RSS Alerts

Share

More services

Related Links

  • DeviceLock
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • DeviceLock reduces data loss via iPhone and Blackberry local synchronisation
    DeviceLock, a provider of endpoint data loss prevention software solutions, has said that version 6.4.1 of its DeviceLock software delivers “highly granular, interface-independent control over local data synchronisations” between iPhone, iPod touch mobile devices and corporate endpoint computers.
  • iPhone may be weak link in company information security defences
    Research commissioned by DeviceLock, the end point security company, claims to show that many firms are failing to act on the information security risks that the Apple iPhone poses to their IT resources.
  • ISACA speaker warns over increasing personal email usage for work purposes
    Peter Wood, a member of ISACA conference committee, has warned about the increasing use of personal email services for business purposes. The result of this type of usage, he says, is that it creates security issues such as a lack of data leak prevention (DLP) controls and resultant increased data leakage due to a lack of encryption at the endpoint.
  • Companies ignoring security threats of the iPhone in the workplace
    Research just released claims to show that companies around the world are unprepared for the security threat that the Apple iPhone poses in the workplace.
  • A blueprint for secure intellectual property
    Protecting intellectual property (IP) is imperative for any business. Providing a unique business model will encourage revenue, and keeping selected information from ambitious soon to be ex-employees should help to stave off the competition. Add a recession to the mix, complete with unscrupulous tactics, legal grey areas and an increase in redundancies, and the brewing threats might just boil over. Rob Stringer looks into the not-so-secret formula for keeping intellectual property secure

Top 5 Stories

News

Endpoint data leak prevention remains a major problem for IT managers

13 April 2010

Research just released claims to show that endpoint data leak prevention (DLP) is still a major pain point for IT managers.

The study – from data leak security specialist DeviceLock – found that more than one in three (38%) respondents are still failing to deploy any form of data leak prevention (DLP), whether that be device control, endpoint DLP or DLP appliances.

And, say researchers, amongst small to medium sized business this figure increases to more than half of organisations (54%).

The survey also revealed that even those managers that are deploying technology solutions to prevent data leakage from within their organisations, the majority are failing to protect all the possible channels where data leakage can occur.

According to DeviceLock, despite the rapidly growing use of personal smartphones and PDAs within business environments, less than half (48%) of all respondents who had deployed a DLP system reported that they controlled the data synchronisations between employees' computers and their smartphones.

On top of this, researchers found that just 26% of respondents using DLP technology are able to control the content of documents printed from corporate computers.

DeviceLock says that this is despite the fact that a recent study published by the Ponemon Institute concluded that the document printing channel was found to be the most often used for stealing corporate data.

Delving into the report reveals the interesting statistic that 77% of respondents acknowledged that they monitor employees' web mail and social networking applications such as Facebook and Twitter to prevent data leakage, regardless of whether corporate or private accounts are used.

Only 8% of respondents said they believed that privacy concerns are an obstacle to enforcing such controls, suggesting that concerns about security breaches override those of privacy.

DeviceLock reports that the overwhelming majority of respondents (75%) said that DLP systems should support out-of-the-box components for full-text searching in their audit and shadow log database.

The reason for this, the data security vendor says, is clearly that full-text search capability reduces the labour and time expenses for security compliance auditing, incident investigations and forensic analysis for IT departments.

Sacha Chahrvin, DeviceLock's UK managing director, said that the fact that many organisations are still failing to adequately address data leakage prevention is concerning.

"However, the increasing integration of endpoint content filtering and device control technologies, as well as the growing popularity of complete content-aware endpoint DLP solutions should help to address this", he said.

"IT departments are becoming acutely aware of the need to keep costs arising from highly resource intensive processes – such as security compliance auditing, incident investigations, and forensic analysis to a minimum", he added

Chahrvin went on to say that affordability and ease-of-use clearly remain significant barriers of entry for those responsible for protecting organisations' data – especially amongst small to medium sized businesses.

This article is featured in:
Application Security • Compliance and Policy  • Data Loss

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012