New research reveals that, for 48 per cent of IT practitioners in the UK, sensitive personal data contained in their company’s databases and applications has been compromised or stolen by a malicious insider. The majority also agree that they find it difficult to comply with privacy and data protection regulations in production and development environments.
Under the terms of the UK Data Protection Act, the Information Commissioner’s Office (ICO) has taken a tougher approach to handing out penalties for information breaches for the year up to June 30, 2012. Recent figures from the ICO reveal that it issued a record 68 warnings, up 48 per cent from 46 during the previous year. Yet, despite the risks of data breaches, the research from Informatica reveals that, of the 532 senior IT and IT security practitioners surveyed – 65 per cent of whom work in organisations with a headcount of more than 1,000 – organisations are still struggling to get a grip on their data.
Widespread vulnerabilities, inadequate budgets, and difficulties complying with privacy and data protection regulations are proving the biggest challenges.
· 59 per cent admit they are not confident that they would be able to detect the unintentional loss or theft of sensitive personal information contained in databases or applications in the production environment.
· Nearly half of respondents say sensitive personal data contained in their company’s databases and applications has been compromised or stolen by a malicious insider.
· 71 per cent find it difficult to restrict user access to sensitive information in the IT and business environments.
· However, only 25 per cent of respondents say they have adequate budgets to invest in the necessary solutions to reduce the insider threat.
“Beyond the threat of hefty fines, UK organisations need to deal with the impact of data breaches on hard-won consumer trust,” said Adam Wilson, general manager, ILM, Informatica. “The risks are compounded by the differences in data privacy laws across countries in the EU as well as complexities of protecting data in the cloud. Informatica enables organisations to face these challenges by providing jurisdiction aware data masking and masking for cloud applications such as Salesforce.com.”
In addition to the risk from internal staff and company processes, the research also highlights significant threats to data that is shared with third parties, including cloud providers. According to Gartner, cloud computing is forecast to grow 19% in 2012, a faster rate than overall IT spending. Yet an alarmingly high proportion of respondents surveyed claim their organisations are not adequately protecting sensitive corporate and customer data in the cloud.
