The state of the economy is leading to an increased data loss risk for large companies.
A recent study of outbound email and data loss prevention issues by Proofpoint, found that US companies are increasingly concerned about a growing number of data leaks caused by employee misuse of email, blogs, social networks, multimedia channels and even text messages.
According to the June 2009 study of 220 email decision makers at US companies with more than 1,000 employees, organisations continue to embrace preventative measures – some more drastic than others. In the report, 34 per cent stated that their business was impacted by the exposure of sensitive or embarrassing information and 38 per cent said that they employ staff to read or otherwise analyse the contents of outbound email.
Mark Murtagh, technical director at Websense, claimed that there is no doubt that more and more companies are taking the issue of data security more seriously, and that they are actively seeking out technologies and improved data handling processes to counter this issue.
Murtagh said: “One of the most staggering statistics in the recent Proofpoint survey is concerns around employee email communication, in reality email is actually only one escape vector for confidential data.
“To focus attention on manual monitoring of email is rather a red herring. As the survey points out, data leaks via the web are now more likely and this is often where companies have the poorest level of protection - practically no organisation has a robust system in place to monitor and protect from outbound data leaks via web.”
He further claimed that the gap for breach opportunities is widening as business behaviour changes, and securing Web 2.0 services is a big challenge. Legacy security systems have gaps - leaving IT with the impossible decision of choosing to leave them 'completely open' or ‘completely closed off'.
Murtagh said: “Clearly a business which has cut it, and its staff off from the new range of dynamic and interactive web services is not going to cut it in today's competitive and economic climate.
“Now's the time to stop trying to address today's problems with ageing legacy solutions and consider the new wave of information security technologies that include real-time enablement and policy enforcement over rich Web 2.0 services.”