A recent study of UK organizations revealed that 83% have experienced a data security issue in the last year. The majority (58%) of those incidents came from within the extended enterprise and may have involved employees, ex-employees, or trusted partners.
A recent study
of UK organizations revealed that 83% have experienced a data security issue in the last year. The majority (58%) of those incidents came from within the extended enterprise and may have involved employees, ex-employees, or trusted partners.
The study, “The Enemy Within,” which was conducted by Clearswift, a cyber-protection software company, focused on the extent to which internal threats are affecting UK organizations; this is in contrast to most studies, which have zeroed in on external threats. Most internal threats are malicious attempts or stem from poor business process or human error. Clearswift maintains they are due largely to a lack of awareness of security policy, as well as the increasing use of personal devices for work purposes.
“Combine this with the increased uptake of cloud-based tools and reliance on the extended enterprise in a collaborative working environment and you have perfect security storm conditions ahead,” warned Clearswift.
Organizations need to get serious about this internal threat, the report concluded, especially since the survey discovered that half of local government bodies do not have the resources to deal with the problem.
The graphic below shows that Clearswift tracks much of the vulnerability to the use of portable devices (e.g., USB or other storage devices) and the bring you own device (BYOD) phenomenon. Although it shows that 63% of the organizations are resisting or blocking the trend to BYOD, ARMA International agrees with Gartner research that shows this is unlikely to be a successful strategy.
Source: Clearswift “The Enemy Within,” www.clearswift.com
Gartner states that “70% of mobile professional will conduct their work on personal smart devices by 2018.” (See www.gartner.com/technology/topics/byod.jsp.) Gartner believes there are three key operational challenges in the BYOD landscape: governance and compliance, mobile device management, and security.
ARMA International’s technical report Mobile Communications and Records and Information Management (ARMA TR-20-2012) provides a good starting point for learning to grapple with this trend.