The latest research from Ponemon on behalf of Varonis looks into the issues causing data breaches. "Corporate Data: A Protected Asset or a Ticking Time Bomb?” found that many employees claim to have access to more data than they believe they should have, going against one of the principles of data security, which is to limit access to data to only those who need it and only when they need it.
According to the report, derived from interviews with 2,276 employees in the US, UK, France, and Germany, 80% of organizations don’t enforce a need-to-know data model, with 71% of employees believing they have access to data they shouldn’t. Overall, the report indicated that data was a huge issue in most organizations, and not just from a security perspective. The sheer volume of data being collected and created has created problems for employees in finding the information they need, as well as posing security challenges for IT.
According to the report, 67% of IT professionals say their organization experienced the loss or theft of company data over the past 2 years and 74% of IT professionals believe that employee mistakes, negligence or malice are frequently the cause of data loss.
Many organizations are placing undue risks on data, including allowing data to be used on public clouds (48%) and in being unprepared for data loss. Most IT practitioners do not believe they will even notice if documents, files or emails go missing (internally or from the endpoint, presumably), so both discovering and understanding a data breach would be nearly impossible.
It is obvious from this report that more needs to be done to restrict access to data, as well as to track and protect corporate it. Unlike encryption and other traditional data protection solutions, Absolute Software provides a range of capabilities to help you track and protect corporate data on the endpoint. To learn more, visit our website.