Security

Unstructured data is biggest threat say IT professionals

Organisations don't know the technical solution say researchers

By Brian Fonseca, | Published 09:39, 02 July 08

Corporate information stored on file servers and network attached storage (NAS) devices represents a major security risk because many organisations’ IT governance policies and access rules are incapable of dealing with a massive growth of unstructured data,

That is the stark warning of a new report from the Ponemon Institute. It surveyed 870 IT professionals and found that only 23% believe unstructured data stored by their companies is properly secured and protected.

Also in this channel

Companies 'wasting millions' with bad file managementSmaller firms waste more per person >>
Baillie Gifford better secures wealth management dataWealth manager acts to ensure full compliance >>
How to pick a NAS storage system for your businessFind the right storage solution for your branch office or SME >>
Crucial data-recovery service or potential data breach?21 percent of survey respondents claim data breaches occurred while a drive was in possession of a third-party data recovery service provider >>

Virtualisation, Big Data and BYOD

Check out our Business IT Hub for opinions and briefings. Read more

A wide majority - 84% -- of respondents said that too many workers at their companies can access critical corporate unstructured data. About 76% said their companies have no process in place to control which employees can access specific unstructured data. Such unchecked access could expose internal security gaps and increase the potential for misuse of data, the study notes.

Varonis Systems, a maker of data governance software, funded the survey.

Larry Ponemon, chairman of the research firm, noted that IT managers say that it's difficult to find automated access control processes that can determine the importance of information the moment it's created.

Some 61% of respondents said they cannot keep track of which users access specific unstructured data, and 91% said their organisations lack the ability to determine data ownership because of faulty governance policies and a lack of available storage tools that can remedy the problem.

While IT managers continue to spend significant sums of money on storage technology to hold rapidly increasing amounts of structured data, many admit that the complexity of unstructured data creates a security challenge, said Ponemon.

"What we find is not that they won't spend money on it, but they really don't know how to [resolve the issue] because of the complexity; it's a knowledge issue," said Ponemon.

The respondents said that without adequate controls for unstructured data, the most significant potential problems are insider negligence and deliberate misuse or theft of information from within an organisation.

For the study, Ponemon defined unstructured data as electronic information residing on file servers and NAS devices that is not stored in a database or in a document/content management system. He said it can include: e-mail, instant messages, Microsoft Word documents; PowerPoint files; electronic spreadsheets; and source code.

Slideshows: Security threat data advisory tools

Also in slideshows :

Access Computerworld on your mobile

Get the latest news & updates from Computerworld UK on the move. Find out more

Windows 8

Check out our latest articles on Microsoft's next-generation operating system.

Accelerate Your IT Efficiency

View the latest capacity management resources including whitepapers, videos and news.

Latest Slideshows

Click here to view all our slideshows.

Cross-browser click-fraud worm spreading via Facebook

Kaspersky warns malware writers are using Crossrider browser extension development framework to build LilyJade Facebook worm

13 IT security myths

Security experts hammer on security ideas they say are just myths

Inside the US government's cyber security headquarters

Take a tour of ICS-CERT facilities at Idaho National Labs

EU data protection regulation and cookie law - Are you ready?

Big changes are coming with the European Union's E-Privacy Directive

How to hack an iPad

Prevent access with a four-digit PIN code or beware - your device can be hacked!

Anonymous hacks a DOJ site and releases data on The Pirate Bay

The department said it was looking into the unauthorised access

Wikileaks: Freedom of information versus information privacy

Forget the rhetoric, there are fundamental questions at stake

How to keep your mobile devices safe and secure on the road

Prevent hacking and data theft when travelling

UK Facebook hacker jailed for 8 months

IBM Watson mastermind says future computers will be constant learners

Mobile network 3 calls on government to lower Europe data roaming charges

Blogs

Where is GRC headed?

Yet another top GRC software vendor has been acquired, following in the footsteps of Paisley, Archer, OpenPages, among others. BWise has always been an impressive vendor in the GRC space, so first off I think congratulations are in order for...read more »

A new venn of access control for the API economy

Cloud providers and many federated IAM practitioners are excited about OAuth, a new(ish) security technology on the scene. I’ve written about OAuth in Protecting Enterprise APIs With A Light Touch. The cheat-sheet list I keep of major OAuth product support announcements already...read more »

CISOs must act as glue between BC, DR and security

During the past three years, you may have noticed that security and risk professionals have added a new term to their lexicon - business resiliency. Is this just an attempt by vendors to rebrand business continuity (BC) and IT disaster...read more »

Business continuity standards don't matter

The current state of business continuity management (BCM) standards? Abysmal. According to a joint Forrester/DRJ study, 69% of respondents said that British Standard (BS) 25999 did not influence or only somewhat influenced BCM at their company. It’s not much better...read more »

more blogs ..

Cumbrians lose broadband after public subsidy cut

Infrastructure >>

Burberry points to benefits of tech in strong annual results

Applications >>

Cheap tablets sees Lenovo shipments grow in China

IT Business >>

EU data protection regulation and cookie law - Are you ready?

Security >>

De Vere hotels consolidate online brands through private cloud

Cloud Computing >>

Windows 8 touchscreen devices to be priced higher, Dell says

Operating Systems >>

Slideshows
White Papers
Videos
Newsletters

Login

Please login to ComputerworldUK.com

Forgot password?

Not a member yet?

Register for a Computerworld UK Account and enjoy unlimited access to our extensive white paper library and exclusive Enterprise multi-user software trials. Account members can also comment on articles and access best practices guides.
Register

HP Business Answers

Join the discussion today

The HP Business Answers group is a vibrant community of small and medium sized business owners and employees. HP provides independent and expert advice in fields such as design, branding, taxation, technology, marketing or manufacturing so join today to network with over 6500 like-minded professionals.

Unstructured data is biggest threat say IT professionals

Organisations don't know the technical solution say researchers

Also in this channel

Related Articles

Most Popular in Security

Editor's Pick

Blogs

Login

Not a member yet?

HP Business Answers

Join the discussion today

Read the most recent discussions

Sponsored Links »

Popular Topics »