/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsMUMBAI, INDIA: Symantec Corp. has released the findings of its study on Enterprise Security Survey 2010 - Millennial Mobile Workforce & Data Loss.
The study reveals that with the adoption of web-based tools, smart mobile devices and portable storage, “the office” can be anywhere. The resulting mobile workforce, coupled with growing heterogeneity of enterprise IT environments, increases the threat of losing sensitive data. According to the report, 59 per cent of Indian enterprises feel employee-owned endpoints compromise security, and 42 per cent have lost confidential or proprietary data in the past. While security is a concern, many enterprises are unprotected and unprepared for the threats to information from Consumerization of IT.
“Access to unlimited information and the presence of collaborative tools in the business environment is enormously empowering. But, it can easily manifest rogue business processes that violate regulations resulting in loss of sensitive data,” Vishal Dhupar, Managing Director, Symantec India. “Enterprises require a clear understanding about where their sensitive data resides and how it is being used if they wish to reduce their risk of data breaches. There is an urgent need to ensure the highest level of risk reduction to automatically enforce compliance with data security policies and enable enterprises to change employee behavior.”
According to the study, enterprise IT is increasingly becoming consumerized. The official use of consumer technology such as social networking, instant messaging and blogs has become prevalent in Indian enterprises. However, enterprises are not adequately protected. The study reveals that 82 per cent of Indian enterprises use Facebook, while 54 per cent officially use web-based consumer email and 62 per cent use blogs. Additionally, 46 percent of Indian enterprises use microblogging tools, 69 per cent use Google Talk and 61 per cent use Yahoo Messenger.
The biggest concern was around the use of instant messaging (IM) , with 57 per cent of respondents rating IM as a major security threat. Social media is being increasingly used in business for collaboration and communication. Yet 54 per cent of CIOs and CISOs considered social networking sites to be a serious threat to their security. Fifty percent of Indian enterprises revealed that web-based email presented a high security threat as well.
However, 69 per cent of respondents indicated that they did not feel sufficiently protected while using blogs, followed by social networking sites (50 per cent), microblogs (47 per cent), web-based consumer email (44 per cent and instant messaging (42 per cent). Interestingly, while most enterprises were concerned about the threats of instant messaging tools, the least number of respondents feel protected while using this technology.
Workforces are rapidly growing in geographically diverse locations and employees often work outside the corporate networks. Given this, Indian enterprises are encouraging employees to access, modify and disseminate information — often stored on the cloud — using their own devices. While use of Windows-based laptops are growing in 77 per cent of Indian enterprises, the number of smartphones connecting to the network is increasing in 73 per cent of the respondent enterprises. This was followed by PDAs (54 per cent) and Mac-based laptops (51 per cent).
Cloud computing is a major factor enabling employees to access data through their personal devices and from remote locations. However, 23 per cent of respondents feel cloud computing increases the risk of losing data, and 27 percent feel it makes it harder to prevent/react to data loss.
The study also says that as enterprise IT becomes more heterogeneous, data loss threats increase. Consumerization of IT, the use of employee-owned endpoints and the consequent diversity of enterprise IT, poses a security challenge for enterprises. While just four percent of respondents were not concerned about the threat of data loss, Indian enterprises are not adequately equipped to protect their information, leaving them vulnerable to data breaches, especially from inside. The study reveals that Indian enterprises perceive malicious insiders (61 per cent), well-meaning insiders (50 per cent) and former employees (50 per cent) as threat to sensitive information