Research highlights endpoint data leak prevention is still a major pain point for IT managers
London, 5th April 2010 – DeviceLock, Inc., a worldwide leader in endpoint data leak prevention software solutions, today announced the results of an independent survey of IT decision makers into the market penetration of data leak prevention (DLP) technologies.
The key finding is that more than one in three (38%) of respondents are still failing to deploy any form of data leak prevention, whether that be device control, endpoint DLP or DLP appliances. Amongst small to medium sized business this figure increases to over half of organisations (54%).
The survey also revealed that even those managers that are deploying technology solutions to prevent data leakage from within their organisations the majority are failing to protect all the possible channels where data leakage can occur.
In spite of the rapidly growing use of personal smartphones and PDA’s within business environments, less than half (48%) of all respondents who had deployed a DLP solution reported that they controlled the data synchronisations between employees’ computers and their smartphones.
Furthermore only a quarter (26%) of respondents that use DLP solutions are able to control the content of documents printed from corporate computers. This is despite the fact that a recent study published by the Ponemon Institute concluded that the document printing channel was found to be the most often used for stealing corporate data.
Other key findings include:
77 % of respondents acknowledged that they monitor employees’ Webmail and social networking applications such as Facebook and Twitter to prevent data leakage, regardless of whether corporate or private accounts are used. Only 8% of respondents believe that privacy concerns are an obstacle for enforcing such controls, suggesting that concerns about security breaches override those of privacy.
The overwhelming majority of respondents (75%) stated that DLP solutions should support out-of-the-box components for full-text searching in their audit and shadow log database. The reason for this is clearly that full-text search capability reduces the labour and time expenses for security compliance auditing, incident investigations and forensic analysis for IT departments.
“The fact that many organisations are still failing to adequately address data leakage prevention is concerning. However, the increasing integration of endpoint content filtering and device control technologies, as well as the growing popularity of complete content-aware endpoint DLP solutions should help to address this,” said Sacha Chahrvin, UK Managing Director, DeviceLock.
He continued: “IT departments are becoming acutely aware of the need to keep costs arising from highly resource intensive processes – such as security compliance auditing, incident investigations, and forensic analysis to a minimum. Affordability and ease-of-use clearly remain significant barriers of entry for those responsible for protecting organisations,’ data especially amongst small to medium sized businesses.”
DeviceLock allows network administrators to lock out unauthorised users from USB and FireWire devices, Wi-Fi and Bluetooth adapters, CD-Rom and floppy drives, serial and parallel ports, PDAs and smartphones, local and network printers and many other plug-and-play devices – all key factors in stopping data leakage. The capacity for data shadowing significantly enhances the corporate IT auditor’s ability to ensure that sensitive information has not left the premises on removable media.
About DeviceLock, Inc.
Since its inception in 1996 as SmartLine, DeviceLock, Inc. has been providing endpoint device control software solutions to businesses of all sizes and industries. Protecting more than 4 million computers in over 60, 000 organisations worldwide, DeviceLock has a vast range of corporate customers including financial institutions, state and federal government agencies, classified military networks, healthcare providers, telecommunications companies, and educational institutions. DeviceLock, Inc. is an international organisation with offices in San Ramon (California, US), London (UK), Ratingen (Germany), Moscow (Russia) and Milan (Italy).
* Survey conducted by Vanson Bourne; full survey results available upon request. (sample size: 200 IT decision makers)