Lessons Learned From WikiLeaks: Not So Much

IT and security professionals routinely use USBs, smartphones, and tablets to move and back up confidential files, yet their organizations havent made changes in the wake of the WikiLeaks leaks

Maybe the massive disclosure of diplomatic memos from the U.S. State Department by WikiLeaks didnt serve as much of a cautionary tale for preventing the leak of sensitive data after all: Most IT and security professionals say they use USBs, smartphones, and tablets to move and back up confidential files, and 65 percent say they dont have a handle on what files and data leave the enterprise, a new survey says.
The survey of 200 IT and security pros at the RSA Conference last month in San Francisco revealed some risky practices by users who theoretically should know better -- including 77 percent saying that they send payroll, customer data, financial, and other classified information via unsecured email monthly.
One thing we know is that people do what they need to do to be productive, and they find their own mechanisms to do this better. This is not malicious, but it puts companies at risk, says Hugh Garber, product marketing manager for Ipswitch, which conducted the survey. If theres not a tool, they use their own stuff -- a lot are turning to USB drives, file-sharing sites, and their personal email [if corporate email restricts file-size attachments, for instance]. And that just enforces lower visibility to IT and brings more risk.
And when it comes to the infamous WikiLeaks incident, more than 40 percent of the respondents say their companies have basically dismissed the security implications of it. Nearly 30 percent say their companies talked about the risks that the WikiLeaks incident highlighted, but they didnt make any major security changes in response.
Out of WikiLeaks we saw people blaming the devices instead of taking control of their data, Garber says. Blaming a data breach on a portable device is like blaming a bank robbery on white vans.
Around 57 percent of the respondents say they save work files to these external devices on a weekly basis or more, an 11 percent increase over a similar survey conducted by Ipswitch in 2010. Were seeing a lot more people backing up their data on portable media -- a lot that is personally owned and easily lost or stolen, Garber notes.
But theres hope: Forty percent say the protection of sensitive information is their top priority for 2011. That statistic is an indication that ... no one wants to be the next data-breach headline, Garber says. I wish this was a higher number, but I predict it will be double that next year.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Lessons Learned From WikiLeaks: Not So Much