The survey of 250 IT Managers found that a staggering 23% stop a breach every day. A data breach can be the result of an attack on the network, or an employee inadvertently sending or taking information out of the corporate network without adequate care.
The survey also spoke with 1,000 employees, 41% of whom believe IT security is solely the IT department’s responsibility – A further 37% say they have a role to play in IT security too. Even though so many employees seemingly abdicate themselves of responsibility for IT security, a fifth of IT managers want to be able to empower them to use personal devices to access work documents. Interestingly only 36% felt such access should be restricted to approved employees.
IT managers also rated employees as the second biggest risk behind hackers to security (24%). Employees also agreed they were a risk with 17% freely admitting they are “somewhat likely” to open an attachment from an unknown sender. It only takes a single action by one employee to lay the crown jewels bare. Unprotected devices are also a big risk; with an ever increasing attack surface from networked devices, the network is at a greater risk than ever before from a combination of internal and external threats.
A breach of data, can be loss as much as theft; The proliferation of mobile personal devices and their use for accessing work documents has not left IT managers feeling comfortable. The last line of defence from internal and external threats is encryption, but it has become complex to manage across enterprise and personal devices, on-premise infrastructure and cloud services – a deeply complicated multifaceted environment. It is not simply a case of managing ‘what’ is encrypted, but also the encryption keys themselves, which must pass seamlessly between different operating systems, hardware and standards, in a way that is frictionless: enabling business and the productivity of employees.
All the firewalls in the world can’t overcome the fact that human error can carve a huge hole to the heart of a business, whether losing a device, or becoming a victim of a phishing or malware attack. Encryption is the last line of defence against human error and the complexity and distributed nature of modern IT systems.
Andreas Jensen, Enterprise Director for EMEA at WinMagic commented, “Encryption itself can be a complex task open to human error. IT managers must recognise this and ensure they have the processes and tools in place to facilitate effective encryption across the entire device estate. Devices change and move as much as the data itself and encryption is not a tick box task. By using automation and effective tools, businesses can ensure that the last of defence from hackers and human error, is robust and minimizes the chance and impact of a data breach.”