Dataguise has announced the findings of a new survey entitled ‘Strategies for Securing Sensitive Data.’ In the survey senior IT decision makers were questioned on the topic of sensitive data security, including technologies in use, impacts to businesses when failures occur, and accountability after such events. The survey participants represented firms from a wide variety of industries that were chosen for the intensity at which they consume data. Conducted between March and April of 2016, the survey uncovers several truths about sensitive data management, risks, and increasing budgets for improving IT security infrastructure.
In March 2016, Dataguise commissioned Gatepoint Research to conduct an invitation-only survey of 100 enterprise IT executives regarding strategies for securing sensitive data. Candidates were chosen from a wide range of industries, including financial services, healthcare, manufacturing, business services, consumer services, retail, media, and education. 54 percent of those that completed the survey work for Fortune 1000 organizations with revenues over $1.5 billion. 20 percent work for medium to large firms whose revenue is between $250 million and $1.5 billion. 26 percent are employed by small enterprises with less than $250 million in revenue.
Observations and conclusions of the 13 question survey included the following:
- Companies are transitioning toward big data frameworks, including cloud-based environments such as Microsoft Azure HDInsight. 28 percent of respondents report more than a year of experience with these big data repositories and another 38 percent are in various stages of adoption.
- Data security challenges often have a negative impact on organizations with 73 percent reporting that data security concerns terminate or delay data-driven business initiatives.
- Companies use multiple security solutions to protect sensitive data, with 82 percent using network monitoring, 80 percent leveraging data encryption, 79 percent implementing access controls, 69 percent installing perimeter controls, 63 percent using volume and file encryption, and 43 percent implementing data masking.
Even with multiple layers of security in place, less than half of all respondents did not believe that their data was secure with only 47 percent of respondents confident that their sensitive data throughout their organization was safe. Furthermore, it was revealed that sensitive data within organizations can be widely accessed by a large number of individuals. In addition to 80 percent of respondents indicating that their IT teams had access to sensitive data, 40 percent said test and development teams also had access and 29 percent indicated that end-users throughout the enterprise maintained the ability to view this information. Finally, while 62 percent of those surveyed said their firms passed security audits, 11 percent failed and 20 percent were unclear if they passed their audit or not.
Identifying where the buck stops when unauthorized access to sensitive data occurs, the survey also asked who would be held accountable if the organization encountered a breach. 88 percent of respondents said that their IT security team (including the CISO/CIO) would face scrutiny. 47 percent said their CEO or board of directors would be placed with the responsibility. 38 percent of organizations would point to the chief data officer (CDO) for the breach and 24 percent would fault the user or users who created the data. The takeaway here is that IT security teams are at the greatest risk should a situation occur and must strengthen their data infrastructure to ensure the danger of unauthorized access remains low.A complete copy of the survey results is available for free download at: http://www.dataguise.com/strategies-for-securing-sensitive-data-survey-results/