Informatica Corporation, the world’s number one independent provider of data integration software, today announced the availability of a new research report by the Ponemon Institute LLC, entitled, The State of Data Centric Security. Based on a global survey of more than 1,500 IT and IT security professionals, the study reveals how organizations understand and respond to data security threats in today’s information-everywhere world.
According to the study:
- Not knowing the location of sensitive or private data is the foremost concern of today’s IT security practitioners, topping hacker attacks, malicious employees and concerns around compliance.
- Organizations are in the dark regarding sensitive data, with only 16 percent knowing where all their sensitive structured data resides, and a miniscule seven percent knowing the location of all sensitive unstructured data, including data in emails and documents.
- Automated sensitive data-discovery tools would reduce risk and increase security effectiveness. The vast majority of respondents (nearly 75 percent) believe their security activities would benefit from an automated solution for discovering the locations and relationships of sensitive and private data. However, only 40 percent of organizations use an automated solution, and only 22 percent of those use it to discover sensitive data in emails and files.
Key Survey Findings
With today’s escalating threat landscape and with sensitive and private data no longer restricted to traditional enterprise boundaries, it is imperative to know data location and proliferation to protect it adequately. According to the Informatica-sponsored Ponemon study:
- 57 percent of respondents say not knowing where sensitive data resides keeps them up at night, followed by those who say migration to new mobile platforms (51 percent), temporary worker or contractor mistakes (50 percent) and outsourcer management of data (42 percent) are top sleep-robbing concerns.
- 24 percent do not know where their organization’s sensitive structured data resides, and an additional 60 percent have only limited knowledge.
- 41 percent do not know where their sensitive unstructured data resides, and an additional 52 percent have only limited knowledge.
Current security solutions often do not provide visibility into data location and user access, while existing data protection procedures are most often poorly conducted.
- Sensitive data classification (68 percent) and application-level access controls (62 percent) are the top technologies used to protect structured data assets. Unstructured assets are likewise most often protected by sensitive data classification (54 percent).
While currently on the rise, data breaches can be reduced through a combination of effective data security technologies and skilled personnel.
- Today, just 26 percent of respondents say they are confident in their ability to always detect a data breach involving structured data, while only 12 percent are as confident if the breach involves unstructured data.
- Data breaches could be avoided if the organization had more effective data security technologies in place (58 percent of respondents), more skilled data security personnel (57 percent) and more automated processes and controls (54 percent).
Next Step: Securing Sensitive Data at its Source
As the new Ponemon research reveals, IT security professionals are highly attuned to the value of an automated solution for discovering all locations of their organizations’ sensitive data. Informatica has previewed and demonstrated Secure@Source, a next-generation solution for data-centric security that automates the discovery, analytics and visualization of sensitive data location, risk and proliferation. By securing the data at its source, organizations minimize the security risk downstream.
“The findings indicate that sensitive and confidential data continues to proliferate beyond traditional IT perimeters,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “The majority of respondents agree that not knowing the location of data poses a serious security threat. Clearly, the time is ripe for a wider adoption of the technologies and expertise to make data-centric security an enterprise priority.”
“At Informatica World, Informatica’s annual user conference in May, customers emphasized the need for companies to better secure data at its source, before it propagates to any number of destinations,” said Amit Walia, senior vice president and general manager, Application ILM, Informatica. “Informatica Secure@Source will deliver on that need, helping to eliminate what organizations around the world recognize as a severe security exposure. In a giant step for data-centric security, Secure@Source will help companies visualize risk by means of a ‘data risk heat map,’ intelligently monitor data usage patterns and protect sensitive data based on a customer-defined risk index.”
- INFAgraphic: The State of Data Centric Security
- Ponemon Report: Hidden Data is Your Biggest Nightmare
- Blog: The Case for Data Centric Security
- Informatica Vines
About the Ponemon Institute
Ponemon Institute conducts independent research and education that advances information security, data protection, privacy and responsible information management practices within businesses and governments throughout the world. Our mission is to conduct high quality, empirical studies on critical issues that affect the protection of information assets and IT infrastructure. As a member of the Council of American Survey Research Organizations (CASRO), we uphold strict data confidentiality, privacy and ethical research standards. www.ponemon.org.
Informatica Corporation (Nasdaq:INFA) is the world’s number one independent provider of data integration software. Organizations around the world rely on Informatica to realize their information potential and drive top business imperatives. Informatica Vibe, the industry’s first and only embeddable virtual data machine (VDM), powers the unique “Map Once. Deploy Anywhere.” capabilities of the Informatica Platform. Worldwide, over 5,000 enterprises depend on Informatica to fully leverage their information assets from devices to mobile to social to big data residing on-premise, in the Cloud and across social networks. For more information, call +1 650-385-5000 (1-800-653-3871 in the U.S.), or visit www.informatica.com. Connect with Informatica at http://www.facebook.com/InformaticaCorporation, http://www.linkedin.com/company/informatica and http://twitter.com/InformaticaCorp.