• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

Users and Mobile Devices to Blame for Data Leakage

Posted on: Monday, 10 December 2007, 06:00 CST

A survey carried out by Orthus, a UK-based provider of information security services, found that 68% of confidential corporate information leakages occur through employees' mobile devices.

Orthus deployed software agents on endpoints, servers, and terminal servers that recorded suspicious or inappropriate actions such as information sent or copied to an unauthorized device or uploaded or transferred through an unauthorized application such as IM or social networking sites.

The survey monitored more than 1,000 employees for 100,000 hours over 12 months to examine the ways that internal users access, process, store, and transmit sensitive information including personal and financial data, details of the company products, contracts, pricing information, and HR records.

The majority of corporate information leaked was through trusted staff, such as IT staff (30%), customer service employees (22%), third parties (16%), sales staff (12%), and operations department (10%).

Mobile devices, removable media, web mail, and corporate email were the leading means of data leakage, while applications favored by users to remove sensitive data were instant messaging services and social networking sites.

According to the survey, organizations often overlook the fact that most leakages are caused by users in favor of protecting the devices that the users operate from.

Richard Hollis, managing director of Orthus, said: "Companies continue to neglect the protection of data. Until organizations accept that the majority of losses are associated with authorized users and implement the necessary controls where they are effective - between the user and the information itself - these losses will continue."

Source: Datamonitor

More News in this Category