With the era of big data now in full swing, organizations are generating and storing more information than ever before. As advanced analytics continue to deliver innovative breakthroughs and represent a competitive differentiator in the business world, the appetite for data collection will only likely increase. But as this trend accelerates, experts continue to question whether or not data protection measures can keep pace.
Despite all the clamor and concern around data breaches and privacy intrusions that have crossed the newswires in the past 18 months, evidence would suggest that lasting progress has been hard to come by when it comes to addressing vulnerabilities in these areas. In the latest industry survey conducted by software vendor Varonis, just 30 percent of respondents governing third-party data were "very confident" in the way their organizations were protecting the most sensitive information. In fact, approximately one if five acknowledge that they were "not confident at all" in their data security standing.
This admission came as a bit of a surprise to researchers. Not only could careless or inconsistent data protection plans lead to the regrettable loss or leak of consumer information, such as credit card numbers or insurance records, but companies have been vehemently warned that regulators are prepared to come down on them harder than ever. Aside from the increased frequency of regulatory audits, punitive measures could force companies to forfeit as much as 2 percent of global revenue for their negligence.
"It's worrying that so many companies are still complacent when it comes to data protection. It means that these organizations would have some serious questions to answer should they suffer a breach," explained Varonis spokesman David Gibson.
These indicators are all the more concerning as data collection and analysis transitions from backroom procedures to focal points of business strategy in some cases. Just this month, the largest U.S. retailer, Walmart, acquired startup Social Calendar. According to the Guardian, Social Calendar's popular Facebook application boasts more than 15 million registered users and generates an average of 10 million email reminders each month. However, this relatively harmless birthday-reminder utility has taken on a new dimension since its databases are being cross-referenced with those of the massive retailer to generate detailed customer profiles.
"From the status updates, friendship connections and preferences generated by Facebook and Twitter to search strings on Google, location on mobile phones and purchasing history on store cards, this is data that's too big to compute easily, yet is so rich that it is being used by institutions in the public and private sectors to identify what people want before they are even aware they want it," Guardian columnist Aleks Krotski wrote.
As civil liberties advocates and individual consumers wise up to surreptitious data collection practices and demand new terms and privacy expectations, companies must prove themselves trustworthy stewards of sensitive information if they hope to retain business.
According to the Varonis research, there are valuable lessons to be learned from those that have been comparatively more successful in their data protection efforts. Among the survey respondents that were very confident in their practices and protocols, 60 percent were also very confident of the exact location in which the most sensitive data was stored. With that information in hand, they would naturally be better prepared to set up advanced barriers and diagnose the potential severity of a network intrusion based upon location.
Approximately four in 10 respondents from that segment also monitor all access activities and assign each folder and intranet site to a specific owner. This blueprint of accountability and visibility is surely one that can be modeled for improved data security reputations.
Data Security News from SimplySecurity.com by Trend Micro