percent in Japan. On the other hand, end users of large companies in Japan are more aware of what type of company data is confidential compared to end users of smaller organisations. Mobile users are also more confident. In the U.S., for example 79 percent of mobile end users say they know what’s classified information compared to 69 percent of desktop computer users.

The study also found that approximately 46 percent of companies do not currently have a policy to prevent data leaks. Companies in Germany and Japan are more likely than UK companies to implement data leak prevention policies. In all countries surveyed, large organisations are more likely to have preventative policies in place than small companies.

Among end users whose company currently has a policy to prevent data leakage, more U.S. end users (nearly 70 percent) report to have received training compared to the other countries, especially in the U.K. where only 57 percent of end users said they received training. In all countries surveyed installation and use of security software are the most common actions taken to combat data leakage.

“The survey highlights some key challenges organisations need to address, including user education, inadequate security policies and the broad brush access rights policies typical in many enterprises today. All too often employees simply do not know which information is confidential, within the remit of public domain or of restricted distribution. Even if the regulations were clear, employees are often unaware of the corporate policy around such information. A majority of data leaks happen from within, either by accident or by design, by valid users who have access to the data within a corporate network. This can trigger fines, litigation, brand damage and bad press so it’s no surprise that data leaks are becoming such an important issue for companies,” commented Rik Ferguson, Solutions Architect, Trend Micro.

“Enterprises need to carry out effective identification and classification of information assets and intellectual property, identify access rights to information, as well as gain an understanding of potential routes for information going into, around and out of the organisation. A risk assessment of what happens when that data is exposed, allows organisations to create a workable and importantly an enforceable data security policy and ultimately educate the workforce in the application of that policy on an ongoing basis.”

When it comes to conducting personal online activities on the company network, checking personal email and browsing Web sites unrelated to the job ranked high on the list. The survey found that while on the company network:
• U.K. end users are more likely to make personal purchases and visit social networking sites.
• Japanese end users are significantly more likely to download executable files.
• U.S. end users are significantly more likely to watch or listen to streaming media.

Other findings include:
• More than half of end users (in all countries) who have been victims of spyware or phishing scams believe that their IT department could have prevented the incident.
• U.K. and German users place less faith in the protection provided with their work PC than U.S. end users do, yet they are just as likely as U.S. end users to open suspicious emails or Web links.

Related topics:  Data management and data security   Hacking and intrusion prevention   Virus, Worm, Email security, spyware and malware 


print versionPrint version | email this to a friendEmail to a friend | related articlesRelated articles


Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.


Other Security news and resources


Security News Suppliers Directory Jobs forum Classifieds Knowledge base White papers Research library Security books Special reports Security interviews Security companies Security events Security links Security market

Product channels

Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products

IT Security white papers and research library

Access Control  Authentication  Data Management  Data Security  Digital Signatures  Email Security  Identity Management  Internet Security  Intrusion Prevention  Network Security  Remote access security  Security Management  Security Policies  Security Software  Security Threats  Virus Detection Software  Virus Protection  VPN  Vulnerability Assessment  Wireless Security 

Security books, guides, standards and toolkits

RFID and Smart Cards books, guides and reference documents  Biometric books, guides and reference documents  CCTV books, guides and reference documents  Intruder alarms and intrusion detection systems books, guides and reference documents  Monitoring and surveillance books, guides and reference documents  IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits  Fire, Health & Safety books, guides and reference documents

Security Resources
Directory GET LISTED! Jobs forum Classifieds Knowledge base White papers Research library Security books Special reports Security companies Security events Security links Security market Company news

Security Products
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Security products

Security Markets
Bank and financial services security Corporate and enterprise security Education and school security Entertainment and events security Homeland and Government security Hospital and healthcare security Infrastructure and utilities security Manufacturing and industrial security Public sector security Residential and home security Retail security Small business security Sports and recreational security Transport and logistics security


Ensure that you conduct an effective information security risk assessment that is in line with ISO 27001 by purchasing vsRisk™ Risk Assessment Tool

Need a
reference book?
Find it on Amazon:
Security books and magazines in association with Amazon.co.uk







advertise
sumbit an article
copyright
terms & conditions
privacy policy


CMS and Web design by www.Areza.com

Article search

Directory search


add your company
Google

ISO 18028 (Network Security Management)
Home | About us | Contact us | Submit an article | Advertise | Newsletter | RSS Newsfeed | SEARCH