Data leakage

July 25th, 2010 by Stephen Jones Leave a reply »

About 42 percent of small and midsize companies have lost proprietary or confidential information, according to Symantec’s SMB Information Protection Survey,  published last month. 

  •  23 percent blamed insiders inadvertently losing data;
  •  14 percent of breaches were blamed on a broken business process.

In another survey released last year, Symantec researchers found that, of SMBs that suffered at least one breach,

  •  44 percent blamed a lost device,
  • about 40 percent blamed human error,
  • about  20 percent attributed the loss to outdated security procedures or inadequate employee training.

SMB Employees mix personal and business technology and the companies are not prepared to deal with smartphones, social networks, .

Workers who employ these next-generation technologies are usually not educated in the online threats. In its annual data breach report, Verizon Business found that insider errors were a factor in two-thirds of all breaches it investigated on behalf of clients.

Some SMBs might shy away from security tools and practices because of the cost, but technically savvy companies can prevent many leaks with low outlay.

For example, most browsers now dynamically check links against a known list of bad sites, preventing accidental surfing to malicious destinations and companies can update their firewalls with block lists provided by one of the many free services that offer these, such as MalwareDomains.com.

Patching is a critical element in protecting against unintentional data leaks.  All applications — especially ubiquitous ones, such as Adobe Acrobat and Flash — need to patched frequently.

 While some companies attempt to ban social networks, these sites are becoming an important business tool – so it’s better to monitor the users.

Monitoring is a double-edged sword. More monitoring means more data  to collect and analyze — and the more data you collect, the less chance that you will use it. This is where Spectorsoft’s drill down dashboard approachand screen recording tools are  really useful and why it is adopted by so many large corporations. It can also monitor chat, email and Web postings for confidential information that is transferred to competitors, what has been copied or printed, or for identifying time wasting activities, or surfing inappropriate websites. It also provides the legal evidence needed to take action. Once installed there is usually a significant increase in employee productivity as they spend more time on work rather than social related activities- and savings in internet and broad band useage costs. downloading music, jokes movies etc slows your network and affects everyones producitivity.

Data-loss protection (DLP) systems minimise the risk that users will unintentionally disclose confidential information or that unauthorised personlel wil be able to access it. this includes group policy based folder encryption and programs designed to manage devices to prevent inadvertent or malicious copying of data to USB devices.

Synergy offerr specialist solutions as well as penetration testing.

Advertisement

Leave a Reply

You must be logged in to post a comment.