The Escalating Stakes of Data Security

Page 1 of 2 next >>

There's no doubt that the management at Target had a miserable holiday season at the end of last year, between all the bad PR that came out about the online theft of 40 million customers’ data records—later revised to be even higher—the costs of providing disclosures and working with banks, and the headaches of potentially expensive lawsuits that are being filed.

Such is every organization’s nightmare, the price of openness and accessibility. When it comes to data, enterprises and their IT managers are squeezed between the need to make data accessible to anyone who needs it, while trying to keep out the bad guys. The threats to data security have never been more intense, and the repercussions in terms of public disclosure and lost customer trust never more imposing.

Survey Unveils Where Enterprises are Leading and Lagging in Enteprise Data Seucrity

Of course, there’s nothing new, unexpected, or surprising about the Target debacle. The warnings about data security have been sounded for years and they are not falling on deaf ears. A new survey of 322 data and IT managers finds there is a growing awareness among enterprise executives and managers about the potential issues to enterprise data security—not only from outside hackers and thieves but also from people inside organizations, often those with privileged access. Enterprises are making greater and more frequent efforts to monitor and audit data for evidence of security events. (“Data Security: Leaders Vs. Laggards—2013 IOUG Enterprise Data Security Survey,” December 2013.)

However, the survey also finds, organizations that are fully security-aware—leaders that practice prevention, detection and administrative controls across their data assets—are still in the minority of enterprises. Progress has been slow in building, and maintaining a security culture within organizations. There is greater awareness than ever of the threats posed by loose management of data within organizations, but at the same time, a failure to deliver on tools, technologies, and methodologies to protect sensitive data. This has been the case since 2008, the first year this series was published.

The survey was conducted among members of the Independent Oracle Users Group (IOUG), and underwritten by Oracle Corp. Field work and analysis was performed by Unisphere Research, a division of Information Today, Inc.

Human Error is Viewed as Greatest Risk to Data Security, Followed by Insider Abuse

When asked what they saw as the greatest risks, threats, or vulnerabilities to their data, human error came out on top, cited by 77% of respondents. Second was fear of inside hacks, cited by 63%, up from 57% in 2010. Along with greater awareness of insider threats, there is also more fear of outside hackers, up from 27% in 2010 to 44% this year. Concerns about IT staff abuse also remains at a high level, 48%.  

Image courtesy of Shutterstock 

Page 1 of 2 next >>

Related Articles

5 Key Steps to Ensuring Database Security

Posted March 11, 2014

These days, companies have more and more of their applications and data being accessed through mobile devices. To enable secure access to sensitive enterprise applications and data on mobile devices, Oracle rolled out the Oracle Mobile Security Suite, which, combined with Oracle's existing Identity and Access solutions, aims to deliver an integrated platform for managing access to all applications from a complete range of device types.

Posted February 26, 2014

In many ways, IT protection is like a game of poker. There are two things you need to win: a strong ability to play and the best hand you can get. With the former, a lot of it comes down to knowing what not to do.

Posted February 20, 2014

Cloud computing is no longer hype; it is the reality today for most organizations because of the numerous benefits that it brings. There are three main deployment models for cloud computing—private cloud, public cloud, and a hybrid mix of the two. Here is a look at the risks and disadvantages with each of the cloud deployment models.

Posted October 09, 2013