The insider threat continues to be the biggest cause of data loss in many organisations as employees either intentionally or unintentionally give away information.
So says Samresh Ramjith, GM for technology and operations at Dimension Data SA, who adds that while data loss is ultimately unavoidable, organisations can do more to mitigate and manage it.
In order to get a clear understanding of the extent to which South African organisations are losing data and how they are dealing with it, ITWeb in partnership with Dimension Data today released the Data Loss Prevention Survey, which will run for two weeks.
According to Ramjith, organisations often trust their employees with sensitive data but in certain instances, these employees give away the information to criminals. He adds that loss of such critical information has huge repercussions for a company.
“The consequences range from losing trust from clients to losing completive advantage, especially when a business loses its intellectual property. Imagine if Coca-Cola had lost the recipe to make Coke.
Security breaches nowadays are being motivated by financial gain because a lot of transactions are happening online.”
He also points to factors like sabotage and corporate espionage as fuelling data loss in many organisations.
“These days, organisations are at the mercy of complex viruses like Duqu and Stuxnet, which are designed specifically to steal corporate information,” he explains.
Only recently, a piece of malware - Worm.Win32.Flame - described as the most sophisticated cyber weapon discovered to date, was found attacking entities in several countries. The malware collects information from infected machines, including via keyboard, screen, microphone, storage devices, network, WiFi, Bluetooth, USB and system processes.
Ramjith points out that mobile devices, which are increasingly being used in the corporate environment, are also exacerbating the situation.
“BYOD [bring your own device] policies, which are being embraced by businesses, also open the doors to threats. However, enterprises can deploy various measures to protect these devices. One such strategy is encryption.”
Ramjith, therefore, concludes that data loss in inevitable in organisations mainly because of the complexity of attack tools as well as the risks posed by their own employees.
However, he notes that enterprises should put in place measures to mitigate the risks of losing data. Measures like backup, for example, ensure business continuity in the event of such a disaster, he explains.
Click here to complete the survey.
Share