From the Desk of Mohamad Afshar, PhD

Mohamad Afshar

Subscribe to Mohamad Afshar: eMailAlertsEmail Alerts
Get Mohamad Afshar: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: PC Security Journal, Security Journal

News Feed Item

45 Percent of Employees Take Data When They Change Jobs; Information Security Survey Shows Vulnerability of Corporate Information and the Use of Inefficient Business Processes

Survey Commissioned by Enterprise Rights Management Leader Liquid Machines Outlines Risks Associated With Intellectual Property

WALTHAM, MA -- (MARKET WIRE) -- 05/17/07 -- Nearly half of professionals across a broad range of industries have taken data with them -- anything from documents and lists to sales proposals and contracts -- when they've left a job. According to the global "Information Security Survey on Internal Threats," users don't see their company's IT security practices as obstacles to accessing data outside of their organization, with many employees taking company information when they change jobs. Additionally, the survey identifies inefficient business processes used when employees share sensitive electronic information with other co-workers or external partners.

The recent survey, conducted by online survey services provider Zoomerang and commissioned by enterprise rights management leader Liquid Machines, validates anecdotal evidence that corporations are not doing enough to control access to sensitive electronic information. The research showed that some 45 percent of respondents have taken data with them when they've left a job. While some have simply e-mailed data to a personal address, in many cases, they've had the ability to take vast amounts of data with them right from their desktops via peripheral storage devices. Eighty-seven percent of those surveyed are allowed to use flash drives, while 69 percent can use external hard drives. Even MP3 devices, in use by 46 percent of respondents, can be used as external hard drives.

"Companies remove employees' physical access to the office and network, but are not expiring access to sensitive documents, files and e-mails that leave the enterprise," said Mike Ruffolo, CEO of Liquid Machines. "With inside threats posing such an obvious risk to the business, CIOs must implement solutions that add protection and control directly to the electronic information, expiring access to sensitive information regardless of where it exists -- inside or outside of the enterprise network."

More than 900 professionals in a wide range of industries completed the survey over a one-month period earlier in 2007. A Research Brief providing detailed information on the findings is available at www.liquidmachines.com/infosecuritysurvey.

Perimeters are Safe; What Lies Inside May Not Be

Information security is inherently the exercise of a defensive mindset riddled with a healthy sense of paranoia. Traditionally, the solution has been to defend the perimeter from "the bad guys" and rely on end users to participate in the process, with the hopes that they will accept a few inconveniences for the common good.

However, the findings of this survey show that the greatest security problems may be at a more fundamental level than the network's perimeter -- the real problems may be with the information held within the networks, at the document level. The network perimeters may be safe, but most end users are accessing and sharing information in potentially dangerous ways; are taking information with them when they leave jobs; and are wary of where information may end up when forwarding documents electronically.

Employees turn to inefficient means of protecting electronic information.

With the laissez-faire attitude among many of the respondents about the portability of data from one job to another, many employees are wary of their co-workers' and partners' use of sensitive information -- to the point that 39 percent of respondents have printed a document to prevent it from being forwarded electronically.

More than half the respondents believe the competition is stealing their IP.

With so many admitting to taking data with them when they leave jobs, it's no surprise that 53 percent of respondents believe their company's IP is being used by the competition. Among manufacturing employees, a whopping 71 percent believe their competition has used its intellectual property; technology employees agree with this statement 63 percent of the time.

Nearly a third of respondents believe more than half of their company's data is at risk.

Despite concerns around IP theft, 32 percent of respondents believe that more than half of their company's data would be at risk if it escaped the network or confines of their office. Technology (43 percent) and manufacturing (39 percent) employees believe their companies' risks are greatest.

Nearly half of respondents believe the security is lacking.

Some 42 percent of respondents believe that security in place at their companies is non-existent, not strong enough, the wrong type of security or too restrictive. By industry, a full 50 percent of manufacturing employees fall into this camp, as do 48 percent of those working in technology.

About The "Information Security Survey"

The "Information Security Survey" is a global survey designed to provide insight into employees' attitudes around and approaches to document security. The fifteen-question survey was completed over a one-month period by more than 900 individuals who were invited to participate by Zoomerang, an online survey services provider.

While the survey was international in scope, a full 84 percent of respondents reside in the United States. Respondents primarily worked in information technology (60 percent), sales and marketing (9 percent) and engineering (5 percent). While more than 15 categories of industry were represented among the respondents, those pulling in more than 10 percent included financial services (24 percent), technology (14 percent) and manufacturing (10 percent).

A Research Brief providing detailed information on the findings is available at www.liquidmachines.com/infosecuritysurvey.

About Liquid Machines

Liquid Machines is the leading provider of Enterprise Rights Management (ERM) solutions that persistently protect critical business content and audit usage while enabling collaboration. Liquid Machines' Document Control and Email Control solutions allow companies in the consulting, financial services, government, manufacturing, and healthcare industries to share information securely, within any application, wherever it goes, throughout its lifecycle. Liquid Machines ERM solutions help enterprises satisfy today's ever-increasing information security regulations such as Sarbanes-Oxley, NASD 2711, HIPAA and others, as well as implement and practice internal mandates for intellectual property security, product version control, or clinical data protection.

Based in Waltham, Massachusetts, Liquid Machines is privately held and is backed by Atlas Venture, Masthead Venture Partners, Goldman Sachs & Co. and Draper Fisher Jurvetson. For more information on the company and our vision for The Freedom of Security™, visit us at www.liquidmachines.com.

© 2007 Liquid Machines, Inc. Product or company names mentioned herein may be the trademarks of their respective owners. The information contained in this document represents the current view of Liquid Machines, Inc. on the issues discussed as of the date of publication.

Media Contact:
Jeff Drew
fama PR
617-758-4145
[email protected]

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.