Nearly One Out of Every Six Indian Enterprises is Impacted by Critical Issues of Data Loss
Date: 03-11-2009 11:26 PM
Source: Symantec (Business Wire India)
Category: Business, Science & technology, Leisure
Location: Bangalore, Karnataka, India
Symantec Corp. (Nasdaq: SYMC) today announced the findings of its study on the mounting risk of data loss in Indian enterprises. The study conducted by IDC (India) revealed that 79 percent of organizations highlighted data loss to be their most serious information security concern followed by other threats like virus and denial of service attacks and spam.
“The need to protect sensitive information like source code, intellectual property, employee and customer accounts has made businesses realize that data loss can turn into a catastrophe and become a competition, compliance and credibility black hole”, said Vishal Dhupar, managing director, Symantec India. “It is imperative that as part of their overall security strategy, enterprises protect their information proactively and know where confidential information resides with them, how this information is being used and how its loss can be prevented”.
State of data loss in Indian enterprises
Despite data loss being considered as a looming threat, only 15 percent of the surveyed organizations have adopted any form of data loss prevention measures. This was largely a result of low awareness (32 percent) amongst enterprises on the impact and consequence of data loss and how data loss prevention technologies could safeguard reputation and revenue of organizations.
According to respondents, more than 50 percent of information residing within their organization is classified as sensitive. As the value and significance of information increases within organizations, instances of data loss are also on the rise. The study finds that more than 16 percent of organizations in India admitted to facing a data loss issue in the recent past. The major causes for these data losses were traced to unaware users, malicious insiders and increasing external threats from hackers and cybercriminals.
As high instances of data loss hit Indian enterprises, 52 percent respondents said that compliance and regulatory mandates was a major driver to prevent loss of data. Pressure from international clients was the driving force behind 24 percent organizations while business continuity was another important factor of consideration for many respondents.
Inadequate Measures to Prevent Data Loss
According to the survey, majority of users considered firewalls, log analyzers, intrusion prevention and intrusion detection solutions as adequate and appropriate data loss prevention measures. Amongst users of data loss prevention (DLP) technologies, 84 percent had opted for ‘patch’ or ‘silo’ based implementation. In the non-users, 45 percent felt ‘no real need’ for DLP since they felt that their existing security solutions were enough to keep their information safe. In addition, close to 30 percent of all respondents faced data classification challenges while differentiating between sensitive and non-sensitive information within their organization.
DLP adoption across sectors
Of the respondents, large enterprises showed the highest awareness of DLP (84 percent) while the awareness and adoption was very low in medium and small enterprises. High-risk industries like Banking Finance and Insurance showed the maximum implementation of DLP with over one-third of the Indian organizations implementing DLP belonging to this sector. The other sectors investing in DLP include IT/ITes (30%), Telecom (18%), Manufacturing (12%) and others (6%).
C-level influence in DLP
Just as DLP is not simply a technological solution, protecting information is no longer just an IT concern. Preventing the loss of data is a business problem, and it requires a business solution. The findings of the study elucidated how DLP is today being addressed at the highest levels with the CIO, CTO or a technical committee having the final say on the deployment in approximately 76% of organizations.
Recommendations
• Effective data loss prevention (DLP) establishes repeatable processes and procedures that reduce the risk of data exposure throughout an enterprise. Organizations must look beyond just installing products as that alone will not ensure success.
• Organizations should strive to achieve a sustainable DLP program that effectively addresses evolving risk factors and supports a culture of security. Comprehensive, long-term, sustainable DLP is based on:
-- Threat coverage: Information has to be protected wherever it resides, whether that’s at-rest, in-motion or in-use. This requires control points at multiple tiers (i.e. endpoint, gateway, network, back-end databases).
-- Business Process Integration: DLP must be incorporated into an organization’s overall business processes so that it’s viewed as a business necessity, aligned with strategic goals, compliance requirements and risk management.
-- Risk Reduction Measurement: Organizations should define achievable and measurable goals and then regularly review progress against them and hold business leaders accountable for meeting them.
• Mature DLP deployments result in:
-- Building a culture of security where everyone in an organization, from top to bottom, understands their role in keeping information secure.
-- Elevating information risk management initiatives to executive level discussions.
-- Driving business units to define and prioritize their data loss concerns.
About the Symantec study on the DLP market in India, 2009
The Symantec study on risk of data loss in Indian enterprises was a focused study to highlight the DLP market, trends, usage, perception, awareness and implementation across verticals in the country. Conducted by premier global intelligence marketing firm IDC (India) limited during August 2009, the study poled more than 142 respondents across data intensive sectors like BFSI, Manufacturing, Media & Entertainment/ Telecom and IT/ ITeS to gain insight and understanding into some of the more complicated factors associated with data loss prevention.
About Business Solutions from Symantec
Symantec helps organizations secure and manage their information-driven world with IT compliance, discovery and retention management, data loss prevention and messaging security solutions.
About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.
NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
Other Press Releases SVP Group Launches Spacious Gulmohur Residency in Indrapuram Rolls-Royce Ghost Debuts in India Debutant Author Akash Verma’s “It Happened That Night” Launched ANNOVA Technologies is the WINNER of the Red Herring Top 100 Asia Award TERI Launches GREEN India 2047 Report 3rd International GCA India Conference for PR & Communication Professionals to Begin on 26 November 2009 in Bangalore STAR Cricket Salutes the Living Legend Sachin Tendulkar Alok Bharadwaj Conferred the CMO of the Year 2009 Award Simplay Labs CEC ExplorerTM Recommended as Official Test Tool for HDMI® Compliance Test Specification Version 1.4 HDMI Licensing, LLC Releases Updated Adopted Trademark and Logo Usage Guidelines PRTM Global Executive Innovation Survey: Senior Executives Embrace Innovation Despite Recession; Execution is Top Concern Gemalto Establishes a Sponsored ADR Program BOKU Enables Mobile Payments for over 200 Million Gamers with 12 New Partners Wells Fargo Supports Clean Technologies with New Commercial Banking Group JohnsonDiversey Announces Pricing of Private Placement of Senior Notes Premier Electronics Named “Engineer’s Favourite Distributor” for 2009 by EDN China Cybercriminals Use Fear and Anxiety to Convince Users to Buy Rogue Security Software Aptara Announces eGen™ Platform for Rapid, Low-Cost eBook Production
|
