Why do organizations need to step up their efforts to protect sensitive information on the increasing variety of endpoint devices? Three recent studies can help answer that question:
- According to the latest Symantec Internet Security Threat Report, theft or loss of computer or other data-storage medium was the cause of the most data breaches that could lead to identity theft during the second half of 2007, accounting for 57% of the total.
- A new report by Datamonitor in London found that IT managers are reluctant to take on the responsibility of managing the mobile devices that employees are increasingly using and integrating with enterprise applications. The report, “Enterprise Mobility: Trend Analysis to 2012,” claims that security concerns are the largest barrier to mobility deployments.
- A study released in May, 2008 by researcher TheInfoPro found that endpoint authentication technologies claimed the #1 spot in terms of “immediacy of user need” and planned spending by Fortune 100 organizations.
As the amount of information generated by businesses continues to increase and is stored on a growing number of endpoint devices that may be compromised, lost, or stolen, enterprises must have confidence that all of these devices are protected at all times. This article looks at how organizations can help prevent unauthorized access to endpoints with strong encryption and access control technologies.
As IT professionals know all too well, increasing amounts of valuable information are being stored on PCs, laptops, and removable storage devices such as hard disks and USB memory sticks.
At the same time, enterprises are rapidly recognizing the need to safeguard data on their endpoints. Loss or leakage of data from endpoints not only puts critical IP, customer data, and other sensitive information in danger of falling into the wrong hands, but it can also subject organizations to the substantial costs and embarrassing public disclosures resulting from noncompliance with state, national, and international privacy laws when legally protected information is lost.
As researcher Gartner Inc. put it in its September, 2007 report, “Magic Quadrant for Mobile Data Protection,” “Interest in data protection is fueled by liability and privacy concerns. Legislation has become commonplace to require public disclosure in the event of real or suspected mishandling of personally identifiable information. If an asset is misplaced (not just stolen), mislabeled or otherwise unaccounted for, organizations are obligated to report the breach if the data was not adequately protected. Even if information is not misused, negative public exposure is expensive and embarrassing, and it damages buyer and investor confidence.”
Given this situation, Symantec believes endpoint encryption should be applied to help protect sensitive information and interactions as part of a larger information protection strategy. When an advanced endpoint encryption solution is deployed, encryption is transparent to the end user and performed with minimal performance impact. In addition, encryption:
- Prevents the exposure of sensitive data should a laptop be lost or stolen
- Assures protection for desktops and laptops against unauthorized access
- Meets government directives and regulations.
Endpoint encryption provides a number of concrete business benefits as well. For example, it can eliminate the legal liabilities of a data breach. It can also reduce the time and cost of privacy compliance. Perhaps most important, endpoint encryption can be used to prove that no information has been lost.
Consider the California Security Breach Information Act, which requires companies that do business in California, or that have customers in the state, to notify those customers promptly whenever specific personal information may have been exposed to unauthorized parties. The Act establishes encryption as a “safe harbor” against the requirement to notify.
Symantec Endpoint Encryption
offers both full disk encryption and removable storage encryption capabilities. Symantec Endpoint Encryption - Full Disk Edition is the full disk encryption component, designed to protect data on the hard drive of Microsoft Windows-based machines. It allows IT administrators to encrypt the hard drive to protect information and prevent the exposure of sensitive data should a machine be lost or stolen. The encryption technology is designed to be transparent to the end user and performed with minimal performance impact.
Symantec Endpoint Encryption – Removable Storage Edition is the removable storage component, designed to protect data on USB, Firewire, Compact Flash, iPod, CD, DVDs, and other storage devices and removable media. It encrypts files defined by central policy and on the fly when copied to removable media. The bottom line: Businesses can maximize the productivity benefits of using removable storage devices while minimizing the risks these devices pose to data security.
From compliance fines to loss of intellectual property, brand equity, and customer confidence, the consequences of failing to protect sensitive or legally protected data on endpoints can reverberate through the enterprise. Organizations need to reduce or eliminate the risks associated with data breaches by securing information no matter where it is at all stages of its lifecycle.
Designed to help customers protect sensitive information and mitigate the increasing risks of data loss, Symantec Endpoint Encryption is a scalable, enterprise-wide security offering that prevents unauthorized access to endpoints with strong encryption and access control technologies.