Published/updated: February 2007
While the spotlight of media attention often falls on external threats such as hackers, viruses, spyware and so on, it is well recognised in organisations that problems are far more likely to be caused by people working “on the inside,” potentially through malice but more likely due to foolishness or inadvertent error. Such risks need to be treated through a combination of technology deployment and policy implementation: while organisations are waking up to this, there is still some way to go to overcome past indifference and inactivity when presented with internal threats.
It is well understood that the internal threat is as prominent as the external one
According to 715 senior IT managers participating in a recent study conducted across Europe and the Middle East, security breaches or exposures from employees acting carelessly or deliberately are as much of a concern as external attack from hacking, viruses, spyware and so on. Around 80% of organisations rate the prominence of the threat in this area as significant. Furthermore, around 40% expect the challenges to persist, with a similar number expecting it to rise.
Distribution and fragmentation of data and systems create particular challenges
Almost three quarters of organisations point to the proliferation of confidential information across systems and locations as representing a particular challenge. Distribution and in many cases replication of data across different applications, desktops, servers and locations creates more opportunities for mistakes to occur and for information to end up falling into the wrong hands.
The trend towards mobile working is creating yet more challenges
Over half of organisations now regard the mobile working related security risks as significant and rising at the same level as employee related risks in general. Of particular concern is the increasing degree to which sensitive information is stored on mobile equipment and taken outside of the organisation in an unprotected manner. As part of this almost 70% of organisations highlight the potential threat to information security from USB memory sticks and other portable storage devices.
Some important specific solutions are on the investment agenda
While 30% of organisations have advanced authentication and single sign-on solutions in place, only 16% say identity and access management is fully taken care of. Most of the rest (over 50% in each case) are looking to either extend their investment in such management and automation solutions or invest for the first time.
But technology must be blended with the right policy and process
While organisations are already looking at technology to help manage access to systems and information in a more coordinated and efficient manner, the research suggests that appropriate solutions will only be effective if implemented within the right operational framework. While 62%, for example, say security infrastructure limitations have stood in the way of them evolving their working practices, 68% point to policy and process related challenges as an inhibitor to progress. This includes user training which is critical to protecting against the employee related risk.
This report is free of charge. Click above to download the PDF or view the interactive e-document.
If you experience any problems during this process please contact us at;
firstname.lastname@example.org or call +44 (0)1425 626501 / 620008
By Dale Vile and Tony Lock
It’s easy to be caught out by a cyber attack or internal mistake that leads to your customers’ data or important intellectual property ending up on the black market. Making sure your business is adequately protected and is able to respond effectively to a security incident ...more
By Dale Vile Tony Lock & Jack Vile
Application programming interfaces (APIs) have been around for decades. In the early days of IT they were primarily used to give programmers convenient access to libraries of prebuilt functions. As systems became more distributed, APIs found their place ...more
By Dale Vile & Jack Vile
The world we live in is increasingly digital. As the smart use of technology leads to markets speeding up and becoming ever more unpredictable, a strong set of established offerings and execution capabilities only gets you so far. Feedback from 1,442 IT ...more
By Dale Vile
Advances in digital technology create significant opportunities to transform both customer engagement and business operations. As the trends in these areas continue, feedback from 1,442 respondents in a recent survey highlight 10 key traits of the highest achievers. ...more
By Dale Vile
IT infrastructures are often coping pretty well with current business requirements, but many IT professionals are aware that new and changing needs will lead to future capability gaps. They also know that more of the same is not the answer ...more
By Dale Vile
In today’s fast-moving, information-intensive business environment, data management is more of a challenge than ever. Relying on manual processes and scripts, or ad hoc piecemeal automation, is not sustainable ...more
By Dale Vile
A perennial problem with storage is how to deal with escalating requirements in a smooth, manageable and non-disruptive manner. By removing many of the traditional limits on system expansion, Ceph based configurations ...more
By Dale Vile
Not so long ago, many were speculating that ‘Bring Your Own Device’ (BYOD) would define the future of end user computing. Most organisations today, however, see a role for both company and employee owned equipment to meet the wide and varied range of needs ...more