Fasoo and Ponemon Institute Study Reveals That Employees Still Present the Highest Security Risk to Organizations

Seventy-Three Percent of Organizations Surveyed Do Not Have the Ability to Restrict Confidential Document Sharing

News provided by

Fasoo, Inc.

Jun 13, 2016, 12:01 ET

NATIONAL HARBOR, Md., June 13, 2016 /PRNewswire/-- Gartner Security and Risk Summit 2016 -- Fasoo, Inc., the leader in Data and Software Security, today released the results of the security industry's first look at organizations' confidence around protecting intellectual property and other high value assets. In the latest Ponemon Institute survey titled, "Risky Business: How Company Insiders Put High Value Information at Risk," 72 percent of surveyed organizations are not confident in their ability to manage and control employee access to confidential documents and files.

To access the full report, go to http://en.fasoo.com/Ponemon-Risky-Business-How-Company-Insiders-Put-High-Value-Information-at-Risk.

"What should be concerning to C-level executives and corporate boards is that most organizations have no idea where mission-critical information is located on the corporate network, who has access and what they are doing with that information," said Bill Blake, President of Fasoo. "Deploying DRM solutions is a first step. Beyond that, organizations must be vigilant in applying and enforcing security policies as well as knowing where the organization's most valuable information is located at all times."

The Ponemon Institute surveyed 637 U.S. IT security practitioners familiar with their organization's approach to protecting data, documents and files against cyberattacks. All organizations surveyed use some type of document and file-level security tools. For the purpose of this research, high value information includes trade secrets, new product designs, merger and acquisition activity, financial data, confidential business information, etc.

Key findings from the study include:

  • Company insiders are the biggest threat – The primary cause of data breaches experienced by companies was the careless employee (56 percent) followed by the lost or stolen device (37 percent).
  • Locating the crown jewels – Almost 70 percent of respondents do not know where confidential information is located and more than 60 percent don't have visibility into what confidential documents and files employees are sharing.
  • Where are the leaks – Seventy-three percent responded that it was likely their organization had lost some confidential information over the past 12 months. Half of all respondents say their organization is highly effective in preventing leakage by external attackers and hackers yet less than half are as confident in preventing data leakage by careless employees. 
  • Highest risk departments – Sales departments pose the greatest risk to information assets, both structured (69 percent) and unstructured data (58 percent). C-level executives and Human Resources (79 percent) account for more than half of unstructured data risk while Human Resources and Finance and Accounting (71 percent) pose more risk with structured data.
  • Setting policies and enforcing them – Eighty-three percent of organizations struggle with determining the appropriate level of confidentiality documents and files should possess.  Determination is based on data type, policies or data usage, but only 13 percent use access as the determining factor while only 16 percent are using a content management system. Even if the organization has properly identified confidentiality, only 15 percent of respondents are confident that they are highly effective in limiting access.

"There is a belief that data breaches are the work of malicious actors, internal and external, but it is more often the result of careless behavior by employees who don't understand the impact of sharing files. The findings in this study should serve as a wake-up call for all organizations determined to protect high value information," said Larry Ponemon, President, Ponemon Institute. "Better security hygiene, including education and consequences for risky behavior, should include every employee with access to information in addition to the organization locking down proprietary data, intellectual property and confidential information that shouldn't be accessed by everyone."

Fasoo (booth 200) will highlight study results at the Gartner Security Risk & Management Summit, taking place at the Gaylord National Resort & Convention Center in National Harbor, Maryland from June 13 – 16. Bill Blake, President of Fasoo, Inc., and Ron Arden, Vice President and COO of Fasoo, Inc., will lead the session, "Defending Your Intellectual Property Against Cyber and Insider Threats," on Monday June 13th from 11:00 – 11:45 a.m. in Maryland A Ballroom, where they will share how companies are implementing data-centric security strategies using people centric policies to defend against threats and protect their most valuable digital assets.

About Ponemon Institute

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

About Fasoo

Fasoo's file-based security solutions help customers prevent unintended information disclosure through over 2,000 projects deployed worldwide. Since 2000, Fasoo has helped customers create a secure information sharing environment and simplified secure collaboration internally and externally. Its award winning enterprise DRM (Digital Rights Management) solutions are securing more than 2.5 million users enterprise-wide. Fasoo is seeing continuous improvement in its global market position, based on its unique technology, ongoing R&D and strategic approach to comprehensive product capabilities. Fasoo is moving the market forward through new business models including static code analysis (SPARROW) and secure content platform solutions.

About the Gartner Security & Risk Management Summit 2016

The Gartner Security & Risk Management Summit 2016 is focused on managing risk and delivering security in a digital world. This summit will provide best practices and strategies to maintain cost-effective security and risk programs in order to support digital business and drive enterprise success. This year's summit will offer insights on building resilience, delivering effective security and implementing targeted projections. Experts will provide information on how to embrace new approaches to digital business while maintaining proven control architecture that mitigates enterprise risk. For more information on the summit, please visit the website at
http://www.gartner.com/technology/summits/na/security/ 

Media inquiries:
MSLGROUP: Nina Gill or LeeAnn Hovanasian at 781-684-0770 or [email protected]

Logo - http://photos.prnewswire.com/prnh/20150515/216309LOGO

SOURCE Fasoo, Inc.

21%

more press release views with 
Request a Demo