As companies are growing more adept at producing and storing large amounts of data, their habits for securing and protecting the information haven't quite caught up, according to a new report from risk and business consulting firm Protiviti.
Analysts with the company recently polled IT executives, managers and other personnel for the Current State of IT Security and Privacy Policies and Practices Survey. Results of the survey revealed several areas where organization are excelling with big data, as well as others where they are falling short of meeting the new tech trend's many challenges.
Among the most glaring areas where some work needs to be done is companies' understanding of what constitutes sensitive data and what needs to be accomplished in terms of data security.
Nearly a quarter of respondents said that senior management has "limited or no understanding" of the difference between sensitive and other data. More encouraging, however, is the fact that 26 percent of respondents said management has an "excellent" understanding of sensitive information.
With knowledge of what information is confidential, companies are better able to target data security solutions where they are most needed.
"This basic understanding of what constitutes 'sensitive' is absolutely critical because it sets the tone for how data is treated in every phase of its lifecycle ‑ from collection to destruction," Cal Slemp, managing director and head of Protiviti's IT Security and Privacy practice, said. "Without this foundation, companies open themselves to needless costs and legal, regulatory and reputation risks.
Having a keen understanding of the information the company stores will also aid executives and managers to carry out a data-centric approach to security, which is now recommended as a best line of defense.
By applying security measures at the data level, it's assured that protection will remain with information no matter where it travels or how it is used. This type of approach is now necessary given the increasing number of endpoints – including traditional desktop PCs, laptops, smartphones and tablets, among others – employed by end users.
Encryption is one of the most commonly known and used forms of data-centric security. And though the technology has been around for decades, companies are just now embracing it, according to a recent report by the Ponemon Institute. The firm's latest study revealed that, for the first time ever, there are more companies now using encryption than those that aren't.
Data Security News from Trend Micro