Topics: Security

Stop Making It So Easy

Posted by Mitch Irsfeld, Nov 2, 2005 05:29 PM

An out-of-site, out-of-mind attitude toward data protection should leave most corporate exectives with that insecure, non-compliant feeling in the pit of their archives. And guess what? It does, but not enough take action—at least not yet.

The threat is still perceived to be at the barriers, while stored data remains relatively unprotected. The reason for this continued problem remains relatively simple. Companies set up policies and systems and then monitor activity at the borders with the mistaken notion that sensitive data going out or dangerous incoming threats have to pass through those defenses.

Leaving stored data unprotected, however, invites even low-tech and no-tech tampering, and the results can be just as harmful as external assaults.

Storage services provider GlassHouse Technologies recently surveyed executives on their procedures for protecting stored data at more than 300 companies, spanning 16 industries including government, telecommunications, technology, energy, financial services, aerospace and healthcare. The results, I'm afraid, were not surprising.

According to GlassHouse, 70 percent of the execs rated their data storage security as fair to poor, 85 percent do not encrypt their backup data, and 54 percent said their companies had no documented procedures for protecting stored data.

Part of the problem seems to stem from ill-advised priorities. Half the respondents felt their company's intellectual property was their greatest concern, even though there could be greater legal consequences and long-term reputation loss as a result of mishandling customer or employee information.

And 61 percent of the executives surveyed still believed that external threats were more dangerous than internal threats. The focus on border security is understandable and necessary, but it can't be at the expense of internal data protection. Ask any police detective, and they look for those with access and a motive when trying to solve a theft crime. If nearly everyone inside your organization has access, you've made it way too easy to have a motive.

On a hopeful note, 80 percent the executives in the survey correctly identified either regulatory compliance or loss of public trust as the worst consequences of data theft.

To see a complete report on the survey you can visit the GlassHouse website.

« Little Holiday Time for Offshore Workers as India Celebrates Diwali | Main | Microsoft Windows Live? Not Yet--And Maybe Not Ever »

This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.

Blog Categories
Healthcare Cloud Computing Enterprise 2.0 Digital Life Grok On Google Over The Air Outsourcing Global CIO Startup City Information Management Content Management Green Computing Full Nelson Unified Communications	Government IT Analytics Tech Stocks Interop Security Microsoft Apple Unvarnished Open Source Wolfe's Den David Berlind's Tech Radar Virtualization Storage Backup and Business Continuity Blog Homepage

Multicore Programming Blog

Join The InformationWeek Group On LinkedIn

InformationWeek

Business Innovation Powered By Technology

Stop Making It So Easy