Enterprise Data Loss Continues at Alarming Rate

A plethora of social media tools, increasing adoption of mobile devices being used for business, and the economic downturn are posing serious challenges for organizations looking to keep confidential company and customer data within company walls.

Email leads the way as the number one method confidential company information is leaked in large enterprises, while social media tools and mobile devices are becoming a major threat, according to a recent study.

The study commissioned by Proofpoint found that 35 percent of the companies surveyed had investigated a leak of confidential or proprietary information that had occurred via email in the past 12 months.

At the same time, the number of data loss events associated with social media channels continued to increase. Employee misuse of email, mobile devices, and popular social media tools including Facebook, LinkedIn, Twitter, video sharing sites as well as forums and blogs resulted in an increasing number of disciplinary actions—including termination—as enterprises demonstrate increasing concern about securing sensitive data.

The recession has increased the risk of data loss due to job losses and limited budget constraints. The results of the survey showed that 21 percent of companies investigated a suspected leak or theft of confidential or proprietary information associated with an employee leaving the company. Additionally, 58 percent of respondents said that budget constraints have negatively impacted their organization’s ability to protect confidential, proprietary or sensitive information.

While email was the number one culprit for data loss in these organizations, mobile devices are what’s scaring IT security professionals the most, with 64 percent saying they are “highly concerned” about this risk of data loss from mobile devices.

Additional Key Findings in the Report:

- 36% of respondents said their organization was impacted by the exposure of sensitive or embarrassing information in the past 12 months.

- 7% of companies terminated an employee for social networking policy violations.

- 11% of companies terminated an employee for blog or message board posting policy violations.

- 20% terminated an employee for violating email policies. 50% disciplined an employee for such violations.

- 25% of companies investigated the exposure of confidential, sensitive or private information via a blog or message board posting.

- Survey respondents estimate that as many as 20% of outbound email messages contains content that poses a legal, financial or regulatory risk.

“The level of concern and anxiety about corporate data loss is on the rise, and the recession has only increased the pressure on companies to enforce corporate email and social media policies. It’s no longer just an IT department concern. We’re seeing C-level executives and management paying attention as data loss becomes a very real, public threat to companies.” Gary Steele, CEO, Proofpoint.

Proofpoint’s Outbound Email and Data Loss Prevention in Today’s Enterprise, 2010 report is based on a survey of 261 email and messaging decision makers at US enterprises with more than 1000 employees and conducted in June-July 2010.