Data loss prevention and endpoint security. Survey findings



Similar documents
2012 Endpoint Security Best Practices Survey

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Symantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Outbound Security and Content Compliance in Today s Enterprise, 2005

McAfee Total Protection Reduce the Complexity of Managing Security

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

Top Four Considerations for Securing Microsoft SharePoint

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Don't Be The Next Data Loss Story

Endpoint Protection Small Business Edition 2013?

Small and Midsize Business Protection Guide

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Managing Security Risks in Modern IT Networks

Sygate Secure Enterprise and Alcatel

CA Host-Based Intrusion Prevention System r8.1

RSA Solution Brief RSA. Data Loss. Uncover your risk, establish control. RSA. Key Manager. RSA Solution Brief

Websense Data Security Solutions

Building a Business Case:

Symantec Endpoint Protection

Symantec Endpoint Protection

CSI/FBI 2000 COMPUTER CRIME AND SECURITY SURVEY

INFORMATION PROTECTED

PCI Data Security Standards (DSS)

Closing the Vulnerability Gap of Third- Party Patching

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Symantec Protection Suite Add-On for Hosted and Web Security

Endpoint Security Management

A Buyer's Guide to Data Loss Protection Solutions

Symantec DLP Overview. Jonathan Jesse ITS Partners

How To Implement Data Loss Prevention

IBM Data Security Services for endpoint data protection endpoint encryption solution

To Catch A Thief: Preventing the Next Fortune 500 Data Breach

Don t Lose the Data: Six Ways You May Be Losing Mobile Data and Don t Even Know It

Top five strategies for combating modern threats Is anti-virus dead?

Cloud Security: Getting It Right

Getting Started with Symantec Endpoint Protection

Cyber Security Solutions:

Host-based Intrusion Prevention System (HIPS)

The Impact of HIPAA and HITECH

Microsoft Windows Intune: Cloud-based solution

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Top tips for improved network security

overview Enterprise Security Solutions

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Endpoint protection for physical and virtual desktops

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Protecting personally identifiable information: What data is at risk and what you can do about it

Symantec Endpoint Protection

Secure Your Mobile Workplace

White Paper. How to Effectively Provide Safe and Productive Web. Environment for Today's Businesses

Are You in Control? MaaS360 Control Service. Services > Overview MaaS360 Control Overview

The Impact of Cybercrime on Business

McAfee Server Security

The Challenge of Securing and Managing Data While Meeting Compliance

IBM Endpoint Manager for Core Protection

Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community

How To Buy Nitro Security

2011 NATIONAL SMALL BUSINESS STUDY

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Symantec Endpoint Protection

Securing the endpoint and your data

Guideline on Safe BYOD Management

Symantec Endpoint Protection

Accenture Risk Management. Industry Report. Life Sciences

Computer Crime & Security Survey

FOUR Networking, Advanced Technologies, and IT Security

Teradata and Protegrity High-Value Protection for High-Value Data

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

Malware and Other Malicious Threats

Host-based Protection for ATM's

Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform

Symantec Protection Suite Small Business Edition

Connect and Protect: The Importance Of Security And Identity Access Management For Connected Devices

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

White Paper. Data Security. The Top Threat Facing Enterprises Today

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Security Practices for Online Collaboration and Social Media

Transcription:

Data loss prevention and endpoint security Survey findings

Table of Contents Overview 3 Executive summary 4 Half of companies have lost confidential information through removable media 5 Intellectual property and client information top data concerns 6 Removable media is the top concern for endpoint security 7 Organizations want visibility into information downloads 8 Data loss prevention is a top priority 9 Half of companies DLP in their budgets and are increasing their DLP spending 10 Two-thirds plan to adopt Endpoint DLP in 2007 11 Top Endpoint DLP solution requirements: architecture, manageability and features 12 Appendix: respondent demographics 14 Data loss prevention and endpoint security: survey findings PAGE 2

Overview Challenges around data protection and the insider threat have changed significantly over the past few years. The build out of digital business to encompass outsourcers, partners, and offshore centers, combined with the motivation of increasingly sophisticated hackers and identity thieves, puts more sensitive information at greater risk than ever before. Today, companies are struggling to identify and protect sensitive information within their environments protecting information such as personally identifiable or personal health information of employees and customers, intellectual property and trade secrets, marketing plans and legal documents is a top priority for them. The need to protect key information assets in a wide open online environment has given rise to increasing demand for Data Loss Prevention (DLP) solutions. DLP enables organizations to detect confidential data and enforce data security policies. Early DLP solutions focused on protecting data in motion by monitoring of email, web, secure web and FTP, as well as proactive blocking of network communications. Next, organizations began to deploy DLP solutions for data at rest in order to discover and protect sensitive information on internal file shares and desktops. While previous DLP solutions have been network-based, the risk of data loss through mobile devices like laptops and USB drives has stimulated a growing demand for DLP solutions at the endpoint. Endpoint security, which used to be synonymous with basic antivirus software, has been evolving over the past few years to include technologies that address the changing threats that companies must face. First, endpoint security vendors added anti-spyware technologies and personal firewalls to mitigate the threat of unwanted applications and hackers. In 2006, host intrusion prevention was the hot technology as companies demanded protection against the unknown. At the same time, the protection of companies information assets was emerging as a top priority for organizations. Consequently, endpoint security solutions quickly followed suit with basic features to control the use of external devices, hoping that these controls would help protect and restrict the movement of information. However, protecting an enterprise s information assets requires more than blocking use of a USB drive. Today s CISOs understand that relying on keywords and phrases and creating black lists is also not enough. Data loss prevention technologies must be content aware. The tools should be able to identify confidential information such as source code and financial reports, so that the appropriate controls can be placed on data based on its sensitivity. Content-aware detection of data at the endpoint whether it is being downloaded to desktops, copied to USB drives, burned to CDs, or sent via printing or fax is not available from traditional endpoint security vendors and must be achieved through dedicated data loss prevention solutions. Data loss prevention and endpoint security: survey findings PAGE 3

Executive summary In November 2006, Forrester Consulting fielded a commissioned online survey of 151 decision-makers at North American companies on behalf of Vontu. Respondents had specific responsibilities for information security and/or data security policy and strategy at companies with annual revenues of more than $200 million. Fifty-nine percent of the respondents came from enterprises with more than $1 billion in revenue. Respondents were asked about their concerns, priorities, current implementations, and plans regarding data loss prevention and endpoint security. This report describes the results of this study, of which the significant findings were: More than half of respondents (52%) have lost confidential data through removable media such as USB drives in the past two years. Currently, organizations rely mainly on paper-based controls such as written policies that information security asks employees to sign (40%). Intellectual property, customer data and company financials are the top three concerns for data loss at the endpoint. Data loss via USB drives and other removable media is the top concern (72%) for endpoint security, followed by Trojans, spyware and other threats. Downloading confidential data to desktop and laptop PCs is a significant threat: 76 percent of respondents said they are not satisfied with the visibility they have into confidential data being downloaded to PCs. DLP is a major priority for nearly all respondents (95%) in 2007. Most organizations (82%) said that DLP was part of their 2007 budget, and 76 percent respondents indicated their DLP spending will increase in 2007. Most organizations (69%) are actively pursuing Endpoint DLP solutions. Forty-four percent of respondents said that they are either piloting or are planning to deploy an Endpoint DLP solution in the next 12 months. An additional 25 percent said that they are currently investigating solutions. Data loss prevention and endpoint security: survey findings PAGE 4

Half of companies have lost confidential information through removable media More than half of the respondents (52%) said that their company had lost confidential data through removable media in the past two years. This applies only to known data loss. Respondents whose organizations don t have any controls in place may answer that they did not lose confidential data through removable media because they have no means of knowing whether a loss occurred. Figure 1: The majority of companies have experienced security breaches with removable media Question: Has your organization experienced a data security breach resulting in the loss of confidential information or data through removable media in the past two years? Don't know 6% No 42% Yes 52% Paper controls for endpoints are common, but not dedicated solutions Most organizations 64 percent restrict, monitor or control the transfer of data to removable media (USB drive or CD-ROM), but when asked how they restrict the flow of confidential data, 40 percent of the organizations said they rely on written and signed policies by their employees. Another 25 percent relied on Microsoft group policy to restrict endpoints. Figure 2: Most companies have taken some measures to limit data on removable media Question: Do you currently restrict, monitor or control the transfer of data to removable media (USB drive or CD-ROM)? No 35% Don't know 1% Yes 64% 69 percent of $200M - $1B companies answered yes, compared to 61 percent of $1B+ companies Data loss prevention and endpoint security: survey findings PAGE 5

Figure 3: Written and signed policies represent the most common means of restricting unauthorized flow of information from the endpoint Question: How has your organization restricted the flow of confidential information off the endpoint? Written and signed policy by all employees Group policy from Microsoft Device control solution from a dedicated security vendor Physical intervention We don t restrict information flow Don t know Other: (please specify) Large enterprises All respondents Small enterprises On a scale of 1 to 5, how successful has this policy been? 3.6 (n=61) 3.8 (n=37) 3.9 (n=24) 3.4 (n=9) 0% 10% 20% 30% 40% 50% Intellectual property and client information top data concerns Respondents listed intellectual property (60%) and customer information (55%) as their top concerns for data loss at the endpoint. Intellectual property is the top concern for all enterprises, with some variation by company size: 66 percent of large enterprises versus 58 percent of small enterprises consider it to be the top data protection concern for endpoints. On the other hand, a much larger number of small enterprises (53%) consider company financials to be a major concern versus only one-third (33%) of the larger enterprises. Figure 4: Intellectual property and client information are the top data protection concerns Question: What data are you most concerned about protecting at the endpoint? Question: What data are you most (Choose concerned all that about apply) protecting at the endpoint? (Choose all that apply) Intellectual property Client/customer lists Company financials Source code Other Large enterprises ($1B+) All respondents Small enterprises ($200M-$1B+) 0% 20% 40% 60% 80% Base: Base: All respondents, All respondents, n=151 n=151 Data loss prevention and endpoint security: survey findings PAGE 6

Removable media is the top concern for endpoint security Two years ago, viruses and Trojans were the top CISO concern for endpoint security, but the current data suggests today the threat of data loss through endpoints, whether inadvertent or intentional, is now the top concern. Figure 5: Removable media is the top concern for endpoint security Question: On a scale of 1 to 5, how much of a concern are each if the following threats to data security? Inadvertent data leak or data theft through removable media devices Extreme concern No concern Mean value (2.5 = neutral) 4.0 Trojans and spyware on your endpoints 3.8 Unsecured connections 3.8 Losing/theft of entire desktops/laptops 3.7 Desktop sharing and remote login applications 3.7 Screen capture technologies 3.3 0% 20% 40% 60% 80% 100% Data loss prevention and endpoint security: survey findings PAGE 7

Organizations want visibility into information downloads Organizations want visibility into the data that is moving around in their environment. Seventy-six percent of respondents are not satisfied with the level of visibility they have into what their users are downloading onto their PCs. Furthermore, 57 percent of respondents agreed that they do not currently have visibility into the confidential data that resides on users machines, but would like to have such visibility in the future. Figure 6: Most companies want more visibility on downloads to pcs Question: Do you have visibility into the information that users are downloading to their PCs? Question: Do you have a complete inventory of all confidential data on user machines? No, would like to have it 21% No, don't need it 1% Yes 23% No, don't need it 5% Yes 38% Yes, but want more 55% No, I would like to have it 57% 16% of $200M - $1B companies answered yes, compared to 27% of $1B+ companies Base: Base: All respondents, All n=151 n=151 Data loss prevention and endpoint security: survey findings PAGE 8

Data loss prevention is a top priority Data Loss Prevention (DLP) is a major priority for nearly all respondents (95%) in 2007. While only 19 percent of companies say they have addressed the problem of data loss within their organization, an overwhelming 76 percent say that data loss is something that they either plan on addressing or are in the process of addressing. Figure 7: All respondent organizations consider data loss prevention a priority Question: Is data loss prevention considered a priority within your organization? Yes, it is a concern that we have already addressed 19% Yes, it is a concern, but we don't have the resources to address it 5% Yes, it is a concern that we plan on addressing 30% Yes, it is a concern that we are in the process of addressing 46% Base: All respondents, Base: n=151 All respondents, n=151 Data loss prevention and endpoint security: survey findings PAGE 9

Half of companies DLP in their budgets and are increasing their DLP spending A vast majority of respondents 82 percent said that DLP was part of their budgets for 2007, and 51 percent of the respondents said that it was a significant enough issue that they had included it as a separate budget item. Additionally, 76 percent of respondents said that their DLP spending will increase in 2007, compared to the previous year. A quarter of large companies are planning to significantly increase their spending on DLP compared to only eight percent of the smaller companies surveyed. Figure 8: A majority of companies have dlp in their budgets and are increasing their dlp spending Question: Is data loss prevention a Question: If data loss prevention is included in another separate budget item in your 2007 budget, who in your organization is responsible for the security budget? data loss prevention budget? No, included under another budget item 31% Don't know 1% Yes 51% IT Information Security Finance Risk Manager Legal No, not in the budget 17% 57% of $1B+ enterprises have data loss prevention as a separate budget item in the security budget 0% 20% 40% 60% Base: Respondents whose companies have data loss prevention as a separate budget item, n=77 Data loss prevention and endpoint security: survey findings PAGE 10

Two-thirds plan to adopt Endpoint DLP in 2007 Forty-four percent of all respondents said they are currently piloting or are planning to deploy an endpoint DLP solution in the next 12 months, while an additional 25 percent of enterprises said that they are currently investigating Endpoint DLP solutions. The larger enterprises seem to be ahead in deploying endpoint security solutions: 52 percent reported that they will deploy a solution in the next 12 months or the solution is in pilot, versus 33 percent of the smaller enterprises. Figure 9: Two-thirds of all enterprises plan to adopt an endpoint dlp solution in 2007 Question: When will you adopt an endpoint data loss prevention solution? Currently in pilot Currently investigating In the next 6 months In the next 12 months In the next 24 months Never Don t know Large enterprises ($1B+) Small enterprises ($200M - $1B) 0% 10% 20% 30% 40% Base: Base: All All respondents, n=151 Data loss prevention and endpoint security: survey findings PAGE 11

Top Endpoint DLP solution requirements: architecture, manageability and features Security managers consider stability, blocking, and manageability to be the top concerns, followed by universal policy, content awareness, and accuracy. Most respondents are now very cautious due to stability, manageability, and integration issues while deploying other endpoint security technologies. While most respondents consider blocking to be an important feature, 83 percent of the respondents say that they would initially want to run Endpoint DLP in monitor only mode until they are comfortable with it, and an additional 10 percent say that they would run it in monitor only mode. Figure 10: Respondents highlight stability as the area of most concern for an endpoint dlp solution Question: On a scale of 1 to 5, how important are each of the following requirements for an endpoint DLP solution? Extreme concern 3 No concern Mean value (2.5 = neutral) Stability 4.0 Blocking 4.0 Manageability 3.9 Universal Policy 3.8 Content Aware Detection, Removable Devices 3.8 Content Aware Detection, Local Drives 3.8 Accuracy 3.7 0% 20% 40% 60% 80% 100% Base: All repsondents, n = 151 Data loss prevention and endpoint security: survey findings PAGE 12

Figure 11: Users wait to engage blocking Question: When rolling out data loss prevention solutions, what approach does your company generally take? Run solution in monitor-only mode 10% Run solution immediately in blocking mode 7% Run solutions in monitor-only mode until comfortable with solution 83% Data loss prevention and endpoint security: survey findings PAGE 13

Appendix: respondent demographics Respondent revenue The 151 technology decision-makers surveyed represent companies with more than $200 million in revenue. The respondents break out as follows: Figure 12: Respondents by revenue Question: Approximately what is your company s revenue? $10 billion or more 26% $5 billion to less than $10 billion 12% $1 billion to less than $5 billion 21% $750 million to less than $1 billion 10% $500 million to less than $750 million 11% $200 million to less than $500 million 20% n = 151 Data loss prevention and endpoint security: survey findings PAGE 14

Respondent job titles Respondents represent a wide variety of IT decision-makers who have specific responsibilities for information security and/or data security policy and strategy at their companies. The respondents break out as follows: Figure 13: Respondents by job title Question: Which of the following most closely describes your job title? Director of IT 24% Senior manager of IT reporting directly to Executive Management 21% Vice-President of IT Chief Technology Officer, CIO 17% 18% Chief Information Security Officer, Chief Security Officer 9% Director of Security Senior manager of information security reporting directly to CIO Chief Risk Officer or Vice- President of Risk Management 3% 3% 3% Vice-President of Security 2% Base: All respondents, n = 151 Data loss prevention and endpoint security: survey findings PAGE 15

Respondent industry Respondents represent a wide variety of industries they break out as follows: Figure 14: Respondents by industry Question: To which industry would you say that your company belongs? Professional services Financial services High-tech products manufacturing Industrial products manufacturing Retail Telecom carriers Media, entertainment and leisure Transportation and logistics services Consumer products manufacturing Construction and engineering services Government Public services Utilities Chemicals and petroleum manufacturing Primary products manufacturing Insurance Wholesale 1% 1% 2% 2% 2% 2% 3% 4% 7% 7% 7% 7% 7% 10 % 13 % 13 % 13 % Base: All respondents, n = 151 Data loss prevention and endpoint security: survey findings PAGE 16

How to get started Our team of Data Loss Prevention experts will work with you to understand your unique data security requirements, priorities, and share insight into our industry best practices. Contact Vontu to get started at +1.415.364.8100 or email info@vontu.com. About Vontu Vontu, now part of Symantec, is the leading provider of Data Loss Prevention solutions that combine endpoint and network-based technology to accurately detect and automatically protect confidential data wherever it is stored or used. By reducing the risk of data loss, Vontu solutions from Symantec help organizations ensure public confidence, demonstrate compliance and maintain competitive advantage. Vontu Data Loss Prevention customers include many of the world s largest and most data-driven enterprises and government agencies. Vontu products have received numerous awards, including IDG s InfoWorld 2008 Technology of the Year Award for Best Data Leak Prevention, as well as SC Magazine s 2006 U.S. Excellence Award for Best Enterprise Security Solution and Global Award for Best New Security Solution. For more information, please visit http://go.symantec.com/vontu. Vontu, Now Part of Symantec 475 Sansome Street, Suite 2000 San Francisco, CA 94111 Copyright 2008 Symantec Corporation. All rights reserved. Symantec, the Symantec logo and Vontu are trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. Tel: +1.415.364.8100 Fax: +1.415.364.8190 info@vontu.com www.vontu.com Data loss prevention and endpoint security: survey findings PAGE 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information