Wifi Password Recovery - UTM - Vulnerability Scanning

WEB SHOP
CLOUD SCAN
VIP
Sun Sun Sun

You are here: News > SecPoint News > Report: Insiders a greater threat to data leaks

» Secpoint NEWS
 
» 13 November 2008
Report: Insiders a greater threat to data leaks

According to the third and final report based on a 2008 survey, IT professionals surveyed worldwide said they think their own employees pose a more dangerous security threat than outsiders, and often it's because of personal use of corporate assets, commissioned by Cisco Systems and released Wednesday.

 

Additional determinations include: One in five Brazilian IT professionals said they believe their employees are to a lesser extent careful around protecting corporate data. And in China and in India, IT professionals are most worried with data thefts through the use of USB devices including thumb drives and iPods in the workplace

A Cisco survey found that of employees who have lost company-issued devices or have had them stolen, one in four employees have done so more than once within the past year.

 

According to the survey, IT professionals said about 10 percent of their employees are losing corporate devices like laptops and USB drives with valuable data more than once a year.

"There's either a negligent behavior or careless recklessness in which they handle data maybe because they didn't realize it was there or maybe there's an education gap," Fred Kost, director of security solutions for Cisco, told CNET News in an interview. "The storage capacity of some of these devices and the types of access they have access to is becoming a critical issue for companies."

The report also cited the growing risks of portable hard drives as opposed to lost or stolen laptops. One in three IT professionals said USB drives (including iPods) were their top concern, more so than e-mail (23 percent), lost devices (19 percent), and verbal communications with outsiders (8 percent).

Surprisingly, 1 in 10 end users in the Cisco survey admitted stealing data or devices and then selling them for profit, or knowing of co-workers who have done so.

Yet there are also nonmalicious reasons to explain how corporate data gets leaked into the wild.

"If you think about the device leaving the enterprise, going into their home environment, the personal environment, maybe letting their children use it; that puts the corporate data at risk," said Kost. He said data leakage could occur when the kids are using the device to surf some Web 2.0 application. "And what about the end of life, when they go to give the device up on one of the e-waste recycling days? There's another chance for somebody to get that corporate data."

Kost repeatedly mentioned the increasingly blurred lines between business use and personal use and how some of that is OK. But long-term personal use of a corporate asset could become a problem.

"Say they have their iTunes library on the device they use for work, now they have to give up their work device, and they have to figure out what to do." In the study, less than 10 percent of the employees did keep their work devices. Of those who did, 60 percent said it was because there were personal files on the device. "It's not malicious," Kost said, "it may just be the only computer in the household."

The Cisco study was conducted in late July through early August by InsightExpress, a U.S.-based market research firm, and involved more than 2,000 employees and information technology professionals. Specifically, the study surveyed 1,000 employees and 1,000 IT professionals from various industries and company sizes in 10 countries.

The first report on cultural attitudes toward security was released in October.

Of those who kept a work device, Cisco found that 60 percent did so for personal needs.

(Credit: Cisco)

 

SecPoint Trustpilot Score

Want to be Contacted?
Click here to Get Contacted
Free Services
Free Wi-Fi Top 15 Security Tips

Free Penetrator Webinar

Free Vulnerability Scan

Free Port Scan
SecPoint News

SecPoint at Simet RestCamp 2014 Partner Event
Partner Days in Turkey 2014 Presenting Penetrator Vulnerability SCanner...
Wednesday April 23, 2014

Compatible With
Awards & Reviews
  
Customer References
Featured SecPoint Customers

Featured SecPoint clients


Encyclopedia | Link Policy | Privacy Statement | Resources | Sitemap | User Policy

SecPoint® © Copyright 1999-2014
US Toll Free: +1-855-489-3724 - EU Toll Free: +44-808-101-2272