Only 34% of businesses enforce encryption on removable devices
Posted on 28 February 2012.
Imation revealed the results of a recent survey of 302 IT decision makers in the US and Canada, which say that 37 percent of them reported that their business had unintentionally exposed corporate data through theft or loss of removable devices in the past two years.

Despite this, only 34 percent enforce encryption on all removable devices allowed on their networks (25 percent in the U.S. and 51 percent in Canada).


Other key findings from the survey include:
  • 91 percent of companies allow removable storage devices on their corporate networks, including USB flash drives, smartphones (e.g., iPhones and Android devices), tablets (e.g., iPads and Android tablets) and optical media.
  • While 81 percent of businesses have a policy regarding encryption of corporate data on employees’ own removable storage devices, nearly two-thirds of businesses report not enforcing encryption on those devices. Twelve percent leave it to the user to enforce encryption.
  • 20 percent of businesses report not having a defined action plan to deal with a data breach, nor do they have intentions to draft one.
Furthermore, additional research has shown that more than 50 percent of employees use portable devices to take confidential data out of their business daily. And, according to a Ponemon Institute study, 75 percent of organizations have suffered data loss from negligent or malicious insiders.

“While most of the world’s enterprises are focused on protecting their networks from external threats from malware and hackers, the bigger risk for a data breach appears to be inside the organization. Workers are moving mass volumes of data on unsecured devices, often their own iPhones and flash drives, out of the network every day, and this makes businesses vulnerable to loss or theft of corporate or customer data,” said Lawrence Reusing, general manager, Mobile Security for Imation. “As the research illuminates, most organizations do not have a handle on the devices and data that can walk out their door every day.”

Imation offers the following best practices to protect your organization from data loss or theft:

1. Establish systems, policies and standards for new devices you bring into the workplace:
  • All removable media and mobile devices should be encrypted.
  • Implement centralized management of removable storage devices, including “remote kill” – disabling the device when it is connected to the internet – when possible.
  • Implement audit and compliance controls so you know what is on those devices.
2. Employ solutions on the market that are available for managing and encrypting the removable storage devices that you already have in the organization.





Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //