The InformationWeek -- Blogs
Security

Topics:   Security

  • Email this page E-mail this page
  • Print this page Print this page
  • Bookmark and Share
  • icon

Stop Making It So Easy


Posted by Mitch Irsfeld, Nov 2, 2005 05:29 PM

An out-of-site, out-of-mind attitude toward data protection should leave most corporate exectives with that insecure, non-compliant feeling in the pit of their archives. And guess what? It does, but not enough take action—at least not yet.

The threat is still perceived to be at the barriers, while stored data remains relatively unprotected. The reason for this continued problem remains relatively simple. Companies set up policies and systems and then monitor activity at the borders with the mistaken notion that sensitive data going out or dangerous incoming threats have to pass through those defenses.

Leaving stored data unprotected, however, invites even low-tech and no-tech tampering, and the results can be just as harmful as external assaults.


Storage services provider GlassHouse Technologies recently surveyed executives on their procedures for protecting stored data at more than 300 companies, spanning 16 industries including government, telecommunications, technology, energy, financial services, aerospace and healthcare. The results, I'm afraid, were not surprising.

According to GlassHouse, 70 percent of the execs rated their data storage security as fair to poor, 85 percent do not encrypt their backup data, and 54 percent said their companies had no documented procedures for protecting stored data.

Part of the problem seems to stem from ill-advised priorities. Half the respondents felt their company's intellectual property was their greatest concern, even though there could be greater legal consequences and long-term reputation loss as a result of mishandling customer or employee information.

And 61 percent of the executives surveyed still believed that external threats were more dangerous than internal threats. The focus on border security is understandable and necessary, but it can't be at the expense of internal data protection. Ask any police detective, and they look for those with access and a motive when trying to solve a theft crime. If nearly everyone inside your organization has access, you've made it way too easy to have a motive.

On a hopeful note, 80 percent the executives in the survey correctly identified either regulatory compliance or loss of public trust as the worst consequences of data theft.

To see a complete report on the survey you can visit the GlassHouse website.

« Little Holiday Time for Offshore Workers as India Celebrates Diwali | Main | Microsoft Windows Live? Not Yet--And Maybe Not Ever »



Sign Up Now
For InformationWeek News Alerts




This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.




 
 

  1. Sequential Programming: Like Eating Peas with a Straw.
  2. Biomolecular device using self-assembled DNA nanostructures?
  3. Coreinfo v2.0: A Simple Utility to Understand the Manycore Complexity in Windows


Join The InformationWeek Group On LinkedIn


                           


  1. More Reasons Why Linux Misses The Desktop
  2. Too Much Netbook For Too Litl?
  3. Verizon: $350 ETF Is A Go
  4. Motorola Explains Why Droid Doesn't Have Multi-Touch


  1. Florida Hospital Dials Up iPhones For Nurses
  2. Full Nelson: A Web Presence Needs Sizzle, My Nizzle
  3. Is Antivirus Software Dead?
  4. Practical Analysis: The Fastest-Growing Security Threat
  5. InformationWeek Analytics Research: Federated Search
  6. Securing The Cyber Supply Chain

 

  Ars Technica
Boing Boing
Channel 9 Forums
CRN Blogs
Dr.Dobb's Portal: Blogs
Engadget
Gizmodo
GrokLaw
  Lifehacker
Schneier on Security
Slashdot
TechCrunch
Techdirt
Techmeme
Valleywag

  DECEMBER 2008
NOVEMBER 2008
OCTOBER 2008
SEPTEMBER 2008
AUGUST 2008
JULY 2008
JUNE 2008
MAY 2008
  APRIL 2008
MARCH 2008
FEBRUARY 2008
JANUARY 2008
DECEMBER 2007
NOVEMBER 2007
OCTOBER 2007
SEPTEMBER 2007