The results of a new survey conducted by Forrester Consulting entitled Data Loss Prevention and Endpoint Security: Survey Findings was announced today. The report reveals that most companies have lost confidential data through removable media such as USB drives in the past two years.
Data loss via USB drives and other removable media is now the top concern for endpoint security, ahead of Trojans, spyware and other threats. The survey also finds that most information security decision makers have specifically allocated 2007 budget to pursue endpoint data loss prevention and are currently investigating solutions.
The findings were based on an online survey of 151 decision-makers at North American companies with annual revenues of more than $200 million. Fifty-nine percent of the respondents came from enterprises with more than $1 billion in revenue. Respondents were asked about their concerns, priorities, current implementations, and plans regarding data loss prevention and endpoint security.
Among the key findings:
- More than half of respondents (52 percent) have lost confidential data through removable media such as USB drives in the past two years.
- Currently, organizations rely mainly on paper-based controls such as written policies that information security asks employees to sign (40 percent).
- Intellectual property, customer data and company financials are the top three concerns for data loss at the endpoint.
- Data loss via USB drives and other removable media is the top concern (72 percent) for endpoint security, followed by Trojans, spyware and other threats.
- Downloading confidential data to desktop and laptop PCs is a significant threat: 76 percent of respondents said they are not satisfied with the visibility they have into confidential data being downloaded to PCs.
- Data loss prevention (DLP) is a major priority for nearly all respondents (95 percent) in 2007.
- Most organizations (82 percent) said that DLP was part of their 2007 budget, and 76 percent respondents indicated their DLP spending will increase in 2007.
- Most organizations (69 percent) are actively pursuing Endpoint DLP solutions. Forty-four percent of respondents said that they are either piloting or are planning to deploy an Endpoint DLP solution in the next 12 months. An additional 25 percent said that they are currently investigating solutions.
Videos
Collaborative Justice: Transforming Criminal Justice Services Through Unified Collaboration
Cloud-Based Services Accelerate Public Sector Adoption of Video Collaboration
To write an article presenting the fact that data loss is a mounting concern in major companies without including additional facts like examples of how the loss is happening and what may be done to minimize risk is like inviting someone to dinner and just serving appetizers.
You may want to check out MetaDefender for Media (MD4M) at http://www.opswat.com/products/metadefender-for-media. I think this is the ideal solution to protect your organization against the risk of data loss associated with external devices such as USB drives, CDs and other media. MD4M scans your media using up to 10 antivirus engines (from AVG, CA, ESET and others) as well as your own custom engines (such as Data Loss Prevention), and it also allows control over the flow of data in and out of an organization. After analysis, you can decide how the file is handled – whether it should be quarantined, allowed to enter/leave the organization, etc. As far as I know, MD4M is available either as a kiosk or as standalone software to run on your own scanning station. I hope this helps.