The results of a new survey conducted by Forrester Consulting entitled Data Loss Prevention and Endpoint Security: Survey Findings was announced today. The report reveals that most companies have lost confidential data through removable media such as USB drives in the past two years.

Data loss via USB drives and other removable media is now the top concern for endpoint security, ahead of Trojans, spyware and other threats. The survey also finds that most information security decision makers have specifically allocated 2007 budget to pursue endpoint data loss prevention and are currently investigating solutions.

The findings were based on an online survey of 151 decision-makers at North American companies with annual revenues of more than $200 million. Fifty-nine percent of the respondents came from enterprises with more than $1 billion in revenue. Respondents were asked about their concerns, priorities, current implementations, and plans regarding data loss prevention and endpoint security.

Among the key findings:

  • More than half of respondents (52 percent) have lost confidential data through removable media such as USB drives in the past two years.
  • Currently, organizations rely mainly on paper-based controls such as written policies that information security asks employees to sign (40 percent).
  • Intellectual property, customer data and company financials are the top three concerns for data loss at the endpoint.
  • Data loss via USB drives and other removable media is the top concern (72 percent) for endpoint security, followed by Trojans, spyware and other threats.
  • Downloading confidential data to desktop and laptop PCs is a significant threat: 76 percent of respondents said they are not satisfied with the visibility they have into confidential data being downloaded to PCs.
  • Data loss prevention (DLP) is a major priority for nearly all respondents (95 percent) in 2007.
  • Most organizations (82 percent) said that DLP was part of their 2007 budget, and 76 percent respondents indicated their DLP spending will increase in 2007.
  • Most organizations (69 percent) are actively pursuing Endpoint DLP solutions. Forty-four percent of respondents said that they are either piloting or are planning to deploy an Endpoint DLP solution in the next 12 months. An additional 25 percent said that they are currently investigating solutions.