News, Views and Opinions

Blog of a Sentimental Data Digger

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Archives
    Archives Contains a list of blog posts that were created previously.
  • Login

The Insiders' Risk

Posted by on in Security
  • Font size: Larger Smaller
  • Hits: 2786
  • 0 Comments
  • Subscribe to this entry
  • Print

Answers to a rhetorical questions - do most organizations are having difficulty balancing the need for improved security with employee productivity demands. Well, yes!

A report, "Corporate Data: A Protected Asset or a Ticking Time Bomb?" is derived from interviews conducted in October 2014 based on survey commissioned by Varonis Systems, Inc. and conducted by the Ponemon Institute surfaces an important factor that is often overlooked: employees commonly have too much access to data, beyond what the This research surfaces an important factor that is often overlooked: employees commonly have too much access to data, beyond what they need to do their jobs, and when that access is not tracked or audited, an attack that gains access to employee accounts can have devastating consequences."

key findings on control and oversight include:

  • 71 percent of end users say that they have access to company data they should not be able to see.
  • 54 percent of those end users who have access they shouldn't characterize that access as frequent or very frequent.
  • 4 in 5 IT practitioners (80 percent) say their organizations don't enforce a strict least-privilege (or need-to-know) data model.
  • Only 22 percent of employees say their organization is able to tell them what happened to lost data, files or emails.
  • 48 percent of IT practitioners say they either permit end users to use public cloud file sync services or permission is not required.
  • 73 percent of end users believe the growth of emails, presentations, multimedia files and other types of company data has very significantly or significantly affected their ability to find and access data.
  • 43 percent of end users say it takes weeks, months or longer to be granted access to data they request access to in order to do their jobs, and only 22 percent report that access is typically granted within minutes or hours.
  • 60 percent of IT practitioners say it is very difficult or difficult for employees to search and find company data or files they or their co-workers have created that isn't stored on their own computers.
  • 68 percent of end users say it is difficult or very difficult to share appropriate data or files with business partners such as customers or vendors.
0
Trackback URL for this blog entry.

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Monday, 19 November 2018