Thursday, September 16, 2010

Companies are still not applying adequate controls

Protecting applications and databases key to IT security

The most effective data security approach involves technology to protect applications and databases alongside traditional approaches, a study has revealed.

The conclusion is based on a survey of over 1,000 IT security professionals at multinational companies by security firm Imperva and security research firm Securosis.

Respondents rated web application firewalls, network data loss prevention, full disc encryption, server hardening, and endpoint data protection as the most successful technologies in reducing the number of data breaches.

Malicious intentions are behind 62% of data theft with insider breaches comprising 33% and hackers 29%, while the remaining breaches were accidental, the survey found.

Nearly two-thirds of organisations either do not know whether they suffered any data breaches, or said they had not experienced any.

Of those companies that were hit by data breaches, 27% saw a decline in breaches, while 46% reported the same number of breaches as the previous year. This survey illustrates that data security as a practice is maturing. The survey is available online to enable security professionals to compare their data security practices with other survey respondents.

No comments: