Employees rival malware for data losses

Negligent employees are starting to rival computer virus infections as the biggest cause of data loss in UK businesses.

Negligent employees are starting to rival computer virus infections as the biggest cause of data loss in UK businesses.

Some 60% of UK businesses are losing sensitive data as a result of negligent employees, according to the Worldwide State of the Endpoint Survey 2010 by the Ponemon Institute.

This is exacerbated by the loss and theft of desktop and laptop computers and other mobile computing devices reported by 55% of organisations. Twenty eight per cent have lost sensitive data held by a third party or cloud computing provider.

The study also found nearly 30% have experienced malicious theft of data by employees, evidence of the growing insider threat in the recession as more people are made redundant.

But the prolific nature of data leakages is not surprising, the study said, given that 76% of employees can e-mail data out of their organisation without any trace and 70% can download data onto a USB stick without detection.

This is contrasted with the fact that over three quarters of organisations have reactive anti-malware and anti-virus technologies in place.

Nearly half the respondents (49%) said a lack of skilled staff was the main challenge to preventing data leakage and protecting data against new security threats.

The inability to integrate multiple security technologies was cited as another major security challenge by 42% of respondents. Seventy per cent said they were running three or more security management consoles.

"For organisations to get a clear view on where their data lives and is accessed and what threats they are being subjected to, they must bring the different security technologies together onto one endpoint management platform, said Alan Bentley, senior vice-president at security firm Lumension, which commissioned the study.

"The study provides evidence that companies are racing to adopt new technologies faster than they can understand their impact on data security and develop effective use and integration policies," said Larry Ponemon, chairman and founder, Ponemon Institute.

"As a result, networks are growing more and more complex, making the task of securing sensitive data more and more difficult," he said.

Ponemon said the study had identified the factors IT professionals say are responsible for their biggest headaches.

"Not surprisingly, a lack of CEO support and insufficient resources are among the top culprits," he said.

Top seven data loss issues >>

Read more on IT risk management