Symantec 2010 State of Enterprise Security Survey Reveals Escalating Data Loss and Security Risks in Singapore Enterprises with Consumerisation of IT
- 76 percent of Singapore enterprises surveyed are unprepared in managing and governing the use of social media tools
- 100 percent of respondents feel that social networking sites, blogs and podcasts pose high security threats to the enterprise network
- 66 percent of Singaporean organisations surveyed have not implemented any form of DLP (data loss prevention) system
SINGAPORE - July 28, 2010 - Symantec Corp. (Nasdaq: SYMC) today released the findings of its Enterprise Security Survey 2010 - Consumerisation of IT in the Workplace. The study highlights that despite social media tools being frequently used in the workplace, 76 percent of Singapore enterprises surveyed are still unprepared and do not have an organisation-wide policy governing employees' access or use of these platforms. The study also reveals the number of employee-owned endpoints is growing, given the fact that more employees are using their personal devices to access corporate networks, either at the workplace or while working remotely. This mirrors the evolving concept of the "office", as it transforms from being a location to an activity. However, even as more employees are embracing this new notion, 67 percent of respondents felt that employee-owned endpoints compromise security and increase data loss threats.
The study also brought to light that 100 percent of respondents surveyed have indicated that they are extremely concerned with the loss of confidential/proprietary data. Despite this, 66 percent of the respondents have not implemented any form of DLP (data loss prevention) system.
"With the increasing ‘consumerisation of IT' and mobility of employees, it is evident that many companies are still not adequately prepared nor equipped to deal with the growing popularity of Web2.0 tools. This creates security gaps in business processes, increasing the likelihood and extent of data loss threats," said Unmesh Deshmukh, director, Endpoint Security Sales, Asia Pacific and Japan, Symantec. "From the survey findings, it is clear that there is an urgent need for companies to address these issues and take action to reduce the level of security and data loss risks that they are exposed to. Enterprises need to understand what and how endpoints and social media tools are being used in their organisations, identify where and how their sensitive data is being stored and accessed, and establish standards and data security policies to manage, govern and enforce compliance across the corporation."
- Enterprise IT is increasingly becoming consumerised
The official use of consumer technology and social media tools has become prevalent in Singapore enterprises. The survey found that respondents are using social networking sites, like Facebook and LinkedIn (67 percent), Windows Live Messenger and Yahoo Messenger (33 percent respectively), blogs (33 percent) and micro-blogs, such as Twitter, (33 percent). As adoption and usage of such real-time communication tools continue to grow and flourish, enterprises are concerned about the security risks that they bring about. 100 percent of the respondents feel that social networking sites, blogs and podcasts pose as high security threats, and over 60 percent indicated likewise for instant messaging tools and micro-blogging.
Even though all surveyed respondents perceive social networking sites as high security threats, only 33 percent feel unprotected against it. Podcasts at 100 percent emerged as the top threat to the enterprise network, according to the survey. 67 percent and 33 percent of respondents have indicated that they feel unprotected using blogs and micro-blogging platforms, respectively. Despite these sentiments, a majority of Singapore enterprises remain unprepared and unprotected.
- Employees are accessing information from more locations and devices
As employees become increasingly mobile, they need to access the corporate network remotely on personal devices. Organisations are empowering employees to access, modify and disseminate company information - often stored on the cloud - via their laptops or smartphones. Aligned with this trend, the study revealed that the number of endpoints in Singapore enterprises is growing, led by Windows-based laptops (66 percent) and smartphones (33 percent). Surprisingly, even as more smartphones are being deployed, only 33 percent of Singapore organisations have implemented standardised endpoint configurations for these devices. Overall, although 67 percent of respondents feel that employee-owned endpoints comprise security, only 33 percent have put in place integrated endpoint security processes. 66 percent of the organisations that participated in the survey indicated that they are planning or considering endpoint virtualisation for enhancing productivity and cost-savings.
- As enterprise IT becomes more heterogeneous, data loss threats increase
Consumerisation of IT and the increasing use of employee-owned endpoints are causing an explosion of unstructured data. The growing heterogeneity of enterprise IT environments is making it more difficult to manage and secure information. The study indicates that 100 percent of Singapore enterprises have experienced theft of intellectual property. Loss of confidential and proprietary data and downtime of corporate environment are also prevalent at 67 percent respectively. As a result, 50 percent have lost revenue, incurred direct financial loss and suffered from customer loss and damaged customer relationships.
To manage security risks, it is critical for enterprises to establish and put in place protocols and policies to monitor, manage and govern the use of consumer devices and platforms within the workplace. Comprehensive, sustainable data loss prevention (DLP) programs must be implemented to enable organisations to measurably reduce the risk of a data breach, demonstrate regulatory compliance and safeguard customer privacy, brand equity and intellectual property.
About the survey
The study is based on surveys of CIOs, CISOs and IT management from 100 enterprises in Singapore.
About Business Solutions from Symantec
Symantec helps organizations secure and manage their information-driven world with IT Compliance, discovery and retention management, data loss prevention, and messaging security solutions.
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organisations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com
NOTE TO EDITORS:
If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.