A new report by Informatica Corporation (Nasdaq:INFA) highlights the need to focus on data-centric security to protect data and reduce damaging breaches.
The world’s number one independent provider of data integration software, today announced an important new research report from Ponemon Institute entitled Safeguarding Data in Production & Development: A Survey of IT Practitioners in the United Kingdom.
The Informatica-sponsored report reveals that, for 48 percent of IT practitioners in the UK, sensitive personal data contained in their company’s databases and applications has been compromised or stolen by a malicious insider.
Nearly two-thirds also agree that they find it difficult to comply with privacy and data protection regulations in production and development environments.
Under the terms of the UK Data Protection Act, the Information Commissioner’s Office (ICO) has taken a tougher approach to handing out penalties for information breaches for the year up to June 30, 2012.
Recent figures from the ICO revealed that it issued a record 68 warnings, up 48 percent from 46 during the previous year.
Yet, despite the risks of data breaches, the research from Informatica reveals that, of the 532 senior IT and IT security practitioners surveyed – 65 percent of whom work in organisations with a headcount of more than 1,000 – organisations are still struggling to get a grip on their data.
Widespread vulnerabilities, inadequate budgets, and difficulties complying with privacy and data protection regulations are proving the biggest challenges:
· 59 percent admit they are not confident that they would be able to detect the unintentional loss or theft of sensitive personal information contained in databases or applications in the production environment.
· Nearly half of respondents say sensitive personal data contained in their company’s databases and applications have been compromised or stolen by a malicious insider.
· 71 percent find it difficult to restrict user access to sensitive information in the IT and business environments.
· However, only a quarter of respondents say they have adequate budgets to invest in the necessary solutions to reduce the insider threat.
“Beyond the threat of hefty fines, UK organisations need to deal with the impact of data breaches on hard-won consumer trust,” said Adam Wilson, general manager of ILM, Informatica.
“The risks are compounded by the differences in data privacy laws across countries in the EU as well as complexities of protecting data in the cloud. Informatica enables organisations to face these challenges by providing jurisdiction aware data masking and masking for cloud applications such as Salesforce.com.”
In addition to the risk from internal staff and company processes, the research also highlights significant threats to data that is shared with third parties, including cloud providers.
According to Gartner, cloud computing is forecast to grow 19 percent in 2012, a faster rate than overall IT spending. Yet an alarmingly high proportion of respondents surveyed claim their organisations are not adequately protecting sensitive corporate and customer data in the cloud.
· 67 percent say the security or privacy risk posed by cloud providers accessing confidential data is high or very high.
· 60 percent agree that the inevitability of a data breach in the cloud is such that it is likely to have happened already or will happen in the future.
· 51 percent say their organisations believe it is important to anonymise, mask, suppress or encrypt information when transferring to third parties, including cloud providers.
· 69 percent say their organisation is not able to detect the loss or theft of personal information operated by third parties, including cloud providers.
To read the latest issue of Business Review Europe, click here