IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Eighty-One Percent of Surveyed Companies Lost Sensitive Data on Missing Laptops in Past Year

PDAs and laptops ranked highest among storage devices posing the greatest risk for sensitive corporate data

Privacy and information management research firms the Ponemon Institute and Vontu Inc., this week announced the findings of a new study on the issues associated with protecting data residing on storage systems and mobile devices. The U.S. Survey: Confidential Data at Risk, examines risks associated with the storage of confidential information; technologies, practices and procedures used for protecting stored data; and primary concerns expressed by organizations facing the challenges of protecting stored sensitive data from unauthorized exposure.

Stored data presents unique challenges for enterprise security, and the survey is a first-of-its-kind study on the topic, according to the institute. Derived from a national sampling of nearly 500 experienced information security practitioners, the survey reveals a number of key findings, including:
  • Eighty-one percent of companies surveyed reported the loss of one or more laptop computers containing sensitive information during the previous 12 months.
  • Loss of confidential data, such as intellectual property, business documents, customer data and employee records, is a pervasive problem.
  • PDAs and laptops ranked highest among storage devices posing the greatest risk for sensitive corporate data, followed by USB memory sticks, desktop systems and shared file servers.
  • Sixty-four percent of companies surveyed reported never having conducted an inventory of sensitive consumer information. Sixty-four percent also reported never having inventoried employee data.
  • When asked how long it would take to determine what actual sensitive data was on a lost or stolen laptop, desktop, file server or mobile device, the most frequent answer was "never" -- ranging from 24 percent for a file server to 62 percent for an employee's home computer.
  • Eighty-one percent of respondents report that protecting sensitive "data at rest" is a priority this year, and 89 percent anticipate that it will be a priority next year.
The U.S. survey offers insights that help illuminate the challenges of securing confidential "data at rest," defined as all electronic information found on storage devices within the organization's IT infrastructure. The study also identifies the probability that various storage media are likely to contain unprotected sensitive information, ranks corporate data security priorities by department, including IT, call centers and marketing operations, and examines the types of intellectual property and business information that are of most concern to corporate security teams.