Study: Security Policies Not Enforced
Survey of US IT practitioners reveals data security policies not enforced
December 4, 2007
TRAVERSE CITY, Mich. and FREMONT, Calif. -- Companies are not following simple data security procedures in seven high-risk scenarios, according to new research announced today by the Ponemon Institute, a privacy and information management research firm. The report, Data Security Policies Are Not Enforced, was sponsored by RedCannon Security, a trusted provider of centrally managed, secure mobile-access solutions for the enterprise.
According to the study, 39 percent of employees surveyed said they have lost a PDA, cellular phone, USB memory stick, zip drive, or laptop computer that contained sensitive or confidential business information, while, 56 percent believe their employer would never be able to determine the type of data contained on a lost device.
³Privacy and data protection policies are meaningless if they do not address the full spectrum of threats and if they are not enforced, and our research points to an urgent need to address this pervasive vulnerability in corporate data security programs,² said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. ³The development of comprehensive policies, along with training and stringent enforcement of those policies should be a priority in any enterprise-wide data security program.²
Read more about:
2007You May Also Like