Are You Prepared for BusiLeaks?

Mobile workforces, cloud computing and social networking pose significant threats to IT security.

In the era of WikiLeaks, it's no wonder that business executives are feeling less secure about their organizations' data. A recent study by Ernst & Young found that 60% of those polled perceive increased risk from the use of social networking, cloud computing and personal mobile devices at work.

"Organizations are operating in a world that requires borderless security," warns Bernie Wedge, an IT risk practice leader at Ernst & Young. "Information access by employees using mobile devices, or items that are maintained and accessed by customers, vendors or other business partners, are considered outside traditional borders. Therefore, companies must think about security beyond their employees, data centers and firewalls."

The study found organizations recognize the risks that come with emerging technology trends and are taking steps to protect information with stronger security programs. Half of the senior executives surveyed said they expect to spend more on data leakage/data loss prevention efforts over the next year. Still, facing continuing economic pressures, companies also want to reduce their overall IT spend and are looking to cloud computing services as a solution. The risk associated with cloud computing include data leakage; 52% of executives identified it as the largest associated risk. Some 39% cite the lost visibility of company data as an increased risk of cloud-based computing.

Information security is shifting from a technology-only approach to one that includes technology and people, the study shows. All employees have a role in information security and organizations need to clearly communicate their responsibilities. People and organizations "outside the borders of the traditional corporate environment play a role in helping to achieve information security objectives, but can also pose a risk to protecting your information," says Jose Granado, an information security expert at Ernst & Young. "A comprehensive IT risk management program must focus on people, processes and technology to address information throughout its lifecycle, wherever it resides."

See Also:
Finding the Business Case for Diversity
10 Key Challenges for CEOs

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish