Cyber Security: Data vulnerability

Data loss from internal threats, negligence and/or accidents was rated the “next big threat” by 37 percent of respondents in the 2010 CDW Cyber Security Straw Poll, revealing that human factors are considered a significant challenge and vulnerability by enterprise IT managers.

Data loss is a significant and obvious precursor to vulnerability as if data is lost it can result in unauthorized access. The security threat of access and publication of confidential business data has been further highlighted by Wikileaks’ ability to draw media attention to company’s innermost secrets. If your business data isn’t properly protected, a plethora of confidential information can find its way online- including e-mails, legal documents, and records of major decisions such as fighting legislation and employee dismissals.

The risk of access to confidential business data, whether through an attack on the network or resulting from an internal threat, should be managed effectively with secure business data protection.
The endpoint imperative

Data that isn’t effectively protected, is left vulnerable to attacks, data breaches and data loss.

Loss of user data is a pervasive cyber security problem among global companies, according to a survey released by Ponemon Institute and Vontu, a San Francisco-based provider of data loss prevention products.

According to the survey, which queried nearly 500 information security professionals, Eighty-one percent of companies reported the loss of one or more laptops containing sensitive information during the past 12 months,

Lost endpoint data can result in

– Access to confidential information by unauthorised parties
– Sensitive data being published online
– Industrial espionage
– Reputational damage
– Compliance consequences
– Legal action

Traditionally, IT data architecture has focused on a ‘from-the-inside-outwards’ approach. However, with increased mobility in modern enterprises and the quickening advances of technology, it has become paramount for IT to begin with the endpoint in mind.

The results of our 2010 Data Loss survey support this with nearly half (46%) of respondents relying on a data backup policy (instructing users to backup to a server or external device) for endpoint user data protection.

However the failure of users to follow company policy was also highlighted as the main cause of data loss.

Even more disturbing was that 68% of respondents were unsure if their company would be able to recover user data in the case of data loss.
Without a user data backup solution that effectively protects the data on laptops & desktops, enterprises run the risk of significant data security breaches and user data loss.

Endpoint data security focuses on solutions for user data residing on endpoint devices such as laptop and desktop computers, while central control over the software solution is retained.

7 Things we Know:

1 We all save data on our laptops and desktops
2 Most users never backup business critical data
3 Backup policies do not work because it relies on the individual to adhere to policy
4 Users forget, don’t know what to do and think it takes too much time
5 There is no central control over what data is backed up, and how often
6 Storage infrastructures cannot handle a large number of users simultaneously backing up
7 IT then gets blamed when users lose their data

Added to that: Remote servers, laptops and desktops all contain business critical information with remote logins from employees creating a greater geographic dispersion of data that further compounds the risk. More often than not, remote sites do not have dedicated IT staff and the backup process is flawed.