Dataguise Survey Highlights IT Security Issues
73% of organizations report business initiatives thwarted or delayed frequently in many cases because of data security gaps.
Dataguise has announced the findings of a new survey titled “Strategies for Securing Sensitive Data.” In the survey, 100 senior IT decision makers, including CxOs, VPs, directors, and managers were questioned on the topic of sensitive data security, including technologies in use, impacts to businesses when failures occur, and accountability after such events. The survey participants represented firms from a wide variety of industries that were chosen for the intensity at which they consume data. Conducted between March and April of 2016, the survey uncovers several truths about sensitive data management, risks, and increasing budgets for improving IT security infrastructure.
In March of 2016, Dataguise commissioned Gatepoint Research to conduct an invitation-only survey of enterprise IT executives regarding strategies for securing sensitive data. Candidates were chosen from a wide range of industries, including financial services, health care, manufacturing, business services, consumer services, retail, media, and education. 54% of those that completed the survey work for Fortune 1000 organizations with revenues over $1.5 billion. 20% work for medium to large firms whose revenue is between $250 million and $1.5 billion. 26% are employed by small enterprises with less than $250 million in revenue.
Observations and conclusions of the 13 question survey included the following:
- Companies are transitioning toward big data frameworks, including cloud-based environments such as Microsoft Azure HDInsight. 28% of respondents report more than a year of experience with these big data repositories and another 38% in various stages of adoption.
- Data security challenges often have a negative impact on organizations with 73% reporting that data security concerns terminate or delay data-driven business initiatives.
- Companies use multiple security solutions to protect sensitive data, with 82% using network monitoring, 80% leveraging data encryption, 79% implementing access controls, 69% installing perimeter controls, 63% using volume and file encryption, and 43% implementing data masking.
Even with multiple layers of security in place, less than half of all respondents did not believe that their data was secure with only 47% of respondents confident that their sensitive data throughout their organization was safe. Furthermore, it was revealed that sensitive data within organizations can be widely accessed by a large number of individuals. In addition to 80% of respondents indicating that their IT teams had access to sensitive data, 40% said test and development teams also had access and 29% indicated that end-users throughout the enterprise maintained the ability to view this information. Finally, while 62% of those surveyed said their firms passed security audits, 11% failed and 20% were unclear if they passed their audit or not.
Identifying where the buck stops when unauthorized access to sensitive data occurs, the survey also asked who would be held accountable if the organization encountered a breach. 88% of respondents said that their IT security team (including the CISO/CIO) would face scrutiny. 47% said their CEO or board of directors would be placed with the responsibility. 38% of organizations would point to the chief data officer (CDO) for the breach and 24% would fault the user or users who created the data. The takeaway here is that IT security teams are at the greatest risk should a situation occur and must strengthen their data infrastructure to ensure the danger of unauthorized access remains low.
“As we have experienced, many companies are throwing everything they have at IT security challenges. The problem is that even multiple point solutions still leave gaps that put these organizations at risk,” said JT Sison, vice president of marketing and business development for Dataguise. “Addressing this at the data layer plugs the remaining gaps, regardless of its migration across systems and networks. Additionally, platform agnostic monitoring of this sensitive data provides precise intelligence to administrators, providing a much higher level of protection for greater levels of confidence.”
A complete copy of survey results are available for free download at the website.