IT Security Pros Clueless About Location of Sensitive Data

Organizations are in the dark about their sensitive data. That's a key takeaway from a new report by data integration software provider Informatica.

The report, "The State of Data Centric Security," was conducted by the Ponemon Institute, and surveyed over 1,500 IT and IT security professionals worldwide.

The top concern of IT security professionals: not knowing the location of sensitive or private data. This was a higher concern than even hacker attacks, malicious employees and compliance issues. Only 15 percent of the surveyed organizations knew where all of their most sensitive structured data lived, 24 percent have no idea where any of it is, and only seven percent knew the location of sensitive unstructured data, such as in e-mails and documents.

'Time Is Ripe'

Larry Ponemon, the chairman and founder of the institute, said in a statement that "the time is ripe for a wider adoption of the technologies and expertise to make data-centric security an enterprise priority."

The report also said that automated, sensitive data-discovery tools can help to reduce risk and increase the effectiveness of security. Informatica, as one might expect, provides such a tool, Informatica Secure@Source, which automates the discovery, analytic and visualization of sensitive data location, risk and proliferation.

Only 40 percent of respondents use an automated solution that can discover the locations and relationships of sensitive and private data. Twenty-two percent use it for finding sensitive data in e-mails and files, but almost 75 percent said they would benefit from such a solution.

More than half are not sleeping well, at least in a figurative sense, because of this situation. Fifty-seven percent said "not knowing where sensitive data resides keeps them up at night." But other issues are also depriving IT personnel of their shut-eye. Fifty-one percent cite migration to new mobile platforms as a sleep robber, 50 percent mention temporary...

Comments are closed.