It's not too surprising that the most recent study from the Ponemon Institute -- sponsored by encryption software maker PGP and data loss prevention vendor Vontu (see today's announcement by Symantec about finalizing their purchase of Vontu) -- revealed that us humans, us bi-pedals, us laptop and memory stick losers, still represent the greatest threat to the security of a company's data.
Larry Ponemon, chairman and founder of the Ponemon Institute, told eWEEK that at least 80 percent of data breaches involve the human factor, a number that has remained pretty much consistent for the past few years. And as the study pointed out, while the loss of a laptop will certainly get noticed, if a memory stick drops out of someone's pocket while trying to pretzel themselves into an airplane's seat, that person will probably just replace that memory stick without bothering to tell IT that there might be some very devastating data floating around.
One well-known security person wondered who would bother to waste their time reading a memory stick. As PGP Director of Product Management John Dasher succinctly stated, "I would." The real trouble with data security is easy to see in the following scenario offered by Dasher: "Think of legitimate behaviors. A financial analyst goes into a secure database, legitimately. He does an extract of your top 1,000 customers. He slams it into a spreadsheet. It's no longer in a database, so database security is no longer at play. Now it's on a server, or a laptop, or a thumbdrive: multiple copies of highly sensitive, highly valuable information floating around."
Leave a comment