Three-quarters of UK companies may not have systems in
place to track and trace potential data theft, according to a
survey.
The survey of IT directors at 100 large UK companies, carried
out by Vanson Bourne on behalf of data protection firm LogLogic,
also found that those companies that were able to track and trace
data thefts were often painfully slow to do so.
Of those firms equipped with the tools, more than 60% said it
takes them several days to identify security breaches involving
data theft, and just 20% reported they were able to perform the
appropriate forensics within one working day.
“Despite the potential liabilities and risk to their companies,
it is startling that IT directors in the UK are largely unable to
perform simple forensics to determine data theft,” said Ross
Brewer, managing director of European operations for Loglogic.
The research found that of those companies that do not have a
system to track data theft, 80% report that they are “concerned”,
and cite a lack of budget as the key reason for the failure to
address the security issue.
Monitoring or tracking employees was also a concern, with 40% of
those surveyed reporting that they are not immediately aware when
an employee leaves or is fired from their organisation.
Further compounding the issue, over half of those surveyed
admitted that they do not know how employees’ data is handled
before or after they leave.
Roy Illsley, an analyst at Butler Group, said, “While
organisations have constructed elaborate defences to protect them
from external threats, such as firewalls and encrypted passwords,
most ignore the threat from within. It’s vital that organisations
recognise how simple it is for infringements to take place and take
appropriate preventative action.”
Comment on this article:
computer.weekly@rbi.co.uk