According to the study:
· Not knowing the location of sensitive or private data is the foremost concern of today’s IT security practitioners, topping hacker attacks, malicious employees and concerns around compliance.
· Organisations are in the dark regarding sensitive data, with only 16 percent knowing where all their sensitive structured data resides, and a miniscule seven percent knowing the location of all sensitive unstructured data, including data in emails and documents.
· Automated sensitive data-discovery tools would reduce risk and increase security effectiveness. The vast majority of respondents (75 percent) believe their security activities would benefit from an automated solution for discovering the locations and relationships of sensitive and private data. However, only 40 percent of organisations use an automated solution, and only 22 percent of those use it to discover sensitive data in emails and files.
Key Survey Findings
With today’s escalating threat landscape and with sensitive and private data no longer restricted to traditional enterprise boundaries, it is imperative to know data location and proliferation to protect it adequately. According to the Informatica-sponsored Ponemon study:
· 57 percent of respondents say not knowing where sensitive data resides keeps them up at night, followed by those who say migration to new mobile platforms (51 percent), temporary contractor mistakes (50 percent) and outsourcer management of data (42 percent) are top sleep-robbing concerns.
· 24 percent do not know where their organization’s sensitive structured data resides, and an additional 60 percent have only limited knowledge.
· 41 percent do not know where their sensitive unstructured data resides, and an additional 52 percent have only limited knowledge.
Current security solutions often do not provide visibility into data location and user access, while existing data protection procedures are most often poorly conducted.
· Sensitive data classification (68 percent) and application-level access controls (62 percent) are the top technologies used to protect structured data assets. Unstructured assets are likewise most often protected by sensitive data classification (54 percent).
While currently on the rise, data breaches can be reduced through a combination of effective data security technologies and skilled personnel.
· Today, just 26 percent of respondents say they are confident in their ability to always detect a data breach involving structured data, while only 12 percent are as confident if the breach involves unstructured data.
· Data breaches could be avoided if the organization had more effective data security technologies in place (58 percent of respondents), more skilled data security personnel (57 percent) and more automated processes and controls (54 percent).
Next Step: Securing Sensitive Data at its Source
As the new Ponemon research reveals, IT security professionals are highly attuned to the value of an automated solution for discovering all locations of their organizations’ sensitive data. Informatica has previewed and demonstrated Secure@Source, a next-generation solution for data-centric security that automates the discovery, analytics and visualization of sensitive data location, risk and proliferation. By securing the data at its source, organizations minimize the security risk downstream.