Posted on Thu, Aug 20, 2009
Rising government mandates and intellectual property (IP) protection are the major driving forces of the high standards revolving around data loss prevention. In today’s vulnerable economy, spending priority should be around enhanced data security. Increased regulatory compliance requirements, layoffs and job insecurity have intensified concerns about employees sabotaging or running away with sensitive business information.
Most organizations fall under one or more state, federal or international regulatory mandates. Compliance standards such as those within the Heath Insurance Portability and Accountability Act (HIPAA), Gramm-Leach Bliley Act (GLB) and Sarbanes-Oxley (SOX) are requiring corporations to take measures to safeguard private and personally-identifiable information. There are currently thirty-five states within the U.S. which mandate companies attacked by data loss to notify individuals in the event that their personally identifiable information is breached.
Data loss prevention is not only of significant interest to health care and financial industries, but also for nearly all companies that conduct business worldwide. Organizations face several obstacles that make it difficult for them to maintain regulatory compliance. Mistakes such as sending an email which contains unencrypted credit card data, or distributing a report revealing employee or patient medical information with an unauthorized person can be considered regulatory violations.
A down economy generates a more competitive business environment, making IP protection detrimental for all companies. This is one of the most important assets belonging to any business and serves as a key motivating factor for data loss prevention efforts. With there being so many forms of documented data that could be considered a trade secret (such as data pricing, marketing strategy plans and customer information), company insiders may not be fully aware they are handling IP. It is therefore the company’s responsibility to take the necessary steps to protect critical IP. This begins with an effective data protection and disaster recovery plan.
Fact: U.S. businesses are losing approximately $250 billion annually from trade secret theft (United States Trade Representative).
Posted on Wed, Aug 12, 2009
Over the past decade, the world has gotten more electronically connected in a multitude of ways. Whether while traveling, in the office or at home - most people are never far away from an electronic medium that holds the capability of linking people to each other nearby or halfway around the world. The complexities of daily business have made instant access to electronic data more and more crucial, and increased the need to put effective data loss protection measures and potential disaster recovery solutions in place.
Take global alliances for instance: many companies have international offices, outsourced managed service providers and offshore development offices that each exponentially increase the chances for data loss. Communication practices as simple as sending e-mails can compromise confidential information that instantaneously travel across the world. Overall, the environment is ripe with opportunity for data loss.
Today's workers experience a far greater amount of flexibility in their work location and hours than those of previous generations. A May 2006 U.S. Chamber of Commerce report stated that 20 million Americans telecommute. This indicates that electronic communications have become the lifeline to the office, with important and perhaps sensitive company data transmitted back and forth throughout cyberspace. This is a prime target for hackers and criminals to hijack.
Throughout the years, organizations have spent an immense amount of resources on data protection for the purpose of safeguarding their mission-critical information. However, the bulk of their efforts have been centered on preventing outsiders from hacking into the organization. Ironically, studies have shown that the majority of information leaks are resultant from data loss inflicted by employees and company partners. There is some research which shows that more than half and as much as 80% of data breaches are caused by company insiders. A business does not need vastly dispersed offices or a staff which heavily telecommutes to be fertile ground for data loss. Employees can cause a data loss disaster for their company with the simple click of a mouse - whether done purposefully or accidentally.