|
|
 |
|
Off-Network Security: A Crisis at Hand
 When Redemtech first considered a survey to measure the severity of the current off-network data security crisis, the reasons to investigate the topic were abundant.
One need only to scan the Internet or tune into any broadcast news coverage to learn of sad examples of the crisis that is impacting business enterprises across the U.S. and around the globe…
- A major financial services firm reports the loss of a laptop computer from its corporate office containing sensitive personal and financial information, including Social Security numbers, for 33,000 employees
- A state government intern leaves in an unlocked car a laptop computer containing personal information on 1.2 million taxpayers
- Electronic medical files containing private health details of 10,000 hospital patients disappear when a hired contractor loses an end-of-lifecycle hard drive in transit to a disposition site
A panel of eWEEK Editors recently published their list of the most costly and painful data breaches of all-time. Half of the most damaging data breaches ever involved off-network security.
Does this surprise you? It shouldn’t. According to research by the Ponemon Institute, off-network security is the source of 75% of all data breaches. A study by the University of Washington came to a similar conclusion. It found that 61% of breaches were the result of corporate mismanagement of data or data-bearing assets, compared to just 31% resulting from malicious hackers.
Clearly data is at significant risk when computers are disconnected from the network.
Off-Network Data: The Security Blind Spot
Breaches of protected personal information have become routine news and continue to occur with metronomic regulatory for one simple reason: though sparing no expense to guard the security of their networks, corporations often fail to protect data on devices once they are removed from the network.
The sad truth is that most security practices devote limited attention and few resources to this vulnerable phase in the lifecycle—when assets are virtually invisible to automated forms of monitoring.
Redemtech believes it is time to face the off-network crisis – and close this critical security gap. It’s one of the reasons we have created a Security and Asset Protection Practice to audit physical security and chain-of-custody control of data-bearing assets along the entire supply chain. It’s also why we have commissioned the Ponemon Institute to study the policies and procedures that business and government enterprises employ to secure confidential data on off-network, data-bearing electronic equipment.
National Survey: The Insecurity of Off-Network Security
The research report, National Survey: The Insecurity of Off-Network Security, independently conducted by the Ponemon Institute and sponsored by Redemtech, reveals that while a vast majority of data breaches involve off-network equipment, limited resources are expended to manage this vulnerability.
In fact, of the 735 senior IT security professionals who participated in this study, 68% said they lack confidence their organization’s procedures and controls will prevent the loss of confidential information from data-bearing equipment taken off network.
Findings from this study were presented by Dr. Larry Ponemon, chairman and founder of Ponemon Institute, during the 2007 Privacy Symposium at Harvard University. Some of the most salient include:
- 62% of study respondents confirm that or are unsure if their off-network equipment contains unprotected sensitive or confidential information
- Yet 39% do not view the management of off-network data bearing equipment a critical component to security
- 70% of data breaches result from the loss of off-network equipment
- 30% percent say they would never detect the loss or theft of confidential data from off-network equipment
Register now to access the full report National Survey: The Insecurity of Off-Network Security. When registering, you may subscribe to Redemtech’s free news services and will also receive access to all white papers, research material and regulatory databases contained on this site.
 |
| Looking for more information? |
|
|
|
 |
|
Preventing High Profile Data Breaches: A Root Cause Approach |
|
|
|
|
New research reveals that 73% of organizations report loss or theft of data-bearing assets in the past two years. Could it be that we’re so busy locking down the front door that the back door is swinging wide open? What we really need is cradle to grave diligence over all data-bearing assets, including systems not connected to the network. In this on-demand CIO Magazine webcast, experts from Ponemon Institute, Morrison & Foerster and Redemtech explore the likely causes of loss to tactics used to secure off-network devices. View webcast on-demand › |
|
|
 |
|
Preventing Off-Network Data Breaches: Best Practices for Securing the Final Mile |
|
|
|
|
Seventy percent of all data breaches result from the loss or theft of data-bearing equipment, according to the Ponemon Institute study National Survey: The Insecurity of Off-Network Security. Such exposures of protected personal information are persistent because corporations often neglect to protect data on devices once they are removed from service, i.e., taken off-network. Learn six off-network security processes every organization should employ to ensure assets are protected as they move through, and outside, the enterprise. |
|
|
|
|
Off-Network Security Remediation |
|
|
|
|
Business enterprises must protect all off-network technology in order to avoid costly data security breaches. Redemtech President and Founder Robert Houghton addresses the importance of confronting the real potential for data security incidents with appropriate physical control of all IT assets, especially those data-bearing devices that exist off-network, and applying chain-of-custody tracking, logistics, audits and sanitization before proper disposition, especially in light of regulatory compliance requirements. Ponemon Institute RIM Council Presentation. |
|
|
|
|
Key Privacy Challenges of the New Century |
|
|
|
|
Ponemon Institute founder Dr. Larry Ponemon offers perspectives on privacy and data security issues, and the value of both to business enterprises. Results of the study National Survey: The Insecurity of Off-Network Security, commissioned by Redemtech, are shared along with discussion of privacy and data protection needs and practices of diverse organizations in various industries. Presentation from the 2007 Privacy Symposium at Harvard University. |
|
|
|
|
Off-Network Security Fact Sheet |
|
|
|
|
Learn what situations make off-network equipment particularly vulnerable and what you can do to safeguard data-bearing assets placed in storage or transitioned for reuse, resale or retirement. |
|
|
|
|
Off-Track Security: Implications for Privacy and Data Protection |
|
|
|
|
What are companies doing to secure confidential data off-network? Not enough says Larry Ponemon, founder of research think-tank Ponemon Institute. Dr. Ponemon discusses the offhanded practices for off-network security currently employed in corporate America in this (re)news guest article. |
|
|
|
|
Off-Network Data Needs Protection Too |
|
|
|
|
The chance for a security breach increases dramatically as soon as data-bearing equipment is disconnected from a network. In this (re)news feature article, learn common mistakes that cause security breaches with off-network equipment, consequences for not taking appropriate measures, and some best practices to keep your assets secured. |
|
|
|
|
'Off-Network Data' Is Major Security Threat For Companies |
|
|
|
|
With recent security breaches at the likes of Boeing, the Veteran's Administration and the FBI making headlines, a Ponemon Institute study finds that 70% of breaches result from the loss of off-network equipment—and it's possible that the numbers are worse than reported. InformationWeek |
|
|
|
|
Off-Network Security Off-Track |
|
|
|
|
An organization's confidential data is as much at risk off-network as on-network, but resources allocated to protection are completely out of proportion to the risk, says Dr. Larry Ponemon in this (re)blog post. |
|
|
|
|
Doors Locked, Windows Wide Open |
|
|
|
|
Despite billions spent on IT security, new Ponemon Institute study finds most corporations are failing to address the root cause of more than half of all data breaches, says Redemtech President Bob Houghton in this (re)blog post. |
|
|
|
|
Data lingers in off-network devices |
|
|
|
|
Data breaches could be avoided if companies did a better job of managing and defending information stored on devices that move off of corporate networks, according to a new report published by the Ponemon Institute. InfoWorld |
|
|
|
|
Survey: Security policies neglect off-network devices |
|
|
|
|
Most companies don't have policies in place to protect corporate data on electronic devices that leave the confines of the network, Ponemon Institute study finds. NetworkWorld |
|
|
|
|
Ponemon: Off-network security is a huge problem |
|
|
|
|
Ponemon Institute founder explains why companies that don't secure their data and devices when they leave the safety of the network are at risk for security breaches. NetworkWorld |
|
|
|
|
