- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
Corporate information stored on file servers and network-attached storage (NAS) devices is in danger of compromise because IT governance policies and access rules in many companies are incapable of dealing with a massive growth of unstructured data, according to a Ponemon Institute report issued Tuesday.
A Ponemon survey of 870 IT professionals found that only 23% believe unstructured data stored by their companies is properly secured and protected.
A wide majority - 84% -- of respondents said that too many workers at their companies can access critical corporate unstructured data. About 76% said their companies have no process in place to control which employees can access specific unstructured data. Such unchecked access could expose internal security gaps and increase the potential for misuse of data, the study notes.
Varonis Systems, a maker of data governance software, funded the survey.
Larry Ponemon, chairman of the Traverse City, Mich.-based research firm, noted that IT managers say that it's difficult to find automated access control processes that can determine the importance of information the moment it's created.
About 61% of respondents said they cannot keep track of which users access specific unstructured data, and 91% said their organizations lack the ability to determine data ownership because of faulty governance policies and a lack of available storage tools that can remedy the problem.
While IT managers continue to spend significant sums of money on storage technology to hold rapidly increasing amounts of structured data, many admit that the complexity of unstructured data still makes it difficult to secure it, said Larry Ponemon, chairman of the Traverse City, Mich.-based research firm.
"What we find is not that they won't spend money on it, but they really don't know how to [resolve the issue] because of the complexity; it's a knowledge issue," said Ponemon.
The respondents said that without adequate controls for unstructured data, the top potential problems are insider negligence and deliberate misuse or theft of information from within an organization.
For the study, Ponemon defined unstructured data as electronic information residing on file servers and NAS devices that is not stored in a database or in a document/content management system. He said it can include: e-mail, instant messages, Microsoft Word documents; PowerPoint files; electronic spreadsheets; and source code.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment