Misuse, but not malicious

Share this story:Twitter0LinkedIn0Google+0Facebook0

I recently blogged about some pretty alarming statistics from the newly published 2010 Data Breach Investigation Report.

Let’s take a closer look at the 48% of breaches that involved privilege misuse.

I guarantee you that a large chunk of employee misuse is 100% non-malicious.  In many cases, it’s the hardest working and most dedicated employees that feel forced to find their own way – any way – to get the job done because they were not provided the appropriate tools.

Over the last year I’ve spoken to well over 100 people that admitted to many of the items in the chart above.

In fact, I’m sure many of you blog readers have used a personal hard drive to temporarily store company data because you simply want to back-up your important work files.  What about copying company files to a USB/DVD as a convenient way to transport data — or even subscribing to a file sharing website or using your personal email account — simply because you can’t send or receive large files from your work email account?  And how many of you access company email or files from that shiny new smartphone of yours?

And you know what, I’m guilty too.  But with total non-malicious intent I assure you.  :-)

This entry was posted in Auditing, Compliance, Data Breach, Enforcement, File Security, Managed File Transfer, Security, Visibility and tagged , , , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Leave a Reply