Everyone talks about security, but it seems that security and data breaches are in the news more than ever. Janco Associates Inc., a Park City, Utah-based management consulting firm, reviewed more than 100 instances of security and data breaches and found a number of core factors contributing to their occurrences:
- Data volumes and velocity of change are increasing at an exponential rate. In many companies, data is so voluminous, so disorganized and dispersed so frequently that IT departments aren't sufficiently staffed to implement standard security standards.
- IT departments are reactive, not proactive. IT departments tend to respond to problems after the fact versus identifying solutions before a problem occurs, largely due to a lack of resources.
- Users do not want to change or add processes. There is a wariness toward deploying yet another set of rules and tasks to follow on each smartphone, desktop and laptop that might add procedures, hog processor cycles, require frequent updates and slow down users as they try to do their jobs.
- Complexity of security compliance. Devising and implementing a comprehensive, viable security policy may get in the way of traditional business practices, requiring the involvement of not just IT but also human resources, finance and legal teams, and business unit managers.
- Addressing 20% of the problem versus 80%. Many companies focus on intentional data leakage. In reality, though, most data leakage occurs when there is a lapse and simple, proactive steps (such as enciphering sensitive files on laptops and ensuring that only authorized individuals access sensitive information) could have prevented the problem in the first place.