Ipswitch Uncovers Major Information Security Hole:
83% of IT Executives Surveyed Lack Visibility into Files Moving
Both Internally and Externally
File Transfer Visibility, Management and Enforcement is Critical
to Protecting Sensitive Information
Lexington, MA - March 30, 2010 – Enterprises are failing to protect sensitive information moving internally and externally. A new study by Ipswitch, Inc., the secure, managed file transfer company, found that more than 70 percent of IT executives surveyed at the RSA Conference earlier this month have absolutely no visibility into files moving out of their organizations. A full 64 percent said that they have no visibility into files moving internally, either.
"With hundreds of data breaches over the past five years resulting in multi-million-dollar consequences, it's hard to believe that organizations still don't have the right solutions in the right places to protect sensitive information," said L. Frank Kenney, VP of Global Strategy at Ipswitch File Transfer. "You may be investing heavily on business applications and their inherent security requirements but if you're not monitoring and enforcing policies with respect to the information moving both internally (between business applications and people) and externally (between you and your business partners and collaborators), the consequences are dire."
Is Your Business-Critical Information Walking Out the Door?
USB flash drives, removable disk drives and cell phones are making it easier than ever for employees who need to transfer large files – and harder than ever for companies to monitor and protect sensitive information. Nearly 90 percent of survey respondents admitted to using thumb drives or other external devices to move work-related files – posing a huge security risk to organizations.
"Portable devices are far too easily lost or stolen," said Kenney. "And while most employees have good intentions, USBs are one of the easiest ways for insiders to compromise business-critical information. IT managers need to make it easier for people in their organization to move information securely. By decreasing reliance on transferring physical media and focusing more on easy-to-use browser-based or email plug-in solutions, information will be better governed."
A 2009 study by the Ponemon Institute of nearly 1,000 recently terminated individuals revealed that:
- 42 percent used USB memory sticks to take business data
- 38 percent sent documents as attachments to personal email accounts
Ipswitch, which helps organizations address the critical need for end-to-end visibility, management and enforcement around sensitive data, found that 66 percent of survey respondents admitted to using personal emails to send work-related files. The result: no security, no audit trail, and no visibility into what information is being sent, to whom, when. In addition, more than 25 percent admitted to sending proprietary files to their personal email accounts, with the intent of using that information at their next place of employment.
Information Security Mandate: Establish and Enforce Policies around File Transfer
Nearly half of the IT executives surveyed said that their companies do not provide employees with a fast-and-effective way to securely send files, forcing employees to rely on removable devices and personal email accounts to bypass size limitations imposed by applications like Microsoft Outlook. Only 49 percent of respondents work at companies that have established policies for sending files internally, and only 53 percent work at companies that have set policies for transferring files externally.
"Companies can't enforce policies that don't exist," said Kenney. "Protecting sensitive information requires enterprise-wide visibility and management of files moving person-to-person, person-to-machine, machine-to-machine, internally and externally."
Ipswitch File Transfer solutions are used by thousands of retail, financial services, healthcare, media and manufacturing organizations worldwide to:
- Quickly and securely share files
- Create and enforce policies around sending files
- Enable complete visibility into all file sharing activities for company-wide compliance and governance
- Proactively monitor and manage file-sharing interactions, both internally and externally
Ipswitch's VP of Global Strategy, L. Frank Kenney, discusses the survey:
About Ipswitch File Transfer
Ipswitch File Transfer is a global technology provider that builds solutions to securely move your valuable data. We enable companies and people to better manage their data interactions when visibility, management and enforcement matter. Our managed file transfer solutions deliver the control necessary to enable governance and compliance for our more than 40 million global users – including the majority of Fortune 1000 enterprises and government agencies. These organizations trust Ipswitch File Transfer solutions to secure, manage, automate and streamline their critical and highly sensitive file transfers and data workflows. Learn more at www.IpswitchFT.com or to contact us at www.IpswitchFT.com/company/contact.aspx, on LinkedIn or Twitter.
i RSA Conference helps drive the information security agenda worldwide with annual industry events in the U.S., Europe and Japan. The Ipswitch survey was conducted of over 100 conference attendees during the San Francisco event in March 2010.
# # #
Ipswitch, MOVEit, WhatsUp, and WS_FTP are registered trademarks of Ipswitch, Inc. IMail Server, MOVEit Central and MOVEit DMZ are trademarks of Ipswitch, Inc. All other product names are the property of their respective owners.