Data is a corporate asset- yet, unlike almost every other asset, it is often unguarded. It would be inconceivable for corporations to leave millions of dollars in company funds on the staff lunchroom table, yet employees often have similar access to critical corporate data. Corporations frequently assume they can trust employee behavior and judgment- even though data leakages can result in significant financial loss.
Without proper tools, many corporations lack the means to regulate employee access to data and enforce policies regarding data use. As a result, these corporations are exposed to financial, security, and regulatory risks.
How Safe is Your Data?
While we would all like to assume the professionals in our employ comply with security policies, this assumption invariably puts critical information at risk. Employees do engage in a wide range of behaviors that threaten corporate data, frequently without recognizing the threat these behaviors may pose to corporate revenue or reputation.
In 2008, InsightExpress conducted a study surveying a total of 2000 IT professionals and employees from 10 different countries; each country was selected to represent variance in social and business cultures. Across the board, the research concluded that employees worldwide are regularly engaging in behaviors that put corporate data at risk (Cisco).
Among the findings:
- 46% of employees admitted to transferring files between work and personal computers.
- More than 75% of employees do not use a privacy guard when working in a public place.
- 44% of employees share work devices with others without supervision.
- 39% of IT professionals have said they have dealt with an employee accessing unauthorized parts of a company’s network or facility.
The prevalence of specific risk-taking behaviors varied by the country of the respondents; for example, employees in Brazil commonly use business computers for personal activities, such as downloading music- and only 16% of employees in France claim they adhere to security policies at all times (Cisco).
Data Loss on the Rise
These risks are not without consequence. According to the KPMG Data Loss Barometer from 2012, incidents of corporate data loss have increased by 40% since the previous year (KPMG). Of the IT professionals surveyed for InsightExpress’ research, 70% believe that the use of unauthorized programs resulted in as many as half of their company’s data loss incidents (Cisco).
Greg Bell, a partner at KPMG LLP notes: “If a laptop with a formula for a new cancer drug is stolen, it could have the potential for a billion dollar loss to a company’s future revenue. Similarly, if a laptop is lost with health records for two million patients, it could be a reputational mark from which they can’t recover” (NetSecurity).
Managing access to data and its associated analysis is the first step corporations must take to ensure that their trade, risk, and operational activities are in line with internal policy and contractual obligations.
The Safe Solution
ZEMA’s administrative functionality allows organizations to discretely assign data access to users and report on those entitlements and usage patterns. Corporations can have peace of mind knowing they are compliant to their contracts with external data suppliers and can easily associate costs to their use of that data.
ZEMA enables you to securely access data, and manage users and groups- and report on entitlements and usage patterns. You can easily manage internal and external data, and set expirations on data access.
ZEMA provides the framework needed to ensure that organizations protect and manage their information assets and restrict access to only those with permission to use the data.