Any time data is set into motion – accessed in an unconventional way, forwarded to a co‐worker, sent to a printer, etc. – data security is put at risk. Managing (and controlling) data‐in‐motion is a requirement for businesses to function effectively and efficiently. At the same time, it is also a growing data security threat that requires proactive data loss prevention solutions.
Data loss (or leakage) occurs in every organization either unintentionally or maliciously. In fact, according to the Ponemon Institute, 3 out of 5 organizations have experienced a data loss or theft event, and approximately 9 out of 10 data loss or theft events go unreported.
In addition, all types of data are vulnerable. Why? More and more employees rely on email for business communications and they use email as a central filing system where they store the bulk of their critical business information. This dramatically increases the probability of leaking sensitive or confidential data. All it takes is for a recipient’s email address to be misspelled or an incorrect key to be pressed by an employee and a message containing confidential information ends up in the wrong hands. All of us can relate.
At some point or another, we have pressed the send button a little too hastily and realized, after the fact, that our email ended up in an unintended recipient’s inbox. In addition, advances in technology make it even easier for this inadvertent data loss to occur. For example, Microsoft Outlook Autocomplete Email Address feature adds a great convenience to our email experience, but if you start typing “firstname.lastname@example.org” and the system automatically picks up the first “susan” as being “email@example.com” without you noticing that data can end up in the wrong hands and could have a detrimental effect on your business.
Data loss can be attributed to many factors such as computer loss or theft, hacking, malware, network exposure, and more, and many of these reasons for data loss can be avoided. To prevent data loss, an organization needs to have a comprehensive data loss prevention solution in place that not only protects networks from inbound threats to data, but also outbound data loss prevention measures need to be addressed to prevent confidential consumer, personal, and sensitive corporate information from exiting the organization.
So what’s the Cost of a Data Breach?
Data loss becomes a significant problem and risk as organizations are trying to meet and manage regulatory and internal compliance and control requirements, including:
- Government & Industry Compliance Regulations: e.g. HIPAA, PCI, GLBA, SOX, etc.
- Internal Policies: C‐level rules, sensitive and confidential information
- Acceptable Use: HR policies, sexual harassment and legal violations that can occur in messaging
- Intellectual Property: Trade secrets, sales reports, financial statements, sales or business plans, etc.
Getting caught losing sensitive data is expensive, disruptive, and damaging to carefully nurtured corporate images. There are significant hard costs to non‐compliance in mitigation and remediation to affected individuals such as auditors and board members not to mention regulatory fines and fees to support increased audits. However, often unappreciated are the soft costs to brand equity and competitive advantage which result in lost customers. Enterprises are penalized in both the court of law and the court of public opinion.
If sensitive information is exposed, it’s not only the millions of dollars to fix that breach that costs the company, it can wreak havoc on the company in other ways, such as:
- Negative PR
- Brand erosion
- Loss of consumer confidence
- Loss of business partner confidence
- Regulatory fines
- Stock market loss
- Legal fees
- Implementation of internal processes
Whether your data loss is accidental or malicious, you need to gain insight into the magnitude of your data loss problem, identify security gaps, and develop a proactive approach to prevent data loss before it happens. The vast amount of potential avenues along with the wide array of privacy and security requirements has escalated data loss prevention to become a critical issue that can only be addressed by comprehensive data loss prevention tools that are used to accelerate business, protect your organization, and ensure privacy. Organizations can no longer afford to ignore data security. The day when the fall‐out from one data loss incident is sufficient to bankrupt a business may not be far away. Don’t let it be yours!