Enterprises Crack Down on Web 2.0 Data Leaks
Data leakage comes in all shapes and sizes. Just ask officials at Proofpoint. In the company's sixth annual study (registration required) of outbound e-mail and data loss prevention issues, Proofpoint found that enterprises are increasingly faced with leaks due to the use of social networks and Web 2.0 technology. And they are not taking it sitting down. While e-mail remains the primary vector for data loss, of the 220 e-mail decision makers surveyed, nearly 20 percent reported investigating a data loss event via a blog or message board in the past year. Seventeen percent disciplined an employee for violating policies regarding those very issues. Both numbers represent an increase from the 2008 report of 11 and six percent, respectively. The crackdown also touched social networks like Facebook and LinkedIn, where companies are responding to a five percent jump (to 17 percent) in exposure incidents compared to last year's survey. The percentage of respondents that fired someone for violating policies around Facebook and similar sites doubled to 8 percent. Similar bad news about data breaches touched media sharing sites like YouTube. Some 18 percent of the respondents - all of which worked at U.S. companies with more than 1,000 employees - reported investigating a leak on such sites. That number was up from 12 percent in last year's report. Still, e-mail remains the top threat as far as data leaks. Forty-three percent of the respondents investigated an email-based leak of confidential or proprietary data in the past 12 months. Some 31 percent terminated an employee for violating email policies in the same period, an increase of five percent. The study ties the increases to the economy, which mirrors findings from other studies as well. In this case, companies reported that 42 percent feel the increase in layoffs has increased the risk of data leakage, while 47 percent said a decrease in IT staff has hurt their ability to protect information. Tellingly, 18 percent investigated a theft or leak of confidential data associated with an employee leaving the company during the past year. With this in mind, it is perhaps more important than ever for companies to be vigilant when it comes to monitoring and protecting data. |
Comments (2)
I can understand how losing IT staff could hurt the security of a company's data. Less IT staff to look over the practices of the employees obviously results in less control. I do not, however, understand how just plain layoffs can increase leakage. What does a loss of staff have to do with a lax in data protection? I mean, there are even less employees on the workforce but still more leakage? Can you elaborate?
Posted by Mike | December 3, 2009 11:45 AM
Hi Mike. I think part of it is the concern that employees who are laid off will take sensitive data with them. In the survey, 18 percent of the respondents said they investigated a report of that happening in the past year. Beyond that, I think it's as you said - fewer employees with their eyes on what people are doing.
BP
Posted by Brian Prince, eWEEK | December 3, 2009 12:33 PM