Sophos: 70% of businesses concerned about data leakage via email
November 2007 by Sophos
Research conducted by IT security and control firm Sophos has revealed that 70% of businesses are concerned about sensitive material falling into the wrong hands as a result of data leakage via email. A further 50% of employees admit to having accidentally sent an embarrassing or sensitive email to the wrong person from the workplace, demonstrating that email leakage is a very real concern. Sophos experts note that it can potentially cause corporate embarrassment, compliance breaches and the loss of business critical information.
"As more and more business, and indeed personal interaction, is conducted via work email, the risk of slipping up and clicking send without double-checking the recipient’s details is ever-growing," said Graham Cluley, senior technology consultant at Sophos. "The fact that as many as half of employees have experienced that heart-stopping moment when they realise that their message is hurtling towards the wrong person shows that the human error factor is too significant to ignore. Businesses would be wise to check that their email security solutions have the facility to prevent this from happening by identifying when sensitive data or attachments are contained in the message, and if they don’t, to consider a more water-tight alternative."
To combat the risk of leaked information, Sophos recommends that companies install an email security solution that enables them to scan messages for sensitive data and keywords, and that uses encryption to ensure that business critical emails are sent securely. Furthermore, an effective appliance will identify and block confidential attachments, including those that have had their file type altered by the sender. This will ensure that accidental email loss and leakage by malicious intent are both thwarted.
"The vast majority of data leakages via email are purely accidental, so companies that put a solid solution and security policy in place, and those that educate employees on responsible email use, will mitigate the risks and dramatically reduce the possibility of critical data loss," said Cluley.
Related articles:
- Sophos: Jailed Panda Worm author "rewarded" by job offer frome one of jis victims
- Sophos: Network Access Control needed to secure all desktop, mobile and guest network users
- Sophos: Malicious PDF files accounted for up to two thirds of infected email in three day spam campaign
- Sophos: Managed appliances boost security and simplify email policy enforcement
- Sophos: Over 50% of people polled admit they have stolen Wi-Fi internet access
- Sophos: Survey shows 93% concerned that they don’t know what security measures are in place, as Government admits 25m records lost
- Sophos Reports: Teenager allegedly headed international hacking ring
- Sussex Health informatics service choose Sophos in joined-up NHS IT Security initiative
- Hackers fail to take a holiday break as Sophos sees 2008 malware attacks gather steam
- Sophos: Don’t fall in love with the storm trojan horse
- Sophos : New web appliance delivers improved reporting capability and security filtering
- Sophos: First Virus writer arrester arrested in Japan... for breaching