Archive for March, 2011
Did you know that the average cost of a data breach is $7.2 million dollars?
Or that the cost of each compromised record is $214, an increase of 7% over last year?
A data breach resulting in the loss or theft of protected personal data will have serious financial consequences on an organization – the least expensive breach reported in 2010 was $780,000 (and the most expensive one was over $35 million). You can read more about the cost of data breaches in the Ponemon Institute’s 2010 U.S. Cost of Data Breach survey results.
Here are a few other key takeaways:
- For the 5th year in a row, data breach costs have continued to rise
- Lost business accounts for over 60% of data breach costs, the remaining amount is data breach detection, escalation, notification and response
- Escalating data security threats and compliance pressures are driving rapid responses to data breaches, resulting in higher costs
- Criminals now account for 31% of data breaches and they are significantly more expensive to contain and fix
- Negligence remains the most common threat, and an increasingly expensive one
What is your organization doing to ensure the privacy and confidentially of your information, including when it’s sitting on your servers, being shared between systems and business partners, and shared between people? And don’t spend all your time combating criminal threats…. Negligence now accounts for 41% of data breaches, you must safeguard against negligence too.
Go ahead, estimate the data breach risk to YOUR organization. First, ballpark how many pieces of sensitive files and data are floating around your company today…. Then multiply that number by $214. I’m sure you’ll agree that the ROI on the time, technology and resources spent to protect company data are well worth the investment and risk avoidance effort.
Would you be surprised if I told you that nearly 40% of all data leaks within the past 3 years have happened between January 1st and April 15th?
According to the DataLoss Database there have been 2,402 data loss incidents reported between 2007 and 2010, and 916 of them happened during tax season.
Important questions companies should consider:
- What kind of access is being granted to third parties, like auditors?
- How are third parties handling and protecting your business-critical information?
- What tax-related documents are being sent internally and externally – without a lock-and-key?
There is a critical need for visibility and security when handling sensitive documents either internally or with third-party providers – or with anyone else, for that matter. Organizations must make it a priority to first identify the confidential information floating around its systems, people and between partners. Then carefully consider where that data lives, who has access to it, and what policies should be implemented to ensure that it’s handled safely.
Did you know that Managed File Transfer solutions have become the most widely used mechanisms for integrating your applications and processes with those of your customers and partners?
Are you feeling frustrated by your middleware’s inability to handle data or large files?
Join us to learn more about how MFT can gracefully extend your Enterprise Service Bus (ESB) suite and integrate into your existing enterprise technology. We’ll also cover the governance benefits of integrating MFT with B2B processes and applications (such as governing your file transfers can solve 60-70% of your compliance and regulatory issues).
- Speaker: L. Frank Kenney, VP of Global Strategy at Ipswitch
- Date: Wednesday, March 16, 2011
- Time: 11:00AM ET
We’ve got some fresh stats and trends to share from data that we collected at the recent RSA Security Conference. Many thanks to the “statistically significant” number of people that took the time to fill out our survey questionnaire.
Our survey results highlight some major security and compliance concerns for businesses – information security, visibility and policy enforcement remain a major problem in 2011. Here are a few key data points:
- 65% have no visibility into files and data leaving their organization
- >80% use easily lost or stolen portable devices like USB drives and smartphones to move and backup confidential work files
- >75% send classified documents as email attachments – including payroll, customer data and financial information
- >25% percent have purposely used a personal email account (like yahoo or hotmail or gmail) instead of their work accounts as a way to hide their file transfer activity
- 55 percent said their companies provide – but do not enforce – policies and tools around sharing sensitive information
The fact that so many companies admittedly lack visibility into the files and documents that are moving around and leaving their organization is pretty scary. How can an organization protect information that they don’t know even exists? Clearly, increased focus is needed to first identifying sensitive data and then protecting it – These critical information security components should be carefully baked into an organizations security, governance and compliance initiatives.
Lastly, I’d like to vent on the last data point for a minute. Policy creation simply isn’t enough…. the enforcement of that policy is the critical step. Writing down a policy but not enforcing it is just as risky as not having documented the policy in the first place. Creating the policy is a good start, but please please please don’t stop there.
WS_FTP Server can now be configured to support automatic, unattended failover, enabling your organization to easily achieve high availability for your file transfer processes. Not only will you increase system uptime, reliability, and performance, but you will now be able to provide uninterrupted access to file transfer users – all critical for helping your company deliver exceptional business performance and meet service level agreements around availability.
Take a quick minute and watch Ipswitch’s Jonathan Lampe share his thoughts on our new failover capability for WS_FTP Server: